OpenVPN client will not connect outside local network
-
@jaspery Thank you for the feedback. I will retain this info as I am sure that I will run into another obstacle in my quest for the ideal vpn setup. Do you have any other lessons learned or advice from your journey you can share?
-
PS...Other than in the firewall and OpenVPN status logs I see no other indication that someone is connected. When I open status>system logs>openvpn I see no client connections is this status for clients accessing my server or my pfs instance of openvpn connecting to a vpn server? Also under vpn>openvpn>clients I see no openvpn clients either. Thanks.
-
@lpd7 I've been using OpenVPN on pfsense for connecting to my home network for quite some time already (like 8-10 years), I've reinstalled it handful of times and it always worked normally after I followed standard pfsense's guide. An incident few weeks ago was a first time I had to go into advanced settings to play with MTU, that is why it took me couple of days to debug an issue. And in official guide, MTU thing is mentioned in a vague manner, so it is really hard to understand if I run into this exact issue or not, and how exactly to fix it. Other that that I don't really have any specific tips, since it's always worked for me from the box.
-
@jaspery What resource do you rely on for setting this up? I never went through the process of setting up a client as the video I used didnt go that route, it only had me setup a CA and a user cert with the credentials I use to log in which may be why nothing shows up under the vpn/openvpn/clients window when I am logged in. There is so much to configure (must have and nice to have) that its hard to visualize the "process flow" which is what I usually leverage when troubleshooting. Seems there are many ways to set it up and few resources that address the nuances for each. I am happy its currently working but I know its only a matter of time before something sends me back to square 1. Also I cant access everything on my network and am now trying to figure that one out.
-
@lpd7 Well, just last week I set up it from scratch at home. I have fairly standard network with 1 WAN and multi LAN. I just followed instructions here: https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-ra.html
Made adjustment to reflect my network IP addresses and that was basically it, didn't do any crazy adjustments. Authentication: local user access ( since I only need 1-2 users).
And as described at the very end of the article Added User with the certificate and used OpenVPN Client Export Package to export profile for an iPhone.
and forget to mention, I ran again into MTU issue so I applied a fix for it.
-
@jaspery Do you see the client connection in any of the status windows within pfs? I am wondering why I dont see my client device anywhere in vpn/openvpn/clients or status/openvpn. The only place I see any indication I am connected is in status/system logs/openvpn and am trying to find out if this is normal. Have been digging through Netgate docs but havent seem to get the answer I think I am looking for. If I open this up to others here to use the vpn it would be nice to have a quick way to see who is connected.
-
@lpd7 said in OpenVPN client will not connect outside local network:
vpn/openvpn/clients
This page is for setting up OpenVPN clients. It doesn't show connected clients.
But you should see each connected device in Status > OpenVPN.
What does this page show? -
@viragomann Thanks for that info. I guess one part of my question is since I have a user account why isnt it listed in vpn/openvpn/clients? I am assuming "client" is a configured user who can access my server.
As for status I am currently connected via my phone (cell data) and there is nothing listed in status/openvpn.
Appreciate your feedback.
-
@lpd7 said in OpenVPN client will not connect outside local network:
I guess one part of my question is since I have a user account why isnt it listed in vpn/openvpn/clients? I am assuming "client" is a configured user who can access my server.
I should be more clear. pfSense can act as an OpenVPN client as well. And this page is for setting up a client to connect to another OpenVPN server.
As for status I am currently connected via my phone (cell data) and there is nothing listed in status/openvpn.
What do you see on the status page?
There should be a section for your server. Check if it's the correct name you've stated as description in the server settings, and it status should show a green check:
-
@viragomann I have a client currently connected and nothing shows up in the status window. This seems pretty simple cant understand why there is no records of clients.
-
So can anyone provide suggestions as to why when I am connected to my PFS box via open vpn client that I do not see the connection listed in the status>openVPN screen?
