Can connect with Tunnelblick but can't ping…

mircsicz

Hi all,

last week I replaced our Officerouter, which was based on wrapcop (IPCop ported to wrap) with pfsense. I'm fine with pfsense, I thought about the migration for a long time, and have read a lot about it…

But there are two unsolved things: I don't know how to create a firewall rule to send all Port 80 traffic, except the one from the proxy, to port 3128 on the proxyhost...

But the one bugging me much more is that I can't get openvpn to work. I can connect to the VPN but I can't ping...

Here is the config:

office.ovpn

#OpenVPN Server conf
tls-client
client
pull
dev tun
proto udp
tun-mtu 1400
tun-mtu-extra 32
remote xxx.de 1194
ca ca.crt
cert macbook-pro.crt
key macbook-pro.key
cipher AES-128-CBC
comp-lzo
verb 4
ns-cert-type server

openvpn_server0.conf

writepid /var/run/openvpn_server0.pid
#user nobody
#group nobody
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
dev tun
proto udp
cipher AES-128-CBC
up /etc/rc.filter_configure
down /etc/rc.filter_configure
client-to-client
server 10.0.115.0 255.255.255.248
client-config-dir /var/etc/openvpn_csc
lport 1194
ca /var/etc/openvpn_server0.ca
cert /var/etc/openvpn_server0.cert
key /var/etc/openvpn_server0.key
dh /var/etc/openvpn_server0.dh
comp-lzo
persist-remote-ip
float

I'm using tunnelblick 3.0b9 on a MacBook-Pro running 10.5.5:
Darwin macbook-pro.bad-nauheim.xxx.de 9.5.0 Darwin Kernel Version 9.5.0: Wed Sep  3 11:29:43 PDT 2008; root:xnu-1228.7.58~1/RELEASE_I386 i386 i386

I hope u can give me a hint how to get it to work! I'll do another try when I'm back home, and will then post the logs off this try here…

Greetz
Mircsicz

mircsicz

Answering myself:

If you don't set a LAN rule as described in the following thread, it won't work:

http://forum.pfsense.org/index.php/topic,7840.0.html

After adding the LAN rule all is fine… I added only the WAN rule which was one to less!!

Greetz
Mircsicz