Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Internet Stops when Open VPN Connected

    Scheduled Pinned Locked Moved OpenVPN
    12 Posts 3 Posters 1.7k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      stevencavanagh
      last edited by

      Hi,

      I have set up OpenVPN and I can happily log in remotely from my phone, Ipad etc. and access NAS, shared drives, Pfsense GUI but that is all.

      If I log on to a remote wifi for example with Internet then as soon as I connect OpenVPN then I lose Internet, which needless to say is a problem.

      Can anyone point me in the right direction here? I assume I am right in thinking that once I connect via OpenVPN remotely then I should have Internet through my home network.

      Steve

      1 Reply Last reply Reply Quote 0
      • P Offline
        Popolou
        last edited by

        Assuming you have it configured to route all traffic over the tunnel when the link is up, you probably haven't got the outound NAT configured yet to route any connected client on the OpenVPN subnet out over the local internet connection.

        Check in Firewall > NAT > Outbound.

        S 1 Reply Last reply Reply Quote 0
        • S Offline
          stevencavanagh @Popolou
          last edited by

          @Popolou

          I have 2 rules in the NAT outbound on the WAN interface. One sending any data from the VPN to port 500 and the other sending any data to any where.

          1 Reply Last reply Reply Quote 0
          • S Offline
            stevencavanagh
            last edited by

            One other point to note not sure whether it is set to local internet or tunnel, think tunnel from the settings, could be wrong though!

            The local internet dies as soon as the VPN connects.

            V 1 Reply Last reply Reply Quote 0
            • V Offline
              viragomann @stevencavanagh
              last edited by

              @stevencavanagh said in Internet Stops when Open VPN Connected:

              The local internet dies as soon as the VPN connects.

              Is this even what you want?
              Do you want to force all upstream traffic over the VPN, or do you only want to get access to the remote site?

              Is internet access even allowed by the firewall rules?

              If you want internet over the VPN, ensure that it's not a DNS issue.
              Just try to ping 1.1.1.1 or 8.8.8.8 to check this.

              S 1 Reply Last reply Reply Quote 0
              • S Offline
                stevencavanagh @viragomann
                last edited by

                @viragomann

                To be honest, I am not bothered whether I continue to use the local internet or mine at home but at the minute I get neither when OpenVPN connected

                V 1 Reply Last reply Reply Quote 0
                • S Offline
                  stevencavanagh
                  last edited by

                  I believe the firewall rules allow Internet access. Not tried pinging 1.1.1.1 etc yet. Can ping via Pfsense (connected via OpenVPN). Not sure how to ping from Ipad, will need to look that one up

                  1 Reply Last reply Reply Quote 0
                  • P Offline
                    Popolou
                    last edited by

                    Post up your config otherwise it is just shooting in the dark.

                    S 1 Reply Last reply Reply Quote 0
                    • S Offline
                      stevencavanagh @Popolou
                      last edited by

                      @Popolou Will do when I get back to lodge!

                      1 Reply Last reply Reply Quote 0
                      • V Offline
                        viragomann @stevencavanagh
                        last edited by

                        @stevencavanagh said in Internet Stops when Open VPN Connected:

                        To be honest, I am not bothered whether I continue to use the local internet or mine at home but at the minute I get neither when OpenVPN connected

                        You should clarify that with yourself before you set up a VPN, however. This makes some difference in configuration.

                        S 1 Reply Last reply Reply Quote 0
                        • S Offline
                          stevencavanagh @viragomann
                          last edited by

                          @viragomann said in Internet Stops when Open VPN Connected:

                          @stevencavanagh said in Internet Stops when Open VPN Connected:

                          To be honest, I am not bothered whether I continue to use the local internet or mine at home but at the minute I get neither when OpenVPN connected

                          You should clarify that with yourself before you set up a VPN, however. This makes some difference in configuration.

                          Ok, I wanted to send all traffic through the VPN. However, I do not remember when following the guide months ago whether it gave an option or not.

                          V 1 Reply Last reply Reply Quote 0
                          • V Offline
                            viragomann @stevencavanagh
                            last edited by

                            @stevencavanagh
                            As far as I know, it does. If you choose to direct all upstream traffic over the VPN "redirect gateway" should be set in the server, which might be the case, since you cannot access the internet.

                            Then need an outbound NAT rule to masquerade the internet traffic from the VPN client. You mentioned above, that there are outbound NAT rule. Ensure that the source is the OpenVPN tunnel network in the additional rules, apart from the rules for LAN subnet.

                            And also you should provide a DNS server to the clients. This can be a local or a public one, but ensure that access is allowed.
                            If you provide the local DNS resolver, maybe you need to add the tunnel network to its ACLs. Access should be allowed automatically, but this doesn't ever work.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.