Greetings - I have a working OpenVPN server that I can access remotely, but now I want to access another box behind the OpenVPN server from the remote client. I have read the how-to's and FAQ on the OpenVPN website, and I believe that I need to make one change which is described by this statement: add a route in the default gateway for the VPN network IP subnet pointing to the OpenVPN machine.
My topology Remote client network 192.168.123.0/24 VPN network 10.8.9.x VPN Server 10.9.8.1 Server LAN network 192.168.112.0/24 VPN Server LAN IP 192.168.112.50 DNS/DHCP Server 192.168.112.51 Gateway/Firewall/Router 192.168.112.11 I can access the VPN server at ...50, and I would like to access another server which is at ...53. However pinging from the client when connected to the VPN returns this: C:\>ping 192.168.112.53 Pinging 192.168.112.53 with 32 bytes of data: Reply from 10.9.8.1: Destination host unreachable. I have ipforwarding enabled on the VPN server (CentOS 6) box. Based on the ping response, and since *my LAN router is not the same box as the VPN server*, I have concluded that I need to add a route in my LAN default gateway for the VPN network IP subnet pointing to the OpenVPN box. My gateway/router box is running PfSense and the routing table for it shows: [2.1.2-RELEASE][ad...@pfgateway.mei.lan]/root(2): netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 66.171.190.17 UGS 1 663197177 bge0 xxx.yy.190.16/28 link#1 U 0 49927480 bge0 xxx.yy.190.18 link#1 UHS 0 0 lo0 xxx.yy.190.19 link#1 UHS 0 0 lo0 => xxx.yy.190.19/32 link#1 U 0 0 bge0 xxx.yy.190.20 link#1 UHS 0 0 lo0 => xxx.yy.190.20/32 link#1 U 0 0 bge0 xxx.yy.190.21 link#1 UHS 0 0 lo0 => xxx.yy.190.21/32 link#1 U 0 0 bge0 xxx.yy.190.22 link#1 UHS 0 0 lo0 => xxx.yy.190.22/32 link#1 U 0 0 bge0 127.0.0.1 link#6 UH 0 560 lo0 192.168.112.0/24 link#2 U 0 848109484 rl0 192.168.112.11 link#2 UHS 0 99857580 lo0 I don't generally touch the command line on the PfSense box, as everything is done through the web interface, but this was the easiest way to paste the routing table here. Can someone explain to me how to add a route in the PfSense gateway for the VPN network (10.9.8.x) pointing to the OpenVPN box (192.168.112.50)? I am doing this remotely, so I want to be careful and not mess up anything that will cut off my access. Also, please cc me directly as I only recieve the daily digest of this mailing list. Thanks. Jeff ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
