PFSense VPN remote access to home network


#1

Hello Everyone,

For my first post, I have an issue that I still have not been able to solve. I followed the tutorial posted on the LTS youtube page(Nov 2017), and was able to get the VPN remote access mostly set up. The issue that I am facing right now, is that I am only able to ping pfSense itself, and only able to access that IP address. I have placed my other home subnets in the area where pfSense asks you to place all of the networks you want to be able to access. All of the background work on getting the connection set up seems to work properly, as the route print shows that the connections are being routed through the VPN tunnel. Could it be that I have entered the information in the wrong format?


#2

My route print

route%20print


#3

make sure you are running the OpenVPN client on Windows with admin privileges and the formation should by 192.168.X.0/24 not 192.168.X.1/24


#4

Thank you for helping out on this issue. I have been using the OpenVPN Windows client, and the Client Export Tool in pfSense. Would I need to re-export the windows client settings with the export tool, or would they automatically update on the next connection?

I have not been able to ping any of the known machine IP’s on any of the local subnets that I have placed in that highlighted area( now in the correct 192.168.x.0/24 ). Could it be a firewall rule, or lack of NAT somewhere? I went through the wizard in order to not have to create any rules(and possibly mess it up), but maybe there is some rule that I have to create for this to go through.

Just for more background information. I am trying to gain access to my Homelab setup at home, which has around 7 servers or so.


#5

If I recall correctly, I had to create a rule to allow VPN traffic to the LAN network.


#6

What worked for me was to check the box “Redirect IPv4 Gateway” to force all client-generated IPv4 traffic through the tunnel. No, you shouldn’t have to re-export the client settings. Also, Make sure that you don’t have the same IPv4 subnet at the login point and the home lab. If both are 192.168.1.x then you might have issues.


#7

I have been able to get that option activated, and it still does not allow me to ping any devices on my home network, which seems strange to me. The only IP that I am able to get to is my pfSense box.


#8

Do you have an allow all rule on your OpenVPN rules?