Pfsense - OpenVPN Can't Access LAN Devices

I followed the directions I found here for setting up OpenVPN with pfsense.

Everything worked great except I can’t access any devices on the LAN through OpenVPN. I looked at the Firewall rules for OpenVPN, and it has asterisks for Source, Destination, and Ports, so it doesn’t look like it is being blocked. I am able to connect to the LAN address of pfsense through OpenVPN, but that’s it. I figure there must be some step I am missing.

Any help would be appreciated.

Personally I’d manually configure the OpenVPN server from scratch, that’s the easiest way to understand what needs to be configured.

Could be anything going wrong, probably the configuration or the rules.

Very hard to tell what is wrong , without seeing your configuration - another video Tutorial: pfsense OpenVPN Configuration For Remote Users 2020 - YouTube

Maybe look at wireguard as a vpn client - Tutorial: pfsense Wireguard For Remote Access - YouTube

Tom, has done a video on which vpn to use and why - Which VPN To Use In pfsense? - YouTube

1 Like

connect with openVPN, then post the route table (mask your public ip).

example: My network is, my tunnel, my route table:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         _gateway         UG    50     0        0 tun0
default         vault.lan         UG    600    0        0 wlp3s0   U     600    0        0 wlp3s0
vault.lan UH    50     0        0 wlp3s0   U     50     0        0 tun0
link-local     U     1000   0        0 wlp3s0
ipxx-xx-xx-xx   vault.lan UGH   50     0        0 wlp3s0

Thanks for getting back to me. Here is my routing table after connecting with OpenVPN Connect (IP is

what ip did you use for your tunnel network?

I used for the tunnel network.

I think I found the problem. I can ping, the WiFi AP, but I can’t connect to it with a browser. Some devices do not allow access from networks off the local LAN.

I got the Windows computers to start responding by changing firewall settings to allow ALL IPs, rather than just Local LAN.

Some commercial firewalls will let you program them so the VPN device assumes a local LAN IP, so the device thinks you are trying to connect using a Local LAN device. I’m not sure how to do this with pfsense.

tunnel has to be on a different subnet than the main network.

Thanks. Main LAN is Remote LAN is Tunnel is