Hi Phil Just wanted to say thanks for your reply. I set the VPN connection to force all traffic over the VPN and the Port Forward worked. Thanks again for your advice. Wasca

Glad that it helped

Many thanks for directing me to this. Host 192.168.220 did have a misconfiguration - broadcast 192.168.255.255 with netmask 255.255.255.0 - which did not raise a problem until a reboot - coincidently around the time of the pfSense upgrade. Now ping is working from VPN clients to this host (and all VM's on this machine) but still a ping to the Windows 7 host 192.168.1.100 gets only answered inside the LAN, but that's obviously not related to pfSense.

Thanks for the tip, I have not yet set the default gateway to the pfSense firewall because I want to test the configuration first. But this has to be the problem.

Thanks for the feedback guys - I will try again with Open VPN as L2TP keeps dropping out

Thanks for all your help guys, I appreciate the answers. I considered using heper's solution but for the sake of avoiding all conflicts I think I might just change the addressing scheme to something somewhat random like 10.9.8.0/24 or something similar.

10x a lot, it was enough for me to understand :)

Hello marcelloc, Our Realtek Ethernet Card is in 100baseTX <full-duplex>Mode. The other Szenario is with Intel Gigabit Cards and we tested OpenVPN and IPsec with Tuneables No Success :( Can someone help us or have ideas for more performance We think 100baseTX <full-duplex>Realtek over IPsec or OpenVPN with Crypto should have 80MBit/s Performance over Tunnel.</full-duplex></full-duplex>

OpenVPN client advanced config, like this screen shot. On the server end, you can just have 1 OpenVPN server running, listening on LAN. Then port forward the port you want to listen on from WAN1, WAN2… to LAN. That way the same OpenVPN server receives the connect requests from the client, whichever public IP address the client connects to. [image: OpenVPN-Client-Dual-Server.png] [image: OpenVPN-Client-Dual-Server.png_thumb]

You can have rules on the OpenVPN tab just make sure they don't match the traffic that would be coming over the assigned interface. Meaning, specify a proper source on the rules for other VPN instances and not just use 'any' or at least make sure that they don't match the same exact traffic as the rules on the assigned interface. The wizard adds the any/any rule because most people don't want nor need to assign the VPN interface and just want to pass in all traffic from the VPN to their LAN or internal networks.

Thanks a lot for your reply  :) That did it, now everything works as expected, again a big THANKS to all of you who helped me out here  :) Have a nice week! Best regards, Chris

@ciambellone: Hi All, I've resolved the problem. I've found an error in the configuration thanks a lot. hi sir! I failed you, but I do not know how to handle.You can share how to handle errors that are not.Thank you

I have tried it from my parents house which has 15/5 and it is still stupid slow. What I am really trying to get to run better is file transfers and such to and from my home to my tablet/laptop. I have centralized all of my files on a home server and I would like to connect to it and be able view, download, upload, stream and szuch while out but with the 550kbs it is not working. I'm not funnling all my internet traffic thru the VPN so it is just file transfers. If I can get this to work properly I want to setup a backup server at my parents and do the backups over the VPN. Thanks for the help

Check your firewall settings, and make sure your Protocol (UDP or TCP) and Port Number are set correctly.

Yes I tried with the "OpenVPNManager GUI" checkbox option. And it seems to run as a service and it works around the UAC control as far as I can see that with the few tests I did. And it still allows different OpenVPN configs so you are able to select them from the new/different GUI - but they all must be in the new folder path and they must not be in a subfolder and so - of course - must have different filenames for .key, .p12 and .ovpn. If the config is in the new path it seems that it will be run as a service and if it is in the "old" path it will run "normal". Configs in both paths are possible. At least it seems to work and the new features and the slightly different behaviour in GUI will need some time to test but is probably a good possibility to use. :)

You have a problem with the default gateway for the LAN2 network. Try to manually set it as the OpenVPN one and let's see… Do you want to always route all traffic through the VPN, or only if it is up? Now, I really don't know about how pfSense behaves as an OpenVPN client (I just use it as a server). There must be an option to specify what to do with the traffic. Otherwise, I guess you could just setup some gateway failover between WAN an OpenVPN. Cheers!