• OpenVPN or port forwarding?

    4
    0 Votes
    4 Posts
    2k Views
    johnpozJ
    Yeah I failed to mention I watch my plex server from my phone via just clicking vpn, and then opening up my plex app.. Sure and the hell not going to open up my plex server to the public internet so I can watch something when I want on the road. Click click on my phone and there you go watching video/music just like I was on my actual lan.. I have 1 thing forwarded, that is ntp which I serve to the public as a member of ntp pool.. Anything else you want on my network you have to vpn to get too..
  • Vlan Tag on all connected Openvpn Users

    4
    0 Votes
    4 Posts
    3k Views
    DerelictD
    You cannot put 10.0.0.0/8 on an interface and use 10.100.5.1/24 to give to OpenVPN clients. Those subnets overlap. If you, for example, assign the IP address 10.23.56.34/8 to a host on em2 and it has traffic for 10.100.5.1 it is going to think it's on the same subnet and not send the traffic back to the firewall to be forwarded to the OpenVPN client. To tag traffic on a pfSense interface, you must first create a VLAN on the interface Interfaces > (assign), VLANs tab, then assign the interface to VLAN XXX on em2 in Interfaces > (assign). Then connect em2 to a switch port or device that expects traffic tagged on VLAN XXX.
  • OpenVPN tunnel

    2
    0 Votes
    2 Posts
    945 Views
    jimpJ
    Make sure the client is getting DNS servers it can reach over the VPN. If the client is still attempting to use ISP-specific DNS servers they would fail when run through the tunnel
  • Contractor VPN

    6
    0 Votes
    6 Posts
    1k Views
    V
    As mentioned above, the contractors should only have access to a single host. So you have to put a firewall rule at OpenVPN interface to permit only this one destination from the contractors VPN tunnel. If this rule is right in place there will be no access possible to the pfSense GUI.
  • Allowing certain devices to bypass openvpn

    5
    0 Votes
    5 Posts
    1k Views
    T
    thanks i'll give that a go :-)
  • Pfsense 2.3 static client IP

    11
    0 Votes
    11 Posts
    5k Views
    H
    based on my log. everything seem fine.  :'( [image: log.JPG] [image: log.JPG_thumb]
  • Can't get OpenVPN data to other router & Network on LAN

    7
    0 Votes
    7 Posts
    1k Views
    johnpozJ
    your design oversight steps on network that is owned by tmobile NetRange:      172.32.0.0 - 172.63.255.255 CIDR:          172.32.0.0/11 Organization:  T-Mobile USA, Inc. (TMOBI) This is really bad idea to use public space that is not owned by you internally.
  • Bridge DHCP default disabled

    1
    0 Votes
    1 Posts
    510 Views
    No one has replied
  • Log filled with repeated message

    3
    0 Votes
    3 Posts
    1k Views
    O
    Thank you. I have logs at default and recommended levels.
  • Unable to connect a client to OpenVPN pfsense 2.3

    18
    0 Votes
    18 Posts
    6k Views
    johnpozJ
    Being in different timezones is not a problem..  But having the wrong time while your in a timezone sure going to have a problem ;) Why you should always sync off ntp ;)  Which set your time correct for the timezone your in.. But you still have a really OLD client, why would you not updated that… But maybe its because your running on a linux distro that last update was what 2011?
  • OpenVPN Fatal Error

    2
    0 Votes
    2 Posts
    1k Views
    D
    The error message "Cannot open TUN/TAP dev dev/tun1:Device busy" points to a previous instance of OpenVPN already running. This can happen if you're playing with your OpenVPN settings, trying to get things "right" and restarting the OpenVPN client and/or server. Sometimes the previous instance doesn't exit cleanly and can hang around for a while. I would try a full reboot of the box to make sure you have a clean start and see what your logs look like.
  • OpenVPN tunnel whole interface

    1
    0 Votes
    1 Posts
    696 Views
    No one has replied
  • PIA VPN not working on Pfsense 2.3

    2
    0 Votes
    2 Posts
    2k Views
    W
    Forget the PIA website instructions…worthless. This is what worked for me... very nice tutorial: https://forum.pfsense.org/index.php?topic=76015.0
  • Route all client vpn traffic to only one IP on network

    15
    0 Votes
    15 Posts
    3k Views
    DerelictD
    And, while on the subject, configuring outside servers to return RFC1918 addresses subjects you to dealing with DNS rebinding protections. Ran into this a few times running internet for a hotel meeting space. Told them to slap their network admin in the face hard when they got back and use a hosts file entry. Many of them were even 192.168.0.X - like that will work reliably on random, private networks.
  • PfSense for secure browsing from public WiFi?

    36
    0 Votes
    36 Posts
    8k Views
    D
    The Airport Extreme makes a fine Access Point and switch if you only need 4 Lan ports. In the Windows Airport utility, Internet tab, you have the Connection Sharing drop down in which you specify Off (Bridge mode). With that set you can also use the Wan port as just another Lan port providing a total of 4 ports.
  • Wizard broken since 2.3?

    6
    0 Votes
    6 Posts
    1k Views
    PippinP
    Now I know  :)
  • Local vs VPN DNS Name Resolution

    26
    1 Votes
    26 Posts
    8k Views
    PippinP
    Will try to find why its working for me. That machine as I just discovered, is getting detected through NetBIOS so yes maybe its WINS. Under Network select View-Details, then right click on the columns (Name-Category-Workgroup-etc.) and select "Discovery Method". Then you can see how they`re discovered, obviously  :o I hope thats clear enough because I dont have English version of Windows  :)
  • OpenVPN Remote Access, Tap Connector and no Internet Access

    2
    0 Votes
    2 Posts
    1k Views
    M
    Hello, I have the same problem. When I'm connected to the VPN I can not surf the Internet, but have access to the remote network.
  • [Solved] Force a reconnect of a vpn client

    5
    0 Votes
    5 Posts
    4k Views
    T
    Removed 'ping-restart' and other 'ping-xxx' options from the config and now the vpn client doesnt die.
  • First OpenVPN Setup - Can Get Connected But No Traffic to LAN

    6
    0 Votes
    6 Posts
    3k Views
    R
    That was it - changing it to 10.254.254.0/24 worked! Thank you all!
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.