[SOLVED] The problem with routing of OpenVPN

lkudlacek · December 15, 2016, 11:21:32 PM

Hello,

I need to create route between two networks and I don`t know how to...

WAN: xyz
LAN: 192.168.10.100

Open VPN server on OPNSense: 192.168.50.1

A client is connected to VPN with IP for example 192.168.50.2 - that works.
And I need the following:

- client in network 192.168.50.0 has to connect to network 192.168.10.0

It is simply but I don`t know... Can I get any advice, please? :-)
Thanks

chemlud · December 16, 2016, 09:08:42 AM

Do you have any firewall rules on the openvpn tab?

lkudlacek · December 16, 2016, 11:05:47 AM

Tab LAN:
        Proto    Source    Port    Destination    Port    Gateway    Schedule    Description
      *      *      *      LAN Address 80
22      *         Anti-Lockout Rule
      IPv4 *      *      *      *      *            Default allow LAN to any rule

Tab OPENVPN:

        Proto    Source    Port    Destination    Port    Gateway    Schedule    Description
      IPv4 *    *    *    *    *    *

bartjsmit · December 16, 2016, 12:54:22 PM

Is OPNsense the default gateway for hosts on the 192.168.10.0/24 network?

Do you have 'Redirect Gateway' enabled on the OpenVPN tunnel settings?

Are the network masks for each subnet set to /24 on all devices?

Bart...

lkudlacek · December 17, 2016, 04:55:54 AM

QuoteIs OPNsense the default gateway for hosts on the 192.168.10.0/24 network?

Where can I get this information, please?
EDIT: No...default gateway for hosts in network 192.168.10.0/24 is 192.168.10.31. OPNsense has LAN IP 192.168.10.100

QuoteDo you have 'Redirect Gateway' enabled on the OpenVPN tunnel settings?

No...I enabled "redirect gateway" now in VPN -> OpenVPN -> Servers -> 'My settings'

QuoteAre the network masks for each subnet set to /24 on all devices?

Yes...192.168.10.0/24 and 192.168.50.0/24, too.

lkudlacek · December 17, 2016, 05:17:53 PM

I discovered that afted connect to VPN ping answers on LAN interface:

I get IP 192.168.50.2 (openVPN IP) and ping answers to 192.168.10.1 (The IP on my LAN interface in OPNsense)
But I don`t see more machines in network 192.168.10.0/24..I see only LAN interface on my OPNsense.

Any firewall rule yet?
My routing table on my local machine when "Redirect Gateway" is enabled on OPNsense server.

Destination Gateway Genmask Flags Metrik Ref Use Iface
default 192.168.50.1 128.0.0.0 UG 0 0 0 tun0
default 192.168.2.1 0.0.0.0 UG 100 0 0 enp2s0
192.168.10.0 192.168.50.1 255.255.255.0 UG 0 0 0 tun0
192.168.50.0 * 255.255.255.0 U 0 0 0 tun0
128.0.0.0 192.168.50.1 128.0.0.0 UG 0 0 0 tun0
link-local * 255.255.0.0 U 1000 0 0 enp2s0
192.168.2.0 * 255.255.255.0 U 100 0 0 enp2s0
xxx.xxx.xxx.xxx 192.168.2.1 255.255.255.255 UGH 0 0 0 enp2s0 (xxx.xxx.xxx.xxx = public IP OPNsense server)

192.168.2.0/24 = my local network at home

lkudlacek · December 17, 2016, 06:10:35 PM

My routing table (on my local computer) when "Redirect Gateway" is not enabled on OPNsense server:

Destination Gateway Genmask Flags Metrik Ref Use Iface
default 192.168.2.1 0.0.0.0 UG 100 0 0 enp2s0
192.168.10.0 192.168.50.1 255.255.255.0 UG 0 0 0 tun0
192.168.50.0 * 255.255.255.0 U 0 0 0 tun0
link-local * 255.255.0.0 U 1000 0 0 enp2s0
192.168.2.0 * 255.255.255.0 U 100 0 0 enp2s0

lkudlacek · December 17, 2016, 06:19:35 PM

QuoteIs OPNsense the default gateway for hosts on the 192.168.10.0/24 network?

No...default gateway for hosts in network 192.168.10.0/24 is 192.168.10.31

OPNsense has LAN IP 192.168.10.100

Routing table on OPNsense server
# netstat -rn
Routing tables

Internet:
Destination Gateway Flags Netif Expire
default <my public gateway> UGS bge0
192.168.10.0 link#2 U bge1
192.168.10.100 link#2 UHS lo0
192.168.50.0 192.168.50.1 UGS ovpns1
192.168.50.1 link#7 UHS lo0
192.168.50.2 link#7 UH ovpns1 (OVPN client = my local machine)
127.0.0.1 link#6 UH lo0
<my public network>/30 link#1 U bge0
<my public IP> link#1 UHS lo0

From this server the ping answers to virtual machines in network 192.168.10.0/24. From this server ping works.
From my local machine (after connecting to openvpn) doesn`t work. (the ping answers only to IP 192.168.10.100 = LAN interface on OPNsense server)

What is it for gateway link#1, link#2 ...what is IP, please?

lkudlacek · December 18, 2016, 01:15:52 PM

Wow....It is working now!!

The key question was:
"Is OPNsense the default gateway for hosts on the 192.168.10.0/24 network?"

The solution:
If OPNsense is not default gateway for network 192.168.10.0/24 then it is need to create this gateway.
Default gateway for network 192.168.10.0/24 is 192.168.10.31 (in my example).

I created in OPNsense new gateway:

System > Gateways > All ---> Add Gateway
Interface: LAN
Address Family: IPv4
Name: Test
Gateway: 192.168.10.31
........
SAVE

In Interface LAN:
Interfaces > LAN > scroll down to IPv4 Upstream Gateway > choose "Test"
SAVE

Done...

Thanks very much for help "bartjsmit".
+

Jeromeb · April 24, 2021, 09:49:07 AM

OMG! Thx i haved the same problem, you save my life dude!

[SOLVED] The problem with routing of OpenVPN

lkudlacek

December 15, 2016, 11:21:32 PM Last Edit: December 18, 2016, 01:17:09 PM by lkudlacek

chemlud

December 16, 2016, 09:08:42 AM #1

lkudlacek

December 16, 2016, 11:05:47 AM #2

bartjsmit

December 16, 2016, 12:54:22 PM #3

lkudlacek

December 17, 2016, 04:55:54 AM #4 Last Edit: December 18, 2016, 12:30:37 PM by lkudlacek

lkudlacek

December 17, 2016, 05:17:53 PM #5 Last Edit: December 17, 2016, 11:14:03 PM by lkudlacek

lkudlacek

December 17, 2016, 06:10:35 PM #6 Last Edit: December 17, 2016, 11:14:55 PM by lkudlacek

lkudlacek

December 17, 2016, 06:19:35 PM #7 Last Edit: December 18, 2016, 12:38:15 PM by lkudlacek

lkudlacek

December 18, 2016, 01:15:52 PM #8

Jeromeb

April 24, 2021, 09:49:07 AM #9