Not able to access servers on the LAN side (OpenVPN in pfsense)

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
pSilverby
OpenVpn Newbie
Posts: 1
Joined: Fri Dec 02, 2022 12:39 pm

Not able to access servers on the LAN side (OpenVPN in pfsense)

Post by pSilverby » Fri Dec 02, 2022 1:02 pm

Hi!

I have configured OpenVPN in Pfsense using the wizard. The status after that is that I have fully functional VPN connection from client to VPN server. However if I try to go beyond and reach another server on the LAN side it does not work.

My client gets the "tunnel ip" 172.10.20.2. I can ping the Static IP defined on LAN which is 10.0.0.5. For IPv4 Local network(s) I have defined 10.0.0.0/24.

From the OpenVPN diagnostics I can ping the server 10.0.0.10 but through the VPN I get no response. The trace route for 10.0.0.10 from my client shows the first hop to 172.10.20.1 and after that the requests timed out.

The wizard has created firewall rules for LAN and WAN as well as defined a NAT Outbound rule. I have google it for a long time know and do not find anything that resolves the issue. What can be missing from my configuration?

User avatar
ordex
OpenVPN Inc.
Posts: 444
Joined: Wed Dec 28, 2016 2:32 am
Location: IRC #openvpn-devel @ libera.chat

Re: Not able to access servers on the LAN side (OpenVPN in pfsense)

Post by ordex » Tue Dec 06, 2022 9:01 am

Hi there! This is indeed a firewall/routing issue. You may be better off asking this to the Netgate/pfSense customer support department.

User avatar
Pippin
Forum Team
Posts: 1200
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: Not able to access servers on the LAN side (OpenVPN in pfsense)

Post by Pippin » Tue Dec 06, 2022 1:17 pm

Hi,

Code: Select all

172.10.20.2
...
...
172.10.20.1
That is not RFC1918...

As ordex wrote, you will probably have more luck on https://forum.netgate.com


Moved to Off topic because routing issue *and* pfSense (GUI based).
.
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp

Post Reply