Problem configuring OpenVPN connection as a Gateway
-
is this pfsense behind another nat?
Your default gateway has address 192.168.3.1Can you have your internet connectivity back by disapling that opt2 interface?
-
Yes. My default gateway 192.168.3.1 was a router (NAT enable) and if I disable OPT2 (VPN) or just disable OpenVPN connection I will have internet connection back on all LAN PC.
-
I'm having working openvpn connections without interface. Do you need to assign rules for vpn usage?
But ofcourse it's not the meaning that it can't work with interface -
I am planning to let certain LAN PC to access through VPN and other going directly to normal WAN gateway or maybe only certain ports forwarded through VPN while other to normal WAN gateway.
Anyway can share on how to use OpenVPN connection without interface? I have success making an OpenVPN connection working but bumped on a wall on how to use it. pfSense box itself can use the VPN connection but can't share the connection to connected LAN PC.
Thanks in advance.
-
Yes it's easy to share that knowledge
-
create openvpn server
-
create users for it
-
export user settings with installing package
-
install package to client computers
-
hard usage
Are you trying to have routing with vyprvpn or something similar? If that is the case, please use search here is someone else also who've done it with success
-
-
I am actually doing the other way around. pfSense box was an OpenVPN client connecting to a server outside the WAN. Then I would use the OpenVPN connection as an interface and direct traffic from LAN to it (established OpenVPN connection).
-
Ok, that's something what i've not accomplished yet. had no devices enough to test that –> someone else has to answer
-
Thanks Metu69salemi. At the mean while I am going to keep on testing. Next I would disable server push route (push "redirect-gateway def1 bypass-dhcp") on my VPN server and manually route traffic to the VPN connection and hoping to get positive result.
-
I still can't send traffic from LAN to VPN (client) connection establish in pfSense even disabling OpenVPN server push route. But pfSense box itself can utilize the connection (VPN) properly. Anyway is there any difference between the 2 ifconfig below as I found pfSense was difference from my Ubuntu box.
in Ubuntu
Tue Aug 9 00:40:27 2011 /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500In pfSense
Aug 9 00:43:06 openvpn[59781]: /sbin/ifconfig ovpnc1 10.8.0.30 10.8.0.29 mtu 1500 netmask 255.255.255.255 upThanks in advance.
-
I got the OpenVPN running as an Interface (WAN). All the trouble was on the OpenVPN server site. Although I wasn't setting up site-to-site OpenVPN network but I was still required to route pfSense box LAN subnet to the OpenVPN server. Thanks to http://forum.pfsense.org/index.php/topic,12888.0.html.
Solution,
OpenVPN Server configuration /etc/openvpn/server.conf
1. Enable "client-config-dir ccd"
2. Add "route 192.168.1.0 255.255.255.0" (my pfSense box IP was 192.168.1.1 and all other LAN PC IP was behind)
3. Add "iroute 192.168.1.0 255.255.255.0" to /etc/openvpn/ccd/client8 (client8 was the Common Name of my client certificate)
4. Restart OpenVPN.
5. WAOLA…..Enjoy.Take me a week to just a simple task. Hope this may help other people that are going to configure the samething. And thank for everyone that helping me out.