My OpenVpn Server is behind my Optimum Altice Router

Benhurharrison

Hi, This is my first time setting up a vpn and I'm having some problems contacting my server from a remote pfsense router. I've set-up both the client-side and the server-side using this guide here: https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-tls.html

After the initial boot when i check the status of my openVPN server the status is stuck on "Adding routes to system".

And Trying to ping the server from the client doesn't work even though both of the services has a green check.

Here are the logs after ending then restarting the server:

GENERAL:

Dec 22 19:56:34 php-fpm 652 /rc.start_packages: Restarting/Starting all packages.
Dec 22 19:56:33 check_reload_status 481 Starting packages
Dec 22 19:56:33 php-fpm 652 /rc.newwanip: Netgate pfSense Plus package system has detected an IP change or dynamic WAN reconnection - -> 10.0.8.1 - Restarting packages.
Dec 22 19:56:33 check_reload_status 481 Reloading filter
Dec 22 19:56:33 php-fpm 652 /rc.newwanip: rc.newwanip called with empty interface.
Dec 22 19:56:33 php-fpm 652 /rc.newwanip: rc.newwanip: on (IP address: 10.0.8.1) (interface: []) (real interface: ovpns1).
Dec 22 19:56:33 php-fpm 652 /rc.newwanip: rc.newwanip: Info: starting on ovpns1.
Dec 22 19:56:32 check_reload_status 481 rc.newwanip starting ovpns1
Dec 22 19:56:32 check_reload_status 481 Reloading filter
Dec 22 19:56:32 php-fpm 72197 OpenVPN PID written: 23702
Dec 22 14:56:32 kernel ovpns1: link state changed to UP
**END**

OpenVPN:

Dec 22 14:56:32 openvpn 23702 UDPv4 link remote: [AF_UNSPEC]
Dec 22 14:56:32 openvpn 23702 UDPv4 link local (bound): [AF_INET]192.168.1.132:1194
Dec 22 14:56:32 openvpn 23702 Socket Buffers: R=[42080->42080] S=[57344->57344]
Dec 22 14:56:32 openvpn 23702 /sbin/route add -net 192.168.20.0 10.0.8.2 255.255.255.0
Dec 22 14:56:32 openvpn 23702 /usr/local/sbin/ovpn-linkup ovpns1 1500 0 10.0.8.1 10.0.8.2 init
Dec 22 14:56:32 openvpn 23702 /sbin/ifconfig ovpns1 10.0.8.1 10.0.8.2 mtu 1500 netmask 255.255.255.255 up
Dec 22 14:56:32 openvpn 23702 TUN/TAP device /dev/tun1 opened
Dec 22 14:56:32 openvpn 23702 TUN/TAP device ovpns1 exists previously, keep at program end
Dec 22 14:56:32 openvpn 23702 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=mvneta0.4090 HWADDR=f0:ad:4e:1d:17:8f

I was wondering if it would matter if my netgate was behind a Optimum router and would i need to set firewall rules there for the VPN.

Any help would be appreciated!

viragomann

@benhurharrison
Nothing wrong to see.

I was wondering if it would matter if my netgate was behind a Optimum router and would i need to set firewall rules there for the VPN.

Of course you have to forward the OpenVPN UDP packets to pfSense WAN on port 1194. I assume, you did that already.

What do you get on the client?

Jarhead

@benhurharrison
Do you see your WAN address? 10.0.8.1, you don't receive a public address on your WAN because of the Altice router. Last I knew, they don't let customers into their equipment so you'll have to see if they will open the port for you. Good luck with that.
Better to use a vpn that can work through NAT.

Even better, buy your own modem and get rid of their router.

Benhurharrison

This post is deleted!

Benhurharrison

@jarhead Yeah it's definitely a problem with NAT, I tried logging into the router to change it and I couldn't even change the wifi password..