My VPN Firewall does not filter my connections between my Roadwarriors !? OR on newer versions: My roadwarriors cannot see each other!?

In order to make sure we mean the same situation:

You have enabled the OpenVPN server and have several Roadwarriors connected. You have one of the following problems:
Both possibilities do not happen if one side is a gateway-to-gateway client and the connection starts or ends behind the gateway-to-gateway VPN endpoint.


This case needs you to configure your OpenVPN server in a special way in order to push the correct routes to the Roadwarriors, which forces connections to go through the VPN Firewall on the OpenVPN server:
  1. Split your GREEN network logically in 2 parts. This is just for organizational purpose, you don't need to change configuration of your GREEN network.

    You imagine one of the both parts to be reserved for workstations within your GREEN LAN and the GREEN interface of the Endian Firewall.
    You imagine the second part to be reserved for OpenVPN clients.
    Pay attention to choose this parts in such a way that the IP-range for the VPN clients will fit a valid subnet range.

    For example if your GREEN network will be 10.0.0.0/24, your second part can be for example 10.0.0.128/25 or 10.0.0.192/26.

  2. Configure the IP pool of your OpenVPN server in order to exactly fit the part which you reserved for OpenVPN clients.
    For example if you chose 10.0.0.128/25, use 10.0.0.129 as start address and 10.0.0.254 as end address.
  3. Create a dummy OpenVPN account which you in reality will never use to connect to the OpenVPN server, let's name it roadwarriors.
  4. Set a complex password
  5. Configure your logical roadwarrior subnet (10.0.0.128/25) as remote network for this client.
  6. Restart Openvpn in order to force your clients to reconnect and pull the new configuration.