Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN - Can't access other computers

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BlazeStar
      last edited by

      Hi,

      Using pfSense 2.2.3

      I don't know if it is related to the upgrade from 2.2.2 to 2.2.3 but I can't access other computers on the network anymore.

      Connection to VPN works.
      I can access pfSense at https://192.168.1.250

      I have two servers with web interfaces at
      https://192.168.1.250
      and
      http://192.168.1.251

      I didn't use it for a few weeks, and now it doesn't work anymore.

      Only thing that changed during this time is the upgrade to 2.2.3

      Here's relevant config info:

      http://cl.ly/image/2J3m2o123S33

      Any idea what's up with that?

      1 Reply Last reply Reply Quote 0
      • B
        BlazeStar
        last edited by

        Additional note, in my VPN client (Viscosity), when checking out the log, I notice this:

        Jul 12 23:18:57: /sbin/ifconfig tun0 10.8.0.10 10.8.0.9 mtu 1500 netmask 255.255.255.255 up
        Jul 12 23:18:57: Initialization Sequence Completed
        

        I'm wondering if it is normal to have a net mask of 255.255.255.255?

        What could cause this?

        In older versions of pfSense you had a place where you could specify the "Local network" that was accessible.

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          You got something wrong - your pic doesn't show the local ipv4 and ipv6 networks.

          I am running 2.2.3 and as you can see that is still there..

          Oh I see why its gone, your routing all traffic through the vpn.. Seed the redirect gateway checkmark you have.  No reason to put in specific routes if your sending all traffic through the tunnel.

          localnetowrks.png
          localnetowrks.png_thumb
          yourdefgateway.png
          yourdefgateway.png_thumb

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            see my edit about your redirect of your gateway.  Attached a picture showing it.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • B
              BlazeStar
              last edited by

              Thanks for your help!

              So that somehow works…

              Somehow because if I uncheck the "Force all client generated traffic through the tunnel." option it will show me the "IPv4 Local Network/s" field.

              So if I save it, but leave the "Force all client generated traffic through the tunnel." unchecked, the VPN connection will not work... it will connect but it will be useless.

              So in the end... by unchecking the "Force all client generated traffic through the tunnel.", it gives me access to the hidden "IPv4 Local Network/s" field, which I can modify, save, then check "Force all client generated traffic through the tunnel.", save again, and now all work!

              1 Reply Last reply Reply Quote 0
              • johnpozJ
                johnpoz LAYER 8 Global Moderator
                last edited by

                what are you rules in your openvpn tab?

                What do you want to do?  Do you want to route all traffic through your vpn, or only use the vpn to access the networks behind the vpn?

                Do a route print from your client to see your routes

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.