Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.4.0-Beta OpeVPN Wizard issues

    2.4 Development Snapshots
    3
    4
    1.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      PhlMike
      last edited by

      I have 2.4.0.b.20170629 and I ran the OpenVPN wizard, couldn't connect. So I went messing around and I noticed a bunch of issues. #1 it created the generic rule in the LAN section of the firewall rules instead of wan and with the LAN address instead of the wan address. I redid the wizard like 1/2 dozen times.

      I also try to force all the data through the tunnel and I have the openvpn rule correct, but when I connect I can't get any data anywhere. I can't ping anything internal or external and my DNS server won't respond.

      I had a IPSEC tunnel between my office and my house where the firewall is, so I even disconnected that and still nothing works.

      Any ideas?

      1 Reply Last reply Reply Quote 0
      • B
        behemyth
        last edited by

        If your force all the data through the tunnel, you also need to make sure you have the option set in the openvpn config to assign a DNS server to it when it gets an address from the DHCP pool, since it will need a DNS server internal to your network, and reachable from the VPN ip space.

        1 Reply Last reply Reply Quote 0
        • P
          PhlMike
          last edited by

          That is not my problem. This issue is a bug or non-reproducible quirk where the Wizard was doing the setup backwards and then just not working when corrected.

          I ended up doing a processor swap on that unit from a Core i5-3570 to a i5-3470, using the 3570 in my Debian workstation and I had gotten a water cooler for my main workstation which has an extreme processor and took this loud, ugly blue-led Intel Extreme tower cooler and put that on the firewall which is in the unfinished part of my basement where it can't be heard. I doubt my holiday decorations or my chest freezer will mind that roar. But I have a firewall where the processor idles at 27.0C. Of course on a 3rd gen i5, the CPU is ALWAYS idle.

          So while I was doing that, I reloaded it back to 2.3.4 and whatchdidja know it works perfectly. I highly doubt a slower processor and a larger CPU cooler and a 10C temp drop would make a difference which my OpenVPN. Mainly also because I need to run Openvpn on port 443.

          The IT guy at my church put in this Aruba wireless system and literally blocked every port except 80 and 443 almost but allowed UDP on 80 and 443. My comcrap internet blocks port 80 (only TCP), but doesn't block 443.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            The only way the rule could end up on LAN is if you selected LAN for the interface where the VPN should bind/listen. That's a manual option you would have had to set in the wizard. The code uses the selected interface specifically and does not make any assumptions about the interface name.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.