Accessing GUI over OpenVPN
-
I've read the other posts about accessing the GUI using the tunnel IP. My question is slightly different.
I've got my LAN setup as 192.168.0.* and my OpenVPN network as 192.168.100.*. OpenVPN routing is working great in all respects except accessing the WebGUI. I can access any other device on the LAN through VPN without issues.
My pfsense router has the creative name "firewall". This resolves to 192.168.0.1. From a VPN client I can SSH to "firewall" with no issues, but I cannot load the WebGUI. I have determined, however, that I can access the WebGUI at 192.168.100.1 as discussed in other posts.
Is there some solution on the DNS side where I can have OpenVPN clients resolve the FQDN of my firewall to the 192.168.100.1 address instead of 192.168.0.1? A DNS entry push?
-
@davek79
I think, I just had a déjà vu. Or did you post this already some days in the past?My pfsense router has the creative name "firewall".
So you want to access pfSense by the host name?
Did you provide the DNS server in the OpenVPN settings?What exactly do you get in the browser?
You will also have to state also the domain. The VPN clients are typically within other search domain, so if they request a host outside they need to use an FQDN.
-
@viragomann I posted the same request on Reddit the other day. Maybe that's where you saw it.
My OpenVPN server pushes my domain for search requests. I have the same namespace for VPN clients and LAN devices, so the DNS server returns 192.168.0.1 for searches from either network.
My issue is I either need the DNS to return 192.168.100.1 to VPN clients somehow, or have the web GUI on 192.168.0.1 to reply and route to the VPN clients
-
@davek79 said in Accessing GUI over OpenVPN:
have the web GUI on 192.168.0.1 to reply and route to the VPN clients
This should be given anyway.
So you say, if you enter 192.168.0.1 into the browsers address line (with https if needed), the page doesn't load?
If you can access other IPs in 192.168.0.0/24 and you have a rule on the VPN interface to allow webGUI access, I'd expect, that it would work.
So what do you get in the browser?
Did you try another? -
@viragomann yes, I'm able access anything else on the 192.168.0.0/24 network with no issues from an OpenVPN client. However when I enter HTTPS://192.168.0.1 in a browser, the GUI doesn't respond and the attempt times out. Tried various browsers and devices. pfsense does, however, reply to pings to 192.168.0.1 and I can access SSH with the 192.168.0.1 address.
-
@davek79 , I m also facing the same issue. I cant access the web gui of the pfsense server from client site via site to site tunnel. I can access all other resources on the server side from the client side. But the servers web gui is not working.
-
@vishnucr3000 I find it to work intermittently. Sometimes a reboot makes it work for a while. I'm not sure if some weird state gets created that's interfering... I'm no closer to a solution either.
-
@davek79 What happens if you go to Firewall, Rules. Then select the OpenVPN network. At the top of the table put in a pass rule to go to 192.168.0.1. That's what I have and I have no issues at all reaching the GUI.
-
@jeff3820 I have that already. No joy. Tried it on the VPN network for 192.168.100.1, also no joy. It seems to be more of a routing issue. It's pretty hard to track down since it's sporadic
-
@davek79 I’d try to kill all states and let Pfsense rebuild the state table. I believe a restart would do the same thing. If that doesn’t resolve it then you’re going to have to start posting info. Your OpenVPN rules and OpenVPN settings.