OPNsense Forum

English Forums => Virtual private networks => Topic started by: p0ddie on November 26, 2020, 05:25:57 pm

Title: OpenVPN: only one of two subnets accessible, can't figure out why
Post by: p0ddie on November 26, 2020, 05:25:57 pm

I have an OPNsense gateway set up for openvpn. I have 3 separated internal networks, each on their own physical ethernet interface. These networks are firewalled with a simple deny network 1 to access 2 and 3 rule. I deactivated these rules temporarily, no fix for my problem.

I have the following networks:

OpenVPN network: 172.30.17.*
Network A:
Network B:

Main problem: Road warrior dial-in for all users is successful, they can access network A but not network B.

In VPN: OpenVPN: Server, I have both routes under "local IPv4 network":,

Firewall: Rules: OpenVPN wizard rule:

Interface: OpenVPN
Direction: in (there is no "out rule", access till works, I added one temporarily but it did not fix anything)
Protocol/Source/Target: any

Interesting: the rule shows ipv4/6, when I click to edit the rule, it says only ipv4. I don't need ipv6 anyway. GUI bug?

I am using Viscosity on Mac as a client.

Upon connecting, the client routing table looks as follows:

Destination        Gateway            Flags        Netif Expire
default        UGSc           en0       
default          UGScI       utun10       
10.7.32/24        UGSc        utun10       
10.15.90/24        UGSc        utun10   

The gateway's log shows:

vpnusername/ SENT CONTROL [vpnusername]: 'PUSH_REPLY,route,route,dhcp-option DNS,route,topology net30,ping 10,ping-restart 60,ifconfig,peer-id 0,cipher AES-256-GCM' (status=1)

So the route is there.

What am I missing?

Thanks, guys!