VPN client
-
@antibiotic said in VPN client:
Negative sir, any tutorial?
You should ask this you VPN provider. Normally he should provide set up tutorials for certain clients.
Yes, an outbound NAT is needed. If you want to get details here, please come with your related settings first.
-
@viragomann My settings here but not working :
-
@antibiotic
This outbound NAT rule covers only access from pfSense itself. You need also one for your local network.So copy it by clicking the button at the right and change the source in the new rule to your LAN network 192.168.10.0/24.
-
@viragomann did but not working
-
@antibiotic said in VPN client:
did but not working
What does this mean?
No access to the internet?
Wrong WAN IP?Please give details!
-
@viragomann I have internet but , IP checking show me my real IP address not a VPN address.
-
@antibiotic
Please post Status > Gateways.
You may hide your WAN gw. -
-
@antibiotic
Well, the VPN gateway is not the default gateway. I assume, the connection is established, so there must be something wrong in the VPN client settings.
Can you post the "Tunnel Settings" section, please? -
-
@antibiotic
Remove the check at "Don't pull routes". It prohibits that the client can set the default route to the VPN provider. -
@viragomann Ops now start working))) Thanks you for assistance. But default gateway still my ISP provider( Status gateway), is it normally? Second question can I use squid proxy with VPN client for caching web or will not any profit or will not work? Should I remove in firewall LAN settings rule (Default allow LAN IPv4 to any rule)
-
@antibiotic said in VPN client:
But default gateway still my ISP provider( Status gateway), is it normally?
I think so. As far as I know, the default route is splited into two parts from OpenVPN, 0.0.0.0/1 and 128.0.0.0/1. So it's not determined as default route by pfSense.
See Diagnostic > routes
Second question can I use squid proxy with VPN client for caching web or will not any profit or will not work?
I don't use squid, so don't know. But I think, why not, it should be doable.
-
@viragomann Should I remove in firewall LAN settings rule (Default allow LAN IPv4 to any rule)
-
@antibiotic
Don't know, whats the suppose of your "local subnets" alias.
At the moment the default allow rule would pass any traffic with different source than "local subnets".A different source could be the case if you have a router within your local network like a VPN endpoint, which passes traffic trough.
But where will it get to? Since you obviously have a single LAN subnet, which might be included in the local subnets alias, the traffic could be go to the WAN or VPN at its best, but would fail then, since it is not natted (Outbound NAT source).
