NO_TRAFFIC:SINGLE?
-
I'm on a linux client trying to connect to an OpenVPN server that has two public interfaces – all connections to the server go in on one IP and come back on another IP.
The linux client is behind a 3 firewalls:
1. Internal DLINK wireless firewalll/router
2. Internal Linksys/Cisco firewall/router
3. External pfSense firewall/routerTo simplify things somewhat, I have temporarily disabled iptables on the linux client.
The server's logs show the client trying to connect, and pfSense's state table shows the server responding from its outgoing public interface/IP:
udp SERVER_INCOMING_IP:1194 <- LINKSYS_WAN_IP:36386 NO_TRAFFIC:SINGLE
udp LINKSYS_WAN_IP:36386 -> PFSENSE_WAN_IP:47561 -> SERVER_INCOMING_IP:1194 SINGLE:NO_TRAFFIC
udp PFSENSE_WAN_IP:47561 <- SERVER_OUTGOING_IP:1194 NO_TRAFFIC:SINGLEWhat do I need to do to get this working?
Thanks.
-
You could run the OpenVPN server on the LAN interface and forward the ports from both WANs.
Now the NAT should ensures that the outgoing packets leave via the correct WAN. -
The OpenVPN server is running on a remote Internet server – I'm trying to connect to it from a linux client on a LAN that uses pfSense as its external-facing router/firewall. I'm not sure I follow what you're saying.
-
Ah ok, i was under the impression that the server is running on a pfSense.
Do you control the server?
Because if it reply has a different source IP than what you connect to, there is not much you can do to get it working.