"
Hi,
I have trouble routing traffic over VPN tunnel for Windows client in Road Warrior setup. I've followed these steps enough times, no joy:
https://docs.opnsense.org/manual/how-tos/ipsec-rw-srv-mschapv2.html
https://docs.opnsense.org/manual/how-tos/ipsec-rw-w7.html
My internal network is 10.5.1.0/24, and client network is 192.168.222.0/24. In Phase 2 I tried using both, actual LAN network and "Network" with manually provided network address.
"Use this gateway" is disabled on the client, I only need traffic for my office network to be routed through VPN.
Result:
- Client connects to opnsense - which is good
- Client always gets IP address 192.168.222.1 assigned to it, and routes traffic for 192.168.222.0/24 through it - good
- Static IP assignment on client side has no effect on it, it still gets the same 192.168.222.1 - strange but ok
- Any other traffic is routed via local NIC, including one for my internal network 10.5.1.0/24 - so the client is not reaching out office via VPN
Questions:
1. Client -> Office connectivity: how do I make Win11 client to route traffic for my internal network 10.5.1.0/24 via VPN adapter? Manually adding route does not look right because the next time the client can obtain different address from 192.168.222.0/24 range. Sending all traffic through VPN adapter is not an option.
2. Office -> Client connectivity: How do I make my VPN clients accessible for computers in my internal LAN 10.5.1.0/24?
I have trouble routing traffic over VPN tunnel for Windows client in Road Warrior setup. I've followed these steps enough times, no joy:
https://docs.opnsense.org/manual/how-tos/ipsec-rw-srv-mschapv2.html
https://docs.opnsense.org/manual/how-tos/ipsec-rw-w7.html
My internal network is 10.5.1.0/24, and client network is 192.168.222.0/24. In Phase 2 I tried using both, actual LAN network and "Network" with manually provided network address.
"Use this gateway" is disabled on the client, I only need traffic for my office network to be routed through VPN.
Result:
- Client connects to opnsense - which is good
- Client always gets IP address 192.168.222.1 assigned to it, and routes traffic for 192.168.222.0/24 through it - good
- Static IP assignment on client side has no effect on it, it still gets the same 192.168.222.1 - strange but ok
- Any other traffic is routed via local NIC, including one for my internal network 10.5.1.0/24 - so the client is not reaching out office via VPN
Questions:
1. Client -> Office connectivity: how do I make Win11 client to route traffic for my internal network 10.5.1.0/24 via VPN adapter? Manually adding route does not look right because the next time the client can obtain different address from 192.168.222.0/24 range. Sending all traffic through VPN adapter is not an option.
2. Office -> Client connectivity: How do I make my VPN clients accessible for computers in my internal LAN 10.5.1.0/24?
