Thanks :)

https://github.com/pfsense/FreeBSD-ports/commit/bc414485730d0d25c70d8c30a06732743d0efa59

@kermiaamar There is some issue with Hyper-V and would encourage you to search the forum for the solution or switch to VirtualBox.

@viragomann it's ok problem solved i can ping Local machine on LAN network after configuring check box redirect gratway

@viragomann said in OpenVPN puts down Internet traffic:

@jt40 said in OpenVPN puts down Internet traffic:

As you mentioned above, you want the clients in the concerned subnet to the VPN providers DNS server.

So is this still correct or not?
If yes, port forwarding is the best way to get it.

Thanks a lot for your help, I just need to get my head around it, stuff for the next maintenance :D

@iorx

Duh! (Homer Duh! that is...).
If everything else fails read the manual. So I did... and love and behold I goofed up.

I had changed the common name for the client certificate and this NEEDS to reflect the OpenVPN Client Specific iroute config. Change the common name there to match my certificate and it's working again.

Not really sure what I was thinking here If was trying to prevent a common name collision or something. Not very scientifically.

If some one makes the same "Duh", I leave this up here for amusement of doing things almost right.

Brgs,

@viragomann Thank you very much for your help.
I have already solved it that way.
Best regards

I assume you mean the bundled client installation package, as changing the default location within the firewall itself sounds silly.

The installer is simply a 7zip sfx package - it should be easy enough to make your own.

@viragomann said in ovpn with same network addresses works but:

The only other option you have might be to nat the IP address to something else. But this has to be applied on the remote site.
You can assign an additional IP outside of the LAN subnet to the remote pfSense VPN interface (there must be an interface assigned to the VPN server) and nat it to 192.168.0.1.
Also you have to push the route for the new NAT IP to the client or add it to the client config.

Thanks for the answer. I will try it as described.

@moadmin
Hey guys, can i get any suggestion on this, its still happening even with split tunnel config.
When VPN is on and connected, google meet calls are choppy and distorted, when we turn it off the video is smooth and in good quality.
This happened after we updated our pfsense to 2.6.

In my attempt to debug the network issue i ran netstat -see on the ubuntu server before and after download test. Keep in mind that i don't actually know what they mean or how to fix them but this is the values that popped out:
TCPSackRecovery: 1107
TCPLostRetransmit: 927
Fast retransmits 4410
Retransmits in slow start 402
TCPTimeouts: 403
TCPLossProbes: 808
TCPSackRecoveryFail: 402
TCPSackMerged: 332
TCPSackShiftFallback: 1120

The entire network is virtual and there cannot be a problem of congestion so, again, it was a dead end. This morning i made a backup of the configuration and installed pfsense development version daily snapshot 2.7.0 from 06.01.2023 and.....it worked!

I still don't know the cause but i think i can run the development version until the stable one comes out.

@wingrait said in Network Drive Slow Performance?:

10Mbps = 1.25MB/s with no other overhead.

hahaha - well problem solved ;) Glad you got it figured out.. Bytes vs bits is hard sometimes hahahah <ROFL>

edit: btw thanks for pointing out the actual issue, vs just walking away leaving the thread hanging to keep egg off your face..

The B vs b thing bites everyone in the butt at some point, reminds me of still the constant question about wireless, but the router says it can do 1900mbps on the box - why am I only see 200 ;) hehehe

@viragomann is not the same ip.
i can't understand why if i put the internal ip from the server 000.000.00.:9000 the site open but if i put only the fqdn it don't works