Hello,
the openVPN configuration is functional.
The Vpn is UP and openvpn assigns us a local ip address 172.16.50.6
I can’t ping the equipment connected to the RUT’s LAN.
Do I need to add routes or authorise the SSL vpn network to the RUT lan network?
Best regards,
Hello,
Could you please clarify if your RUT acts as an OpenVPN server or client?
Firstly, navigate to Network → Firewall → Edit OpenVPN zone, and ensure that forwarding to and from LAN is allowed.
Secondly, if the RUT is acting as a server, you will need to add a push option in your OpenVPN configurations. Specifically, you will need to push a route to RUTs LAN network to your OpenVPN client. For example:
route 192.168.1.0 255.255.255.0
If your RUT is acting as a client, you will need to add a route to your RUT device on your OpenVPN server. If this is a case, please take a look at these forum posts here and here.
Kind Regards,
Hello,
The RUT act an OpenVPN server.
I need to add a route to the RUT Lan. This route must be in my openvpn client.
How do I configure it?
Best regards
I’ve just solved my problem.
The route was not correct.
If I want to authorise the OpenVPN connection to a single address on the lan network of the RUT, is that possible?
Example: RUT lan 10.114.1.0 /24
I only want to authorise ad 10.114.1.50, is that possible?
Best regards
Hello,
Glad to hear that it is working for you now.
You can edit the OpenVPN firewall zone, remove LAN from ‘allow forward to destination zones’ so that the OpenVPN traffic is not allowed to LAN. Then, create a traffic rule where you allow traffic from OpenVPN zone to a single IP address in LAN specifically. This way, OpenVPN client will only be able to reach that single IP address in LAN.
For better understanding of traffic rules and how to configure them, I recommend reading our wiki article here.
Kind Regards,
Hello,
In OpenVPN firewall zone I deleted the line about openvpn.
Impossible to authorise ping even if I ensure that forwarding to and from LAN is allowed.
I had to delete and reconfigure my vpn !
The general functions of the firewall are extremely important, aren’t they?
Isn’t it possible to configure them manually?
I deleted the authorisation to the lan and added a rule to authorise the machine in point 6.
I can ping point 6 but also point 1.
I manage to connect to the RUT in https via point 1, but it refuses my password.
Do you have any explanations?
Best regards
Hello,
Do you have any other devices in LAN of your RUT? The firewall rule looks fine. The thing is that this rule allows access to 10.114.1.6 device in LAN. If you have removed LAN from the OpenVPN zone, then with this rule only the 10.114.1.6 device should be reachable. However, the RUT itself will still be reachable (I assume thats the 10.114.1.1 device you are refering to). If you want to restrict access to RUT as well, you need to create an additional, similar rule where the destination zone is Device (input). LAN zone is for LAN devices, while Device (input) is for the device itself.
Kind Regards,
Hello,
to cut off access to the RUT via openvpn I’m thinking of putting this restriction, all right
I would also like to cut off internet access for equipment connected to the RUT lan,
you need to modify :
equipment connected to the rut lan must not have access to the internet, they will only be accessible via openvpn
Best regards
Hello,
As mentioned, if you want to restrict access to the RUT itself, you need to spicify ‘device (input)’ as the destination zone in the traffic rule.
For your needs, I would suggest reading our wiki page here that shows and explains how to configure traffic rules.
Kind Regards,
This topic was automatically closed after 15 days. New replies are no longer allowed.
