[SOLVED] OpenVPN Users unable to ping LAN IP addresses

[sc0ttjm]

Hi all,
I'm a brand new user and loving learning the OpnSense product so I can start to introduce it to my customers, especially those I'm migrating to the cloud that need a virtual appliance.

I have setup an OpnSense Business Edition Firewall and followed the excellent documentation to setup an OpenVPN server using TOTP Authentication and I can connect my test client with no issues.

Once Connected though, I need to be able to access the LAN based servers in the datacentre so have tried testing using ping.

My setup is:
OPNsense 20.1.9-amd64
OpenVPN Tunnel Network: 10.99.0.0/24
LAN: 192.168.123.0/24

I've connected using OpenVPN Connect and run a continuous ping from my laptop (assigned the address 10.99.0.6) to 192.168.123.10 and I get "Request Timed Out"
I've had a look at the firewall logs, live view, and filtered to show source ip = 10.99.0.6 and I can see that the
ping is being blocked by the "Default deny rule" (see attachment 1)
I've tried to find where this is and how to disable it so I can continue testing connectivity between the datacentre, openvpn users and the remote sites.

I've clicked on the "i" symbol next to it which gives more info, but as a newbie, I'm not sure how to overcome this stumbling block. (see attachment 2)

Please could somebody help me?

Thanks in advance
Scott

[sc0ttjm]

Hi,

I've managed to work it out!

After activating and setting up OpenVPN, there is new section under "Firewall" > "Rules" > "OpenVPN"
This had no rules in there so I added a new rule as follows:

Action: Pass
Interface: OpenVPN
Protocol: IPv4
Source: OpenVPN net
Destination: LAN net

and now ping is working.

Thanks
Scott

[sc0ttjm]

Now, how do I mark this as solved?

[AdSchellevis]

Thanks for letting us know, you can change the titel of the topic, which I've just done for you.