Hey all,
I could use a hand trying to figure out what’s up. When I connect to the OpenVPN server on my pfsense box, I can access most IPs on the network, but my proxmox host and it’s vms are totally inaccessible. I am only able to access my services via the HAProxy virtual IP I configured that points at the proxmox host and vms.
I have added the subnet for the VPN network to the LAN and other networks I want to be accessible, but it didn’t seem to help.
Anything I should try to figure this out?
Any help would be much appreciated!
Update: finally got around to drawing a network diagram
Is the network you are connecting from the same subnet as the proxmox host and vms? I had a similar issue when they were the same subnet. I ended up adding a route to my openvpn config I was using on the client for the ips I wanted to get to on the host network.
On interesting. I am not using the same subnet. My main network is 192.168.1.0/24, the subnet I connect from is 192.168.30.0/24, the vpn network is 192.168.70.0/24.
I’ve narrowed it down to hosts that connect to a secondary network. I might have to try adding a route. Thanks for the idea.
Unfortunately no. What I suspect is that there is some routing issue. The proxmox hosts are connected to two different networks. The primary network runs on 192.168.1.0/24 with the .1 standard default gateway. The secondary network is connected with a 192.168.30.0/24 network. All other hosts on the network are accessible, but the proxmox host’s vms are a no go.
I’m not really sure how to add a route for the OpenVPN stuff only for specific hosts.
Now that I have a diagram to refer to, here’s a more specific example.
I have SSH and a few other services exposed to the internet via NAT+Firewall. Those work just fine from the internet and are all able to reach all network sources from the inside, but that’s just SSH so I expect that.
The issue I am having is that when I connect to OpenVPN on the pfsense box (the macOS host with 192.168.77.5 IP), I am unable to access any VM or Host that’s connected to the “Layer 2” switch, which ends up being literally anything on the Proxmox hypervisor. I AM however able to connect to the raspberry pi, macOS host inside the network or any other network resource without issue…
Recently I have added a connection from the WiFi bridge to the pfsense router so that I could hopefully add some static routes or a gateway to relay back. I am now able to ping 192.168.30.1 from pfsense as well as all the other hosts on the “Layer 2” switch just fine.
I added allow rules in the firewall between the 192.168.30.0/24 and 192.168.1.0/24 both directions, but I am still unable to get access from VPN.
