• Only first connected user got DNS domain resolution.

    19
    9
    0 Votes
    19 Posts
    2k Views
    PippinP
    Glad you got it working.
  • OpenVPN and AES NI Hardware Crypto Acceleration

    2
    0 Votes
    2 Posts
    2k Views
    J
    I did have this same issue with Nord. I believe it is something to with their config. When I would setup Nord to run on my 7gen intel pfsense box, i would get 120md down before i routed my traffic to it. When I routed my traffic to my nord connection I would lose approx 75 to 80% of my bandwidth. I was told by Nord that it was an openvpn issue. So I decided to test it with ExpressVPN. I did not experience any bandwidth loss with ExpressVPN. Take it for what it's worth.
  • OpenVPN tunnel issue

    1
    0 Votes
    1 Posts
    308 Views
    No one has replied
  • Questions about multiple sites and AD

    2
    0 Votes
    2 Posts
    374 Views
    RicoR
    Yes sure, why do you think this could be a problem? -Rico
  • 0 Votes
    2 Posts
    826 Views
    DerelictD
    @EFP-TechTeam said in pfSense OpenVPN site-to-site client dies every day or two.: The logs don't give a lot of clues. What do they say?
  • Please help me how to config openvpn between pfsense and mikrotik

    1
    0 Votes
    1 Posts
    170 Views
    No one has replied
  • OpenVPN with Torguard ignoring LAN rule to bypass VPN for specific hosts

    3
    0 Votes
    3 Posts
    817 Views
    P
    @bcruze Thanks for the reply. Lesson to myself. Don't add IP's to an alias list when it's late at night and you are tired.. 192.158.0.10 will not work for the desktop with the IP address 192.168.0.10 for some strange unknown reason...:)
  • OpenVPN prior to domain login with deployment options

    ms ad opvn service
    1
    0 Votes
    1 Posts
    189 Views
    No one has replied
  • OpenVPN email stopped working

    10
    0 Votes
    10 Posts
    1k Views
    T
    @tig-ext said in OpenVPN email stopped working: @kiokoman Yep, I do get it, I was just pointing out that @Gertjan asked how I did it and when I pointed him to first post he replied "I know " This thread can be closed now, thanks for the suggestions Hi, Can you tell me your solutions?
  • SG-1100 cannot reach LAN beyond PFSense firewall using Openvpn wizard

    3
    0 Votes
    3 Posts
    433 Views
    D
    Thank you for responding. After making the change, I now have many firewall entries between my SG-1100 and virtual IP address on the openvpn interface. Also from LAN hosts and virtual IP address on LAN interface. After updating the firewall rules, I still cannot ping the other hosts behind the LAN (172.20.1.3). I can ping them when connected to the LAN directly. I also turned off the firewall on the client.
  • OpenVPN routing problem

    3
    0 Votes
    3 Posts
    564 Views
    V
    There's no need to write out that commands into the advanced options box. You better use the "Remote Network/s" box for that. Just type in the networks which should be routed to the remote site.
  • Openvpn server and DNS over TLS

    2
    0 Votes
    2 Posts
    1k Views
    J
    I actually found instructions from Netgate on how to do this from one of their web presentations. Under firewall, NAT do a port forward rule: Interface: OpenVPN Protocol: TCP/UDP Destination: Invert Match checked, This Firewall (self) Destination Port Range: DNS (will be port 53) Redirect Target IP: 127.0.0.1 Redirect Target Port: DNS (will be port 53) This worked perfect for me and all Openvpn DNS requests are now encrypted with DOT. I actually duplicated this rule for all my interfaces/networks in case users try to use their own DNS servers over port 53, they will now be encrypted and sent over port 853 to cloudflare.
  • IPSec mobile clients connecting to OpenVPN site-to-site VPN

    19
    0 Votes
    19 Posts
    2k Views
    M
    @kiokoman said in IPSec mobile clients connecting to OpenVPN site-to-site VPN: just press "thumb up" on the answer, the coffee would become cold :) Thumb up applied. Thanks again!
  • OpenVPN from guest vlan to production vlan

    6
    0 Votes
    6 Posts
    959 Views
    V
    So you have a running OpenVPN server already and want connect to it from outside as well as from the guest VLAN? So assuming you're connecting to the server by using its FQDN hostname and that hostname is resolved to the WAN IP in the guest VLAN, you only need to add a firewall rule which permits that access. Just add a rule to the guest interface allowing the OpenVPN access to the WAN address.
  • Openvpn Client Specific IP Address

    10
    0 Votes
    10 Posts
    5k Views
    J
    @viragomann Perfect...I got it. Makes sense now. Thanks for the assistance!
  • OpenVPN slow AES-NI

    9
    0 Votes
    9 Posts
    1k Views
    S
    I rly dont understand what the problem should it be... the only 2 devices that has to do the encription / handshake and so on is my computer that is asking the pfsense over lan for the encryption and the pfsense on my box. Now I see that I made the picture wrong... the encryption is only between my computer and the pfsense. the pfsense is just the represent one that is going over my other router outside. PC and pfsense are connected to each other over a lan cable... So only those 2 devices are necessary for the encription. Edited the picture
  • Remote client into site-to-site remote subnet

    3
    0 Votes
    3 Posts
    470 Views
    Z
    Thank you, @viragomann. That did the job! [image: MM2SWto.png]
  • Printing across site-to-site OpenVPN tunnel

    2
    0 Votes
    2 Posts
    607 Views
    U
    Also, local IP printing to each of the printers works as expected.
  • Openvpn not routing to subnet

    3
    0 Votes
    3 Posts
    1k Views
    johnpozJ
    Can you ping the cisco IP on your transit network from your vpn client? I can not tell from your diagram what the cisco IP in this transit is 192.168.0.1?? With pfsense IP being 192.168.0.254? Other than @viragomann great points.. Also don't forget possible overlap? What are you using for your tunnel network? What is the remote clients local IP.. If it overlaps 192.168.1 remote client would have any need to send traffic down the tunnel to try and get there. Also don't forget local firewalls on your dest box.. Not allowing whatever your tunnel network is. Which would be the source IP from your vpn connections. Can the vpn client ping the cisco svi on the lan side network 192.168.1.1?
  • Gateway and static route configuration.

    1
    0 Votes
    1 Posts
    269 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.