Pfsesne 2.7.0 OpenVPN Client connected, RDP Work OK BUT no internet access
-
@Unoptanio
So you provide public DNS servers. However, this has nothing to do with the DNS settings in pfSense. You could also provide any other server in the VPN.Normally the client pulls these settings and use the stated DNS servers, when the connection is established.
If you don't route them over the VPN, the client should access the DNS servers over its own upstream connection.
So I assume, there is an issue on the client side. Maybe the clients log give hints about the problem. -
https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-route-internet-traffic.html
I'm reading this article but I don't understand how to fix my problem.
It seems to me that once you connect to the VPN there are two possibilities to use the internet:
-
use the local internet connection of the client PC
-
use the internet connection of the remote tunnel VPN server
I use VPN to use RemoteDesktop safely. But I would also like to use the browser on my client pc using the connection of the local client pc or possibly with that of the remote server via the vpn tunnel.
Currently every time I want to use the browser and email I have to disconnect from the vpn
I made this setting.
But it doesn't solve the problem:
-
-
RESOLVED!!!!!!
I've gone crazy.
Enabling this item now works. I can access the internet (browser, email, etc) on the remote client pc while they are also connected in VPN with Remote Desktop
-
Tested by checking the public ip.
On the remote client pc, the internet goes out with the local connection of the pc and not with that of the remote OpenVpn tunnel.Do you know if it is possible to get it out with the remote VPN tunnel connection?
IPCONFIG in client pc:
-
@Unoptanio
Go into the OpenVPN server settings and add a check at "Redirect gateway".However, this also needs an outbound NAT rule on WAN for the source of the tunnel network. If you went through the wirzard, pfSense might have add it automatically, otherwise set outbound NAT back to hybrid mode and add the rule manually as you had it before.
-
-
-
@Unoptanio said in Pfsesne 2.7.0 OpenVPN Client connected, RDP Work OK BUT no internet access:
if i check redirect ipv4 gateway then disappear ipv4 local network
Yes, this is not needed anymore in this case.
It pushes the route for the local networks to the clients. Redirect gateway pushes the default route, i.e. any traffic is routed over the VPN. -
-
The crucial setting that didn't make the internet work on the local pc but only the VPN was this
-
Performance:
Test speed under remote server openvpn on firewall pfsense: (1Gb optical fiber)
Test speed in remote pc client with OPEN VPN ON with internet routed on the remote server .......shouldn't it go faster?
Test speed in remote pc client with OPEN VPN OFF with internet on local PC
-
I propose : replace these :
with
where 192.168.3.1 is your tunnel IP, 10.10.94.1
If you unbound settings are default, you're good :
(All includes my OpenVPN server called SVPN)
as unbound also listens on 10.10.94.1, the OpenVPN server IP on the pfSense side.
Why ? Now you can use local URL/host names like server.XXXXpfSense.homa.arpa to join a RDP session on "server" on your LAN.
8.8.8.8 and others don't know anything about your local devices ;)No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
HI,
that's what I've been trying to do for the last few hours. but at the moment I haven't succeeded yet.
I would like to use the computer name in RDP sessions instead
of the IP addressRDP session using PC NAME not work.
RDP session using ip address of PC work OK.
i changed the pfsense config like you saids:
-
I find this in "services", "DNS RESOLVER?"
I have not added the OPENVPN server in the interfaces.
and consequently does not appear in the DNS resolver list.
-
@Unoptanio
dou you have set firewall rules for the OpenVPN connection? -
@slu
the openvpn wizard entered them automatically
pfSensePlus24.03 2U BareMetal Asrock Industrial IMB-X1314MicroATX
CPU: i7-13700@5.2GHz, RAM:32GB ECC, n°2 Samsung 870EVO SATA 2.5” SSD 1TB (ZFS) Raid1
n°3 Intel i225-LM 2500/1000/100Mbps, n°1 NIC Intel i350-T4V2 10/100/1000 Mbps 4*GLAN, n°1 Intel X520-DA2 -
@Unoptanio said in Pfsesne 2.7.0 OpenVPN Client connected, RDP Work OK BUT no internet access:
the openvpn wizard entered them automatically
no I mean internet access from your VPN client over the VPN into WAN.
That was your question, or? -
Observe :
As soon as you connect, the right number will raise.
The left number will show the number of open states, so bigger then 0.This means traffic comes in ....
Do you see the same ?
To hit your perfect OpenVPN server Firewall rules :
as these are all pass rules (for me : IPv4 and Ipv6) traffic can get everywhere.
Take note : the counter in front of the rules : do they go up ?If you were connecting to some device on LAN, then the traffic would get routed out to the LAN interface, and then it really try to reach that device ....
Suspense : will this device (its firewall ?) accept this traffic
You can do a packet capturing on the LAN interface, as you know the destination IP, and destination port, and protocol used (UDP ?)
Do you see it ? -
latest updates and tests:
I added a specific OPEN_VPN interface that I didn't have before
here the numbers turn, there is traffic when there are rdp sessions
The problem:
RDP work only with IP address of the pc
if i use PC name not working
-
@Unoptanio said in Pfsesne 2.7.0 OpenVPN Client connected, RDP Work OK BUT no internet access:
I added a specific OPEN_VPN interface that I didn't have before
This Open_VPN is assigned to the OpenVPN server instance ?
Like this (my OpenVPN server ) :
?
Then you have probably an issue.
RDP is mostly, if not all, UDP based. Your firewall rule only permits IPv4-TCP and blocks IPv4-UDP.As proposed : time to do some : Diagnostics > Packet Capture
Btw : read also : Cannot connect with RDP via openVPN for some out of the box thinking ;)
