Cannot ping some devices across openvpn

  • Hello,

    I have a strange issue with OpenVPN.
    I can ping and access some devices fine, but cannot access to some others..

    My setup is simple : my LAN net my OpenVPN net is my PfSense address on lan. is a Netgear NAS (its gateway is is a random printer (its gateway is

    If i try to ping as follow from pfsense/diagnostic/ping :
    ping from LAN : OK
    ping from LAN : OK
    ping from OpenVPN : KO
    ping from OpenVPN : OK

    I have exactly same symptoms with diagnostic/test ports.
    test port 80 from LAN : OK
    test port 80 from LAN : OK
    test port 80 from OpenVPN : KO
    test port 80 from OpenVPN : OK

    Also, i cannot NAT anything to

    Im away from this device atm (and can't access it) but im pretty sure JumboFrames is enabled on this device. I don't know about MTU. Could it be the reason ?
    If so, is there any way to sort it out without touching NAS settings ?

    Thanks a lot for your help.

  • Post your openvpn config (server1.conf).

  • Thank you Marvosa. Here it is.

    dev ovpns1
    verb 1
    dev-type tun
    dev-node /dev/tun1
    writepid /var/run/
    #user nobody
    #group nobody
    script-security 3
    keepalive 10 60
    proto tcp-server
    cipher AES-256-CBC
    auth SHA1
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    client-connect /usr/local/sbin/
    client-disconnect /usr/local/sbin/
    client-config-dir /var/etc/openvpn-csc
    auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user 'Local Database' false server1" via-env
    tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'EK-CERT-VPN' 1 "
    lport 443
    management /var/etc/openvpn/server1.sock unix
    max-clients 5
    push "route"
    push "dhcp-option DOMAIN ek.local"
    push "dhcp-option DNS"
    push "register-dns"
    push "dhcp-option NTP"
    ca /var/etc/openvpn/ 
    cert /var/etc/openvpn/server1.cert 
    key /var/etc/openvpn/server1.key 
    dh /etc/dh-parameters.2048
    tls-auth /var/etc/openvpn/server1.tls-auth 0

  • LAYER 8 Global Moderator

    you sure your nas doesn't have a firewall blocking access from anything not on its own network… This is very common!!!

  • The NAS is quite old and does not have such a rule (in appearance in web interface). I'll try to have a look at it more closely (and see if i can access it via putty or something) but i doubt. That would be strange for a NAS to sell it builtin with such a rule.

  • The config looks ok.  So, there's a couple things:

    • Make sure there's a route to in your client's routing table upon connection.  If not, verify that you're running the OpenVPN client as admin.

    • It looks like you're double NAT'ing.  If you have access to the modem or edge device, the easiest fix is to put your modem in to bridge mode, so PFsense gets a public IP and everything will start working.  Otherwise, you may need to add a route to the edge device that points the OpenVPN tunnel network towards PFsense.

Log in to reply