Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN - Can't access other computers

    OpenVPN
    2
    6
    903
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BlazeStar last edited by

      Hi,

      Using pfSense 2.2.3

      I don't know if it is related to the upgrade from 2.2.2 to 2.2.3 but I can't access other computers on the network anymore.

      Connection to VPN works.
      I can access pfSense at https://192.168.1.250

      I have two servers with web interfaces at
      https://192.168.1.250
      and
      http://192.168.1.251

      I didn't use it for a few weeks, and now it doesn't work anymore.

      Only thing that changed during this time is the upgrade to 2.2.3

      Here's relevant config info:

      http://cl.ly/image/2J3m2o123S33

      Any idea what's up with that?

      1 Reply Last reply Reply Quote 0
      • B
        BlazeStar last edited by

        Additional note, in my VPN client (Viscosity), when checking out the log, I notice this:

        Jul 12 23:18:57: /sbin/ifconfig tun0 10.8.0.10 10.8.0.9 mtu 1500 netmask 255.255.255.255 up
Jul 12 23:18:57: Initialization Sequence Completed

        I'm wondering if it is normal to have a net mask of 255.255.255.255?

        What could cause this?

        In older versions of pfSense you had a place where you could specify the "Local network" that was accessible.

        1 Reply Last reply Reply Quote 0
        • johnpoz
          johnpoz LAYER 8 Global Moderator last edited by

          You got something wrong - your pic doesn't show the local ipv4 and ipv6 networks.

          I am running 2.2.3 and as you can see that is still there..

          Oh I see why its gone, your routing all traffic through the vpn.. Seed the redirect gateway checkmark you have.  No reason to put in specific routes if your sending all traffic through the tunnel.




          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-2440 2.4.5p1 | 4x SG-3100 2.4.4p3 | SG-4860 21.05.1

          1 Reply Last reply Reply Quote 0
          • johnpoz
            johnpoz LAYER 8 Global Moderator last edited by

            see my edit about your redirect of your gateway.  Attached a picture showing it.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-2440 2.4.5p1 | 4x SG-3100 2.4.4p3 | SG-4860 21.05.1

            1 Reply Last reply Reply Quote 0
            • B
              BlazeStar last edited by

              Thanks for your help!

              So that somehow works…

              Somehow because if I uncheck the "Force all client generated traffic through the tunnel." option it will show me the "IPv4 Local Network/s" field.

              So if I save it, but leave the "Force all client generated traffic through the tunnel." unchecked, the VPN connection will not work... it will connect but it will be useless.

              So in the end... by unchecking the "Force all client generated traffic through the tunnel.", it gives me access to the hidden "IPv4 Local Network/s" field, which I can modify, save, then check "Force all client generated traffic through the tunnel.", save again, and now all work!

              1 Reply Last reply Reply Quote 0
              • johnpoz
                johnpoz LAYER 8 Global Moderator last edited by

                what are you rules in your openvpn tab?

                What do you want to do?  Do you want to route all traffic through your vpn, or only use the vpn to access the networks behind the vpn?

                Do a route print from your client to see your routes

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-2440 2.4.5p1 | 4x SG-3100 2.4.4p3 | SG-4860 21.05.1

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy