No access to LAN over OpenVPN
-
NAS4Free box is using 10.10.10.1 as the gateway.
When I add a static route to the VPN network inside NAS4free - it becomes instantly accessible.
Network is Internet modem -> pfsense -> LAN -> two laptops with one of them running NAS4free inside a VM.
I can access the NAS4free from any machine on the LAN just fine.
Where do I get the server config?
-
-
Diagnostics -> Edit file
-
Navigate to "/var/etc/openvpn" and post the contents of "server1.conf"
-
-
It seems that the issue was the network mask. They overlapped. I have set VPN to be 192.168.1.* and everything came to life.
I still can't do an nslookup on one of the lan devices from the vpn client, can that be achieved?
Thank you
-
It seems that the issue was the network mask. They overlapped. I have set VPN to be 192.168.1.* and everything came to life.
I still can't do an nslookup on one of the lan devices from the vpn client, can that be achieved?
Thank you
Get away from 192.168.1.* completely. When the OpenVPN client it at somebody's home, cafe etc that has local LAN 192.168.1.0/24 then it is going to get confused having its local LAN and OpenVPN tunnel the same. Use some "random" piece of private IPv4 address space.
If you have specified "Provide a DNS server list to clients", given an internal DNS server IP address that should know the names of LAN devices, and have firewall rules that let that traffic through the tunnel, then it should work.
Post more details of the settings. -
Which Subnet would you recommend to use?
-
Use something "random". Like, 10.156.74.0/24, 192.168.219.0/24 or whatever. Also, 172.16/12 space (172.16.0.0 - 172.31.255.255) seems a whole lot less popular. 192.168.[01].* and 10.0.0.* is where some 99% of default modem/router configurations sit out there.
-
Thank you. I have changed that and also pushed the DNS servers to the clients. It seems that I can use nslookup now.
-
Just one more question in case you have knowledge on the matter.
I have checked the box: Redirect gateway in the OpenVPN server config.
I understand this makes the client use the OpenVPN server bandwidth instead of their own. So basically it's eating up the networks bandwidth when it comes to internet usage.
What if I disable this feature - would I still be able to access the LAN?
-
Of course, yes… The checkbox is only useful if you want to use OpenVPN as your WAN (i.e., direct all WAN traffic from the client via OpenVPN).
-
Once unchecked it opens up 'IPv4 Local Network/s'
Do I put the details of my LAN here? And this way only LAN traffic goes through vpn?
-
Did you consider reading the OpenVPN wiki docs?
-
I'm really tight for time with this, I'm not doing this for my own amusement and I have a deadline for configuring the entire box. Could you please give me an answer?
-
Once unchecked it opens up 'IPv4 Local Network/s'
Do I put the details of my LAN here? And this way only LAN traffic goes through vpn?
Yes, you need to tell it the subnet(s) that you want to be reached across the OpenVPN - your LAN(s)
-
Once unchecked it opens up 'IPv4 Local Network/s'
Do I put the details of my LAN here? And this way only LAN traffic goes through vpn?
Yes, you need to tell it the subnet(s) that you want to be reached across the OpenVPN - your LAN(s)
Thank you for your help. Everything seems to be working