I'm having a bit of trouble routing my traffic through my VPN server. Basically I have a pfSense setup that works amazingly well for everything it's currently doing. However, now, I have need to set up a PPTP VPN. I've got the basic setup and login working fine. When I check my IP it says I'm on the remote network, etc. However, I can't seem to figure out how to properly route traffic to the internal network.
My current setup is as follows:
HOME SETUP
Trendnet Router: 192.168.1.1
1 MAC (192.168.1.101)
1 PC(192.168.1.148)
<——INTERNET——>
WORK SETUP
pfSense Firewall: 192.168.1.1
7 PC
3 Linux
all on 192.168.1.0 subnet
PFSENSE PPTP SETTINGS
Server Address: 192.168.2.1
Remote Address Range: 192.168.2.192/28
Require 128-bit Encryption: True
As I said, I can connect to the PFSENSE VPN just fine and I'll receive an IP of 192.168.2.192 (or above). However I need to figure out what kind of rules I need in order to route traffic to the machines on the 192.168.1.0 WORK subnet so that they show up in network neighborhood, etc (and so that I can eventually VNC to them). I've added a rule to allow ALL traffic from the PPTP interface in, but I'm not sure where to go from here. Any assistance is most appreciated.
Best Answer
You're work and home networks are setup on the same subnet (192.168.1.0/24) You are going to need to switch one of them to another subnet otherwise the machines will never be able to route out to the machines on the other network, as they think they are local.
If you still can't talk after you switch the subnet at one location, post back here and we can work with you from there.
To clarify a little on how VPN works based on your comment.
You don't assign the VPN clients to the same subnet as you office. They need to be on a unique subnet. For my example lets assume the following:
192.168.1.0/24
10.0.0.0/24
10.2.0.0./24
What a connection to the office would look like is this:
192.168.1.50
; vNIC1-VPN:10.2.0.50
1.1.1.1
; PrivateNIC:10.0.0.10
; vNIC1-VPN:10.2.0.1
10.0.0.100
The
vNICx-VPN
nics will be setup by your vpn client/serverAfter the user has established a VPN connection to the office, the traffic flow will look like:
The Home Computer connects to
10.0.0.100
it will:Once the router gets a VPN encapsulated packet it:
The response from the server will be sent to the pfSense router (since the subnet is not directly connected and the machine doesn't have any routes to that machine)
The pfSense router will:
Once at the client machine the VPN subsystem will decrypt the packet and send it up the networking stack to the application.
Wash, rinse, repeat.