OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: EdK on October 04, 2019, 10:00:25 am

Title: Need Help to access wireless access Point after Opnsense Router via opnVPN
Post by: EdK on October 04, 2019, 10:00:25 am

Hi,

My setup as below:

Internet ----> Opnsense 19.7.4 -------> Wireless AP (SSID: test)
LAN IP              192.168.2.1                       192.168.2.100

When I am using wifi on SSID test  i can access both 192.168.2.1 and 192.168.2.100

But once am outside and VPN in to the network  (using opnsense road warrior setup) I can only access 192.168.2.1 which is Opnsense but I can't reach 192.168.2.100.

When I VPN in, my connection status show am logged in having virutal IP is 10.10.0.6

I have set all the rules at WAN and LAN as indicated in the tuitorials and I even set  manual NAT outbound (interface: OpenVPN source network : 10.10.0.0/24 destination: Any Translation/Target : 192.168.2.0/24

Title: Re: Need Help to access wireless access Point after Opnsense Router via opnVPN
Post by: rene_ on October 04, 2019, 11:39:37 am

Hello,

can you please post Screenshots from you outbound nat configuration?

Also your openvpn server and client config would be helpful (please remove critical lines, certificates and so on)

Also your routing table from the client, while connected to the vpn please.

Kind regards,
René

Title: Re: Need Help to access wireless access Point after Opnsense Router via opnVPN
Post by: bartjsmit on October 04, 2019, 12:18:44 pm

Does your AP have a route to your tunnel network? The AP either has to use OPNsense as its default gateway or have a static route like 10.10.0.0/24 via 192.168.2.1

Bart...

Title: Re: Need Help to access wireless access Point after Opnsense Router via opnVPN
Post by: EdK on October 04, 2019, 01:58:43 pm

Quote from: rene_ on October 04, 2019, 11:39:37 am

Hello,

can you please post Screenshots from you outbound nat configuration?

Also your openvpn server and client config would be helpful (please remove critical lines, certificates and so on)

Also your routing table from the client, while connected to the vpn please.

Kind regards,
René

Please see attachment. Hope I got it correctly for your viewing

Please see attachment

Title: Re: Need Help to access wireless access Point after Opnsense Router via opnVPN
Post by: EdK on October 04, 2019, 02:02:04 pm

Quote from: bartjsmit on October 04, 2019, 12:18:44 pm

Does your AP have a route to your tunnel network? The AP either has to use OPNsense as its default gateway or have a static route like 10.10.0.0/24 via 192.168.2.1

Bart...

I give the AP static IP address 192.168.2.100 on 192.168.2.0/24 subnet. I leave the gateway setting blank. Will try soon let and let you know.

Title: Re: Need Help to access wireless access Point after Opnsense Router via opnVPN
Post by: banym on October 04, 2019, 06:15:47 pm

You need the opnsense as router or a static route. Otherwise the AP will not know how it can reach the client in the openvpn network.

Title: Re: Need Help to access wireless access Point after Opnsense Router via opnVPN
Post by: EdK on October 05, 2019, 07:35:26 am

Solved! put the gateway ip onto the AP.

I just need the Opnsense router to route not statics. So I guess I can remove the Nat Outbound rule yah?

Title: Re: Need Help to access wireless access Point after Opnsense Router via opnVPN
Post by: banym on October 05, 2019, 08:59:07 am

Yes, no special outbound NAT rule should be necessary for this usecase.