pfSense OpenVPN on VPS client not access internet
-
@romanvekil
There is no need to add static routes. Set the WAN gateway as default, no other settings needed.As well there is no need to set the outbound NAT to manual rules generation. Use the hybrid mode.
Something in the logs on client or server?
-
@viragomann here client logs [0_1632314539228_OpenVPN-client.log](Uploading 100%) OpenVPN-client.txt
-
@viragomann said in pfSense OpenVPN on VPS client not access internet:
Set the WAN gateway as default
how to set it as default?
-
-
@romanvekil
Exactly. -
@romanvekil
So your client connects successfully and routes all upstream traffic to the VPN server.The outbound NAT shown in your screenshot is necessary at all, but use the hybrid mode so that automatically generated rules are still active.
So what's the problem now?
If you are not able to access the internet ensure that DNS resolution is working on the client. -
i did it but not helped
thanks very much for your answers -
@romanvekil User connecting but Bytes in is 0 there is not coming traffic from server
-
@romanvekil said in pfSense OpenVPN on VPS client not access internet:
User connecting but Bytes in is 0 there is not coming traffic from serverYes, I can see that the connection succeed as I mentioned. But 0 Bytes in is not really a good hint for what's wrong.
You will have to investigate your issue.I already requested you to find out if the DNS resolution is working on the client. I assume, the browser doesn't load any page. So simply type in "1.1.1.1" in the browsers to check if it works with IP directly.
Did you try a connection also from another client?
-
@viragomann yes it not working even if directly write ip to browser. and even ping to 10.8.0.1 not going only pinging it self
-
@viragomann
pfTop: Up State 1-24/24, View: default, Order: bytes
PR DIR SRC DEST STATE AGE EXP PKTS BYTES
icmp Out 10.8.0.1:57465 10.8.0.1:57465 0:0 04:07:57 00:00:10 110423 3202267
icmp Out 5.135.121.51:61483 8.8.8.8:61483 0:0 04:07:57 00:00:10 55840 1619360
udp In 217.174.225.106:15670 5.135.121.51:443 MULTIPLE:MULTIPLE 00:01:14 00:00:58 36 11077 -
@romanvekil
So there is a UDP connection to your WAN on 443 showing some Bytes.Possibly sniffing the traffic is more helpful using the packet capture tool.
You can for instance capture the traffic on the OpenVPN interface filtering for host 8.8.8.8 and ICMP protocol, while you try to ping 8.8.8.8. If you can see the ICMP packets sniff on the WAN and try again. -
here wireshark listening vpn interface form pc when connected
here is only one direction traffic from pc to vpn server but back nothing coming
even when i ping the 10.8.0.1 no answer
dns queries also no answers
-
@romanvekil said in pfSense OpenVPN on VPS client not access internet:
here wireshark listening vpn interface form pc when connected
Would like to know if you can see these packets on pfSense OpenVPN interface likewise. I suspect, you can't.
In this case, I'd recommend to tear down the OpenVPN server and start from scratch.
Have read some threads here in the past, where people complaining similar issues and never got it working.