OpenVPN no internet or local network access

Hello everyone, this is the first time I post something.

I have a problem that I have not been able to solve, I have been reading several places without getting to a solution, I have my pfSense firewall configured with the OpenVPN package, I have the following configuration:

pfSense 2.7.1
OpenVPN 1.9.2


dev ovpns1
verb 1
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 5 30
ping-timer-rem
persist-tun
persist-key
proto udp4
auth SHA512
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
client-connect /usr/local/sbin/openvpn.attributes.sh
client-disconnect /usr/local/sbin/openvpn.attributes.sh
local “WAN” (not showing for security reasons)
engine rdrand
tls-server
server 192.168.200.0 255.255.255.0
client-config-dir /var/etc/openvpn/server1/csc
plugin /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so /usr/local/sbin/ovpn_auth_verify_async user TG9jYWwgRGF0YWJhc2U= false server1 443
tls-verify “/usr/local/sbin/ovpn_auth_verify tls ‘internal-ca’ 1”
lport 443
management /var/etc/openvpn/server1/sock unix
push “redirect-gateway def1”
remote-cert-tls client
capath /var/etc/openvpn/server1/ca
cert /var/etc/openvpn/server1/cert
key /var/etc/openvpn/server1/key
dh /etc/dh-parameters.4096
tls-auth /var/etc/openvpn/server1/tls-auth 0
data-ciphers AES-256-GCM:AES-256-CBC
data-ciphers-fallback AES-256-CBC
allow-compression no
persist-remote-ip
float
topology subnet
fast-io
explicit-exit-notify 1
inactive 300
sndbuf 524288
rcvbuf 524288
push “route 192.168.20.0 255.255.255.0”

I have checked the DNS, certificates, firewall rules and I do not understand why the client connects to the VPN but can not navigate and can not access the local network, the GUI configuration also activated the dns server.

Do you have any idea what I might be doing wrong? The easiest thing to do would be to reinstall but I would like to find a solution.

Tom has a video , setup still applies now

Other users

1 Like

Sounds like your rules, think of the vpn as another network then assign your rules accordingly to access your Network.
Inspect the logs does it say anything?