RUT50X - OpenVPN - Can not reach local devices on LAN even though push route is set

New user with RUTX50 that I am very satisfied with! :+1::grin:

I have successfully (after several attempts) been able to configure OpenVPN-server on the RUTX50 and I am able to connect with my client as well.

So, my OpenVPN network gets for example while my local LAN is on

I have also configured a push route in the server settings:
TELTONIKA RUTX50 - OpenVPN - can not access local devices on LAN eventhough push route is set

When I connect to the RUTX50 via my OpenVPN client I get a successful connection and I can access the the web interface for my RUTX50. However, even though I have a push route set as above I can not access the web gui of local devies on my LAN BUT I am able to ping all those devices.

When I change the firewall settings as per this screenshot it works fine and I can now access the web gui of local devices on the LAN (for example managed switches and so on):
(Screenshot will come in next post since I am a new user and therefore can only add one screenshot per post.)

Do I really need to enable both masquerading and forwarding for both LAN → WAN and OpenVPN as well as forwarding for OpenVPN => LAN as my screenshot above shows?

Here is the screenshot of the changes I made in the firewall settings:

And when I use this default setting in the firewall settings (as per the configuration examples) I am no longer able to access the web gui:s of my various devices on the local LAN but I am able to ping them though.

Ok so I had some time to research here on Teltonika WiKi-pages and trying to understand how the Zones and Inter-Zone forwarding works.

I changed the firewall settings with a new Zone=>Forwardings and a new zone called lan_ovpn to indicate traffic from internal LAN to OVPN-lan:

These settings seems to work perfectly fine but I am unsure if these settings are secure and proper?

After 2 days of testing back and forth and trying to read here on the Wiki-pages as well as reading on OVPN-pages I am currently using the following setup for my OVPN in order to be able to access web interfaces of local LAN devices:

So the ONLY change I have done here is to enable masquerading on the lan => wan and openvpn zones (the top row). Accessing web gui:s of local LAN devices works fine now (for example the web gui for my managed switch and the web gui of my Logitech Slimserver)

Can someone please confirm if this is an ok setup or should I do it somehow else?

This topic was automatically closed after 15 days. New replies are no longer allowed.