Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
OpenVPN server for LAN Access
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenVPN server for LAN Access (Read 4807 times)
Pungon
Newbie
Posts: 3
Karma: 0
OpenVPN server for LAN Access
«
on:
February 13, 2019, 02:48:37 pm »
Hi!
I want to access the LAN of my OpnSense firewall from the outside.
I've already made the proper setup and i'm able to connect to the VPN from the outside and the internet traffic is sucessfully routed trought the firewall. My main issue right now is that i'm unable to ping/access any host on the LAN.
My configuration :
https://imgur.com/a/D1DNrpH
(if not inclued then default)
My LAN is 10.0.0.0/8 and my DNS is 10.10.10.50
Does anyone have an idea?
Thanks
Logged
myksto
Full Member
Posts: 106
Karma: 6
Re: OpenVPN server for LAN Access
«
Reply #1 on:
February 13, 2019, 03:17:16 pm »
Hi.
I can't see any rule from your VPN network to your LAN network.
Do some test connecting through the VPN, pinging some hosts inside your LAN, looking at the firewall logs: you should see that your ICMP packets are blocked by the firewall.
If that's the case, create the appropriate rules to permit access to the services you need from the VPN to the LAN and you should be ok.
Cheers,
Michele.
«
Last Edit: February 13, 2019, 03:31:07 pm by myksto
»
Logged
Pungon
Newbie
Posts: 3
Karma: 0
Re: OpenVPN server for LAN Access
«
Reply #2 on:
February 13, 2019, 03:42:40 pm »
I have this rule on the OpenVPN interface :
https://i.imgur.com/t14XCok.png
I don't know if it's enough or i need to create a rule on the LAN interface.
Logged
myksto
Full Member
Posts: 106
Karma: 6
Re: OpenVPN server for LAN Access
«
Reply #3 on:
February 13, 2019, 03:50:26 pm »
You omitted to attach the VPN rules before...
Anyway with that rule you permit everything to everywhere from the VPN network (a bit dangerous on my opinion) and you should be able to connect to your hosts on the LAN segment. No need to create any rule on the LAN network.
What kind of services are you trying? Rdp, ftp, icmp, ecc.?
What is showing in your firewall logs? I mean, do your packets reach your LAN hosts or not?
Cheers,
Michele.
Logged
Pungon
Newbie
Posts: 3
Karma: 0
Re: OpenVPN server for LAN Access
«
Reply #4 on:
February 13, 2019, 04:06:13 pm »
I'm trying with the HTTP protocol but i can't see any request from the OpenVPN interface on the firewall log
I think the problem is from my OpenVPN settings, not from the firewall itself.
Logged
myksto
Full Member
Posts: 106
Karma: 6
Re: OpenVPN server for LAN Access
«
Reply #5 on:
February 13, 2019, 04:28:14 pm »
If you can't see anything in firewall logs it should be for these reasons:
packets from VPN client don't reach the firewall
packets reach the firewall, reach your hosts but are not correctly routed back to the VPN client
you hosts in LAN somehow block some traffics (firewall?)
a mix of these reasons
Anyway you have to investigate more.
Sorry I can't you help you any further.
Cheers,
michele.
«
Last Edit: February 13, 2019, 05:00:44 pm by myksto
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
OpenVPN server for LAN Access
