Access OpenVPN remote network from LAN



  • Hi.

    I put up an OpenVPN-Client on my pfSense that is connecting to my(remote)  NAS. If I log into my pfSense I can ping the NAS on 10.8.0.1 (VPN-Server) just fine. I can't do this from the rest of my local network.

    pfSense can ping, pfSense is default gateway - what am I missing? There should be no need to NAT or something, right? :-/

    Requests (like ICMP) are not blocked by the firewall - but I never get an answer…

    Guess I made some stupid mistake?

    thanks for your help.

    cheers
    mene

    here's my config:



  • I'm a little bit fuzzy on your setup, is it something like:

    ISP/Modem->(WAN)pfSense(LAN)-> LAN subnet. PC's,etc
                                                     
                                                    OpenVPN ->NAS subnet, NAS

    If so, why do you want your NAS on a subnet created via OpenVPN?
    Presumably the LAN and OpenVPN subnets are in the same building or is there some other reason to try and split them using OpenVPN rather than just using a separate interface and adding the rules you need?

    If I'm wrong and your NAS is remote and connecting via the WAN interface, you might want to make sure the NAS understands that your 192.168.100.x subnet is valid for traffic.



  • Hi.

    Yep - the NAS is not in the same building but connected over WAN.

    If I log in to the pfSense via SSH I can ping/SSH the NAS like I should. If I try the same directly from my Linux-Desktop I can't (timeout). So I guess it's some kind of (hopefully simple?) routing-Issue to make the 10.8.0.1/32 (NAS-/OpenVPN-Server) available in my 192.168.100.0/24 (LAN).

    thanks for your help.

    cheers
    mene



  • You will either need to add a static route to your VPN server to direct packets with destination inside your LAN 192.168.100.0/24 to the VPN clients IP or you do NAT and add an outbound NAT rule to translate the source address to interface address at VPN interface.


Log in to reply