Pfsense openvpn 3g not working
-
pfsense 2.0 rc3 6/21/2011
i'm trying a setup of:
internet <> OPT1 <> pfsense(openvpn) <> LAN
OPT1 is hooked up to a huawei e220 3g usb modem
everything is working ok, LAN side can access internet.
however, openvpn doesn't seem to work, i've been digging around and my guess is that the dynamic ip addresses is somehow killing the initial handshake.
am using dyndns
for example, opt1 is currently displaying 10.117.79.195 while dyndns is showing 180.194.242.221, is there a way to link these two addresses?
i'm new to this and wondering if there is something or some parameters that i don't know about that can make this work?
tia
-
That means your OPT1 interface has a private IP address, whatever is in "front" of it (probably an ISP-side router doing NAT) would have to forward the OpenVPN traffic in to your OPT1 IP. Seeing as you likely don't have control of that, your ISP probably isn't going to forward anything in to you. They may have another service tier you can upgrade to which includes a direct IPv4 address that does not sit behind NAT. Some telcos here bill that as a corporate/VPN service.
-
thanks much for the info, was thinking that i missed some parameters in my setup.
-
re same setup, i was looking at the logs and saw this openvpn log and i haven't been playing with openvpn at that time; am the only one with the keys etc etc (i hope); is there something triggering this?
thanks
-
That is just the server starting up twice. If you edited/saved the settings it would do that, or if your WAN reconnected it would do that.
-
thanks, learned something today :)
-
jimp,
been thinking about your reply re private ip address on the OPT1 and the "outside" ip being NATted and not forwarded by the ISP;
-
in my case, pfsense "knows" the outside ip since it is running the dynamic dns service
-
is there a way to pass this ip address to the openvpn service?
thanks
-
-
It knows the IP because it queries an outside service to figure it out.
It doesn't matter if OpenVPN knows the IP or not, whatever actually has that IP would have to forward incoming traffic to your pfSense firewall's IP in order for it to work.
-
thanks much
