Pfsense OpenVPN Server networking issues

Hey all,
I could use a hand trying to figure out what’s up. When I connect to the OpenVPN server on my pfsense box, I can access most IPs on the network, but my proxmox host and it’s vms are totally inaccessible. I am only able to access my services via the HAProxy virtual IP I configured that points at the proxmox host and vms.

I have added the subnet for the VPN network to the LAN and other networks I want to be accessible, but it didn’t seem to help.

Anything I should try to figure this out?

Any help would be much appreciated!

Update: finally got around to drawing a network diagram

Is the network you are connecting from the same subnet as the proxmox host and vms? I had a similar issue when they were the same subnet. I ended up adding a route to my openvpn config I was using on the client for the ips I wanted to get to on the host network.

On interesting. I am not using the same subnet. My main network is, the subnet I connect from is, the vpn network is

I’ve narrowed it down to hosts that connect to a secondary network. I might have to try adding a route. Thanks for the idea.

1 Like

I’m also using a different subnet.

Was there any update on this?

Unfortunately no. What I suspect is that there is some routing issue. The proxmox hosts are connected to two different networks. The primary network runs on with the .1 standard default gateway. The secondary network is connected with a network. All other hosts on the network are accessible, but the proxmox host’s vms are a no go.

I’m not really sure how to add a route for the OpenVPN stuff only for specific hosts.

Networks can be added using the “IPv4 Local network(s)” in the Tunnel Settings of the OpenVPN server configuration.

Putting, in that box should make both networks available over the VPN.

I added that to the configuration and unfortunately didn’t make a difference.

Do your firewall rules allow traffic between and

Try this, where:

push "route 192.168.x.x"

is your main local network.

You probably want to make the mask and grab both subnets in one go, so long as 192.168 is also not used locally.

Now that I have a diagram to refer to, here’s a more specific example.

I have SSH and a few other services exposed to the internet via NAT+Firewall. Those work just fine from the internet and are all able to reach all network sources from the inside, but that’s just SSH so I expect that.

The issue I am having is that when I connect to OpenVPN on the pfsense box (the macOS host with IP), I am unable to access any VM or Host that’s connected to the “Layer 2” switch, which ends up being literally anything on the Proxmox hypervisor. I AM however able to connect to the raspberry pi, macOS host inside the network or any other network resource without issue…

Recently I have added a connection from the WiFi bridge to the pfsense router so that I could hopefully add some static routes or a gateway to relay back. I am now able to ping from pfsense as well as all the other hosts on the “Layer 2” switch just fine.

I added allow rules in the firewall between the and both directions, but I am still unable to get access from VPN.

Any ideas?