1. Home
  2. pfSense® Software
  3. OpenVPN
  4. [Solved] Unable to access LAN network using OpenVPN

[Solved] Unable to access LAN network using OpenVPN

  • A

    Hi There,

    I've just set-up OpenVPN and I can connect to it but not been able to access the LAN network.

    I've given same IP to pfsense as LAN. as seen below;
    pfsense IP: 10.100.1.20/24

    LAN network
    –--------------
    network & mask bit: 10.100.1.0/24
    LAN network gateway: 10.100.1.254






    0
  • johnpoz
    LAYER 8 Global Moderator

    pfsense IP: 10.100.1.20/24
    LAN network gateway: 10.100.1.254

    so your lan interface on pfsense is 10.100.1.20, what is the gateway???  lan interfaces do not have gateways set.. If the gateway for your lan devices are not pfsense then no how would vpn clients talk to you lan because lan clients would be going to their gateway to talk to the remove client IP vs going back to pfsense to go down the vpn tunnel to get to the vpn client.

    0
  • A

    Hi,

    As you said, there is no gateway on pfsense lan. And I've used a direct cable for wan.

    Do I have to add a route or just if I add a gateway to lan, will work?

    0
  • C

    Look at client setting (in openvpn tab) and set the "IPv4 Remote Network/s" with remote network (here you LAN) you want to access. (you can do it in the overrides section too)
    Then let us know ;-)

    0
  • V

    Hi,

    since your LAN hosts use another default gateway than the pfSense LAN IP they send response packets to request from OpenVPn not to pfSense, but rather to their known gateway. However, there is the destination IP unknown and the packets will be dropped.

    You can resolve this by three ways:

    • If the other gateway is able to route between the hosts you want to access and pfSense add a static route to this gateway to route traffic to your tunnel network over pfSense.

    • If not add the route to your hosts.

    • If these hosts are plenty and you are lazy add an outbound NAT rule to pfSense to translate the OpenVPN client IP to LAN-IP at LAN interface. Consider that this way any client packets arrive with source = pfSense LAN at your hosts.

    0
  • A

    Hi There,

    I've resolved this by changing the gateway from existing to pfsense IP which then will clients to communicate pfsense as the gateway.

    Now, I'm able to access the said network.

    Thanks!

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy