Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    issues wth openvpn client connectivity

    Scheduled Pinned Locked Moved General pfSense Questions
    20 Posts 2 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gdp7 @stephenw10
      last edited by

      @stephenw10 curl, pfsense upgrade, unbound, openvpn, and dhcp

      i have PL downloaded but cant seem to bring up the menu through command on terminal

      i am not exactly sure what OS my router is using? but no only for pfsense wan.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Ok, yes it should be safe to accept those upgrades. Though that's only 5 not 8?

        Did you enable SSH in pfSense?

        If you're unable to connect you can upgrade those packages at the gui command prompt using: pkg-static upgrade -y

        If you are not using the ISP router to do anything but pass traffic to pfSense then you don't need it to filter anything. You could just set the security to low. It doesn't matter since pfSense is filtering everything anyway.

        G 1 Reply Last reply Reply Quote 1
        • G
          gdp7 @stephenw10
          last edited by

          @stephenw10 the other 3 are additional dhcp, openvpn client export and pfsense pkg ovpn.

          just did right now, thank you. so it should be safe to update?

          i am using a vpn server configured with openvpn not sure if i should have specified that but when its set on low it seems the vpn is not effective?

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            What VPN server are you using? Some commercial provider?

            The ISP router does nothing in that setup except potentially block the client from connecting out to the server.

            G 1 Reply Last reply Reply Quote 0
            • G
              gdp7 @stephenw10
              last edited by

              @stephenw10 yes, commercial provider.

              i get regular speeds with the setting on low and low vpn speeds with the settings on high?

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                Oh so it still connects just passes traffic slowly?

                Either way you don't need any security on the ISP router when all your client machine are behind pfSense.

                G 2 Replies Last reply Reply Quote 0
                • G
                  gdp7 @stephenw10
                  last edited by

                  @stephenw10 correct

                  interesting. maybe i misconfigured some setting

                  1 Reply Last reply Reply Quote 0
                  • G
                    gdp7 @stephenw10
                    last edited by

                    @stephenw10 would a firewall floating rule to block tagged traffic from using wan be all i need?

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      To do what exactly? What are you are trying to achieve?

                      G 1 Reply Last reply Reply Quote 0
                      • G
                        gdp7 @stephenw10
                        last edited by gdp7

                        @stephenw10 all traffic go through vpn servers. security being top priority

                        1 Reply Last reply Reply Quote 0
                        • stephenw10S
                          stephenw10 Netgate Administrator
                          last edited by

                          OK well that's all in pfSense, it has nothing to do with whatever the ISP router is doing.

                          Yes, you could use a floating outbound rule to prevent unencrypted traffic leaving the firewall via the WAN. Commonly that is done by removing the NAT rule on WAN so only traffic via the VPN is NAT'd.

                          G 1 Reply Last reply Reply Quote 1
                          • G
                            gdp7 @stephenw10
                            last edited by

                            @stephenw10 thank you very much. i will look into all this

                            1 Reply Last reply Reply Quote 1
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.