Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OPenvpn conenctet but lan no accessible

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 664 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pachiko
      last edited by

      Hi,
      I configured an new pfsense server withe openvpn, the client cant connect and get the IP adresse

      But i can not ping pfsense server, and pc in lan.

      Pfsense is the gateway( wan with a public IP adresse ).
      PFsense lan: 192.168.20.x

      Client lan: 192.168.30.x

      Server config:
      dev ovpns1
      verb 1
      dev-type tun
      tun-ipv6
      dev-node /dev/tun1
      writepid /var/run/openvpn_server1.pid
      #user nobody
      #group nobody
      script-security 3
      daemon
      keepalive 10 60
      ping-timer-rem
      persist-tun
      persist-key
      proto udp
      cipher BF-CBC
      auth SHA1
      up /usr/local/sbin/ovpn-linkup
      down /usr/local/sbin/ovpn-linkdown
      client-connect /usr/local/sbin/openvpn.attributes.sh
      client-disconnect /usr/local/sbin/openvpn.attributes.sh
      local server public ip
      tls-server
      server 192.168.30.0 255.255.255.0
      client-config-dir /var/etc/openvpn-csc
      username-as-common-name
      auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user 'Local Database' false server1" via-env
      tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'user' 1"
      lport 1200
      management /var/etc/openvpn/server1.sock unix
      push "route 192.168.20.0 255.255.255.0"
      ca /var/etc/openvpn/server1.ca
      cert /var/etc/openvpn/server1.cert
      key /var/etc/openvpn/server1.key
      dh /etc/dh-parameters.1024
      tls-auth /var/etc/openvpn/server1.tls-auth 0
      persist-remote-ip
      float
      push "route 192.168.20.0 255.255.255.0"

      Thank you

      1 Reply Last reply Reply Quote 0
      • P
        pachiko
        last edited by

        For information, the openvpn client is executed by admintrator !!

        1 Reply Last reply Reply Quote 0
        • P
          phil.davis
          last edited by

          You need rule/s on Firewall->Rules, OpenVPN tab, to allow traffic from source OpenVPN tunnel 192.168.30.0/24 to destination LANnet 192.168.20.0/24 - or for a start put a pass all rule (protocol all source any destination any).

          As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
          If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.