Bonjour via Open VPN


#1

I need to connect to an office network using the “Open VPN” network using the Tunnelblick application. I am successfully connected to the remote network and can browse the internet as if I am in the remote location.

However I need to access a server and if possible all other computers and printers should appear in Finder (Bonjour). Currently I can’t even ping any known device on the other side.

Any advice here?


#2

Some questions to diagnose:

  • Is your vpn client in the same subnet/range as your home network? (VPN’s usually auto configure to something in the 10.x.x.x range, and most home routers to 192.168.x.x)

  • is your vpn set to allow browsing of the local subnet?

  • just for testing purposes: what happens when you use the native L2TP as a VPN entry? Does that allow browsing of the network?

I have used both L2TP, OpenVPN and Synology’s VPN solutions and have never had issues to ping/connect to a mac at home. (In fact, I’m typing this on my iMac at home in the Netherlands from my iPad in Austria :-))


#3

The router in question has a strong firewall (Sophos) and I figured that we needed to open in and outgoing ports in the firewall.


#4

I could never get Bonjour to work over VPN. I read why a number of years ago but I don’t remember the reason. I also looked at another VPN-like software that did support Bonjour over the connection, but again I don’t remember. (It was at least five years ago that I investigated this problem).

I issue static IP addresses to systems I need to access over VPN and connect via the IP address rather than the system name. Inconvenient, but it works.


#5

On the OpenVPN server you need to set up SMCRoute. Bonjour is a multicast protocol and not routed by default over network segments.


#6

Thanks Lars,

Never heard of “SMCRoute” will have to look that up how to enable this on Sophos, Ubiquity and Peplink.

Smiles across the wires,

Rogier