Hello all, new to pfsense. Coming over from Sophos. I have just ran my 1st pfsense install (ironically installed on an old UTM110/120). I followed the latest video (thanks) Tutorial: pfsense OpenVPN Configuration For Remote Users 2020 - YouTube on configuring.
I have the openvpn connection working. I can ping the pfsense (192.168.2.1) and access it via the openvpn client. I can also ping and access a vm debian box 192.168.2.10 (which resides inside a windows 10 192.168.2.22) however I can NOT ping or access any windows 10 computers (including the 192.168.2.22) without turning off the windows f/w.
Several have suggested adding a route but not sure how to add it in pfsense or what specifically to add and to what interface.
Any help on how to access windows clients on the lan side of pfsense from a openvpn roadwarrior would be awesome.
You have to add rules in the Windows firewall to allow connections from more than the default subnet.
Well that’s my problem! Just to confirm I had stinking thinkin - I was understanding that when you connected to a vpn tunnel it was treated as if you were plugged in locally at the lan. So if there was a shared folder on a workstation at H.Q. that was accessible to all others on the lan than it would also trust any VPN connected systems as if they were plugged in locally. Am I now correct in this being wrong thinking? Your trusted to be on the network but devices need to be set individually to trust the vpn ip?
Is there a way through pfsense/openvpn or other solutions that all devices trust a vpn connection. Just seems like a lot of work to go to each station that you want to connect to and have to configure permissions. Is there some kind of nat rule I can apply at the pfsense?
Thanks agian…I appreciate the help
This was raised recently.
I do believe if you set the Device Mode to TAP instead of TUN on the OpenVPN server it acts as if the VPN clients are local.