Skip to content
Can not access distant LAN
Got a problem with Viscosity or need help? Ask here!
Hello,
I am connecting to a distant network running OpenVPN server on PfSense. I used the export setting option on PfSense to generate a config file and thought connecting would be easy. Well I can connect but I can not see anything on the local LAN except the PfSense machine.
Connection log looks good
- Scott
I am connecting to a distant network running OpenVPN server on PfSense. I used the export setting option on PfSense to generate a config file and thought connecting would be easy. Well I can connect but I can not see anything on the local LAN except the PfSense machine.
Connection log looks good
Code: Select all
But ifconfig is confusing2019-02-11 21:17:01: Viscosity Mac 1.7.14 (1480)
2019-02-11 21:17:01: Viscosity OpenVPN Engine Started
2019-02-11 21:17:01: Running on macOS 10.13.6
2019-02-11 21:17:01: ---------
2019-02-11 21:17:01: State changed to Connecting
2019-02-11 21:17:01: Checking reachability status of connection...
2019-02-11 21:17:01: Connection is reachable. Starting connection attempt.
2019-02-11 21:17:01: OpenVPN 2.4.6 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Nov 23 2018
2019-02-11 21:17:01: library versions: OpenSSL 1.0.2q 20 Nov 2018, LZO 2.10
2019-02-11 21:17:02: TCP/UDP: Preserving recently used remote address: [AF_INET]78.193.76.237:1194
2019-02-11 21:17:02: UDP link local (bound): [AF_INET][undef]:1194
2019-02-11 21:17:02: UDP link remote: [AF_INET]78.193.76.237:1194
2019-02-11 21:17:02: State changed to Authenticating
2019-02-11 21:17:02: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2019-02-11 21:17:03: [OpenVPN CA] Peer Connection Initiated with [AF_INET]78.193.76.237:1194
2019-02-11 21:17:04: Opened utun device utun10
2019-02-11 21:17:04: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
2019-02-11 21:17:04: /sbin/ifconfig utun10 delete
2019-02-11 21:17:04: NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2019-02-11 21:17:04: /sbin/ifconfig utun10 192.168.5.2 192.168.5.2 netmask 255.255.255.0 mtu 1500 up
2019-02-11 21:17:04: Initialization Sequence Completed
2019-02-11 21:17:04: DNS mode set to Split
2019-02-11 21:17:04: WARNING: Split DNS is being used however no DNS domains are present. The DNS server/s for this connection may not be used. For more information please see: https://www.sparklabs.com/support/kb/article/warning-split-dns-is-being-used-however-no-dns-domains-are-present/
2019-02-11 21:17:04: State changed to Connected
Code: Select all
I must be doing something stupid. Any ideas or obvious errors ? Thanks for any help !lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
XHC20: flags=0<> mtu 0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=10b<RXCSUM,TXCSUM,VLAN_HWTAGGING,AV>
ether ac:87:a3:0b:31:cb
inet6 fe80::1c49:cdd6:3637:93cc%en0 prefixlen 64 secured scopeid 0x5
inet 192.168.0.10 netmask 0xffffff00 broadcast 192.168.0.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect (1000baseT <full-duplex>)
status: active
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 88:63:df:cc:9f:d9
inet6 fe80::1044:2f42:6634:e2fc%en1 prefixlen 64 secured scopeid 0x6
inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 0a:63:df:cc:9f:d9
media: autoselect
status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
ether 0a:ca:c9:0e:4d:e5
inet6 fe80::8ca:c9ff:fe0e:4de5%awdl0 prefixlen 64 scopeid 0x8
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether 0a:00:00:3e:da:70
media: autoselect <full-duplex>
status: inactive
en3: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether 0a:00:00:3e:da:71
media: autoselect <full-duplex>
status: inactive
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 0a:00:00:3e:da:70
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 9 priority 0 path cost 0
member: en3 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 10 priority 0 path cost 0
nd6 options=201<PERFORMNUD,DAD>
media: <unknown type>
status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::c6e8:4ac:d89c:e1c9%utun0 prefixlen 64 scopeid 0xc
nd6 options=201<PERFORMNUD,DAD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::5291:d8fb:8a48:b96%utun1 prefixlen 64 scopeid 0xd
nd6 options=201<PERFORMNUD,DAD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::43f3:e38:f121:c36a%utun2 prefixlen 64 scopeid 0xe
nd6 options=201<PERFORMNUD,DAD>
utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::7570:4767:da6b:68cd%utun3 prefixlen 64 scopeid 0xf
nd6 options=201<PERFORMNUD,DAD>
utun4: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::6c19:d56a:3d19:e49f%utun4 prefixlen 64 scopeid 0x10
nd6 options=201<PERFORMNUD,DAD>
utun10: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet 192.168.5.2 --> 192.168.5.2 netmask 0xffffff00
- Scott
Hi Scott,
Cheers,
James
Everything works, just not like I expected.If you expected machines on the remote network to be listed in the left hand side of windows in the Finder, it's possible to achieve this. There are two approaches you can take: either switch to using a TAP/Bridged VPN connection instead of a TUN/Routed one (this must be done on both the server and the client), or set up a mDNS Repeater on the server (a quick Internet search turns up a project called "mdns-repeater" for pfSense which might do the job).
Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
3 posts
Page 1 of 1