Discussion:
[pfSense] Failed to Configure OpenVPN to Work With LAN Clients.
Fadhili Ngalawa
2018-03-23 14:29:49 UTC
Permalink
Hello fellow Pfsense Users,

I have tried and failed many times to configure OpenVPN using Pfsense to
work in this situation I will explain below.

In my office we have a financial information system that should be accessed
only using a network IP addresses of 192.168.200.0 which is only used by
Finance Department.

Based on this condition, I reserved a subnet 192.168.200.32/27 and configured
VPN server using Pfsense to use this local address using CIDR as required.
The local address of the whole LAN is 192.168.192.0/20.

When a user connects to Pfsense server using the Public IP, it gives IP
address to VPN users as required . But the problem comes users can not
connect to the Financial Information System server 192.168.200.10 or access
any server that is in the LAN. But it works when I put any other full
address let's say 192.168.0.1/24 as the VPN server clients IP released
addresses.

I tried to add firewall rules, it still failed but based on the time
allocated for this task, I could not experiment more so I chose Endian
Firewall to finalize the work. I really need to use Pfsense server because
it is our gateway server, and it will spare the IP address used by Endian
VPN for now.

Based on the explanations above, I kindly request for your help on this.

Thanks in advance.
Steve Yates
2018-03-23 14:36:36 UTC
Permalink
It looks like you are obfuscating/hiding the IP addresses. The two networks need two different subnets, and the OpenVPN network between them needs a third subnet. Did you add firewall rules to and from the OpenVPN interface?

Overall, we followed the steps in the pfSense/Netgate "book" (https://portal.pfsense.org/docs/book/, you get access if you bought from Netgate as I recall) and didn't have any issues setting up OpenVPN on IPv4.

--

Steve Yates
ITS, Inc.

-----Original Message-----
From: List <list-***@lists.pfsense.org> On Behalf Of Fadhili Ngalawa
Sent: Friday, March 23, 2018 9:30 AM
To: ***@lists.pfsense.org
Subject: [pfSense] Failed to Configure OpenVPN to Work With LAN Clients.

Hello fellow Pfsense Users,

I have tried and failed many times to configure OpenVPN using Pfsense to
work in this situation I will explain below.

In my office we have a financial information system that should be accessed
only using a network IP addresses of 192.168.200.0 which is only used by
Finance Department.

Based on this condition, I reserved a subnet 192.168.200.32/27 and configured
VPN server using Pfsense to use this local address using CIDR as required.
The local address of the whole LAN is 192.168.192.0/20.

When a user connects to Pfsense server using the Public IP, it gives IP
address to VPN users as required . But the problem comes users can not
connect to the Financial Information System server 192.168.200.10 or access
any server that is in the LAN. But it works when I put any other full
address let's say 192.168.0.1/24 as the VPN server clients IP released
addresses.

I tried to add firewall rules, it still failed but based on the time
allocated for this task, I could not experiment more so I chose Endian
Firewall to finalize the work. I really need to use Pfsense server because
it is our gateway server, and it will spare the IP address used by Endian
VPN for now.

Based on the explanations above, I kindly request for your help on this.

Thanks in advance.
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Continue reading on narkive:
Loading...