I am having an OpenVPN issue. I have a pfSense box at home configured to allow traffic through a VPN tunnel. The client computer is Windows XP Home, behind a standard Comcast connection and a Netgear wireless router. I use OpenVPN to access my work network (from where I am trying to get out of in this post) from home (with an XP Pro machine behind pfSense), and this works fine. The client config is similar but has the changes specific to my setup… Here is my XP Home config:
client
dev tun
proto tcp
remote pfsense.*.org 1194 (starred out by me)
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
comp-lzo
verb 3
When I launch the OpenVPN GUI, the Tunnel TAP network connection turns red, and I can right-click that to connect to the server. Everything seems to work fine until I browse for the actual network. The Tunnel TAP connection turns green and it says connected to 10.1.1.6 (I have tried different IP pools here too with no luck). I can see the internal network fine, but my home network behind pfSense is not there. I have tried browsing there by using Tools > Map Network Drive, using the browser, with no success.
When I open the command line on the client and use the ipconfig -all command, I get the following:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : *** (starred out by me)
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 10.1.1.6
Subnet Mask . . . . . . . . . . . : 255.255.255.252
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 10.1.1.5
Lease Obtained. . . . . . . . . . : Monday, March 15, 2010 1:18:37 PM
Lease Expires . . . . . . . . . . : Tuesday, March 15, 2011 1:18:37 PM
I noticed that the default gateway is not present. Could this be my problem? I am still relatively new to firewalls, VPN, and network configuration so I'm sure I am messing up something simple.
Oh yah, I should note that I have firewall rules configured for pfSense to allow traffic through the WAN and the LAN. At first there was just the WAN firewall rule, because that is what I got from the literature I was reading. I then created a LAN rule as well, but I'm not sure if this was correct. Neither way works, though.
Best Answer
After working on this problem for some time, I have successfully establish a connection to my home network behind the pfSense firewall. I adjusted a couple settings that may have made this possible:
1) I changed the "LZO compression" from unchecked to checked
2) I changed the names of my client keys (which I doubt did anything)
3) I went through and double-checked all my settings. Although the two above were the only NET changes I made, I did remove the value in "Local Network" on the server tab in pfSense OpenVPN but added it back again.
The remaining issue I am having is that, in Windows XP, when I go to Tools > Map Network Drive, I still can't browse to my home network. I can access my home printers and ping IP addresses on the home network, and if I enter the path for the shared folders I can get into them. It would be nice to be able to browse for the available shared drives on the home network, but this is a small piece of the overall puzzle.
So, technically, the question hasn't been fully answered.
Thanks again for everyone's help.