OpenVPN connects to gateway but unable to access local resources suchs as window shares or ping other computers


   I am in need of some help, I have Endian firell setup and openVPN enabled. I am able to connect remotely to the openVPN server, I can ping the internal address of the endian firewall but unable to ping local LAN clients such as window servers that are located on the same network as the Endian firewall.  I am lost as I am able to even communicate with Endian firewall through my web browser using HTTP so I know I am accessing the local side of the openVPN connection yet all other resources are not accessable.

My client configuration file is

dev tap
proto tcp
port 80
resolv-retry infinite
ca Private_Network.cer

My remote client subnet is
my openVPN local subnet is

Please help!

Mon Oct 20 13:35:42 2008 OpenVPN 2.1_rc13 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Oct  7 2008
Mon Oct 20 13:35:47 2008 WARNING: No server certificate verification method has been enabled.  See for more info.
Mon Oct 20 13:35:47 2008 LZO compression initialized
Mon Oct 20 13:35:47 2008 Attempting to establish TCP connection with
Mon Oct 20 13:35:47 2008 TCP connection established with
Mon Oct 20 13:35:47 2008 TCPv4_CLIENT link local: [undef]
Mon Oct 20 13:35:47 2008 TCPv4_CLIENT link remote:
Mon Oct 20 13:35:47 2008 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Oct 20 13:35:48 2008 [] Peer Connection Initiated with
Mon Oct 20 13:35:50 2008 TAP-WIN32 device [Local Area Connection] opened: \\.\Global\{0C6269DF-7766-4A8A-AF85-F8047733B060}.tap
Mon Oct 20 13:35:50 2008 Notified TAP-Win32 driver to set a DHCP IP/netmask of on interface {0C6269DF-7766-4A8A-AF85-F8047733B060} [DHCP-serv:, lease-time: 31536000]
Mon Oct 20 13:35:50 2008 Successful ARP Flush on interface [25] {0C6269DF-7766-4A8A-AF85-F8047733B060}
Mon Oct 20 13:35:55 2008 Initialization Sequence Completed

Open in new window

Who is Participating?
m_adamczykConnect With a Mentor Commented:
Your issue will not be in the remote config file. It might be in the OpenVPN server config file, but more likely it is a firewall configuration issue.

Haven't used Endian before, but if it supports IPTABLES commands, I've found the following command to be key in many of my configurations:
iptables -I FORWARD -i tap+ -j ACCEPT

You already have incoming tap connections allowed (iptables -I INPUT -i tap+ -j ACCEPT) but you're not getting past the firewall device which is why I think it's a firewall configuration issue. If Endian doesn't look at the interface time, try opening access for the OpenVPN subnet ( to the LAN subnet.

Good luck.
Sounds like a DNS issue.  Have you tried accessing the information by IP as well as name?
...If Endian doesn't look at the interface TYPE, try opening access for the OpenVPN subnet...
bcamachoAuthor Commented:
Problem solved
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.