OpenVPN up but no traffic passing
-
Unfortunately the distant end is a StrongVPN node so I have no way to do a dump on the other side. A co-worker is having the exact same symptoms but his worked fine before he upgraded to 2.0.3. I set mine up with 2.0.3 and it's never worked for me.
-
Unfortunately the distant end is a StrongVPN node so I have no way to do a dump on the other side. A co-worker is having the exact same symptoms but his worked fine before he upgraded to 2.0.3. I set mine up with 2.0.3 and it's never worked for me.
can you perhaps downgrade then to pfsense 2.0.2 ?
http://files.nyi.pfsense.org/mirror/downloads/old/
http://blog.pfsense.org/?p=694
"biggest" change could be the Version update:
- OpenVPN 2.2 stock again (Removed IPv6 patches since those are only needed on 2.1 now)
and
OpenVPN
* Clear the route for an OpenVPN endpoint IP when restarting the VPN, to avoid a situation where a learned route from OSPF or elsewhere could prevent an instance from restarting properly
* Always clear the OpenVPN route when using shared key, no matter how the tunnel network “CIDR” is set
* Use the actual OpenVPN restart routine when starting/stopping from services rather than killing/restarting manually
* Allow editing an imported CRL, and refresh OpenVPN CRLs when saving. [#2652]
* Fix interface assignment descriptions when using > 10 OpenVPN instances -
Have you done the Outbound NAT Rules ? It sounds to me that you missed that bit.
-
I won't have time to downgrade until later this week, but I will post the results once I do it.
Just out of curiosity, is there anyone out there that is running 2.0.3, connecting to StrongVPN (or any other commercial VPN provider) and routing traffic across it with no issues?
-
no Idea… In knew someone who uses in his old company https://www.overplay.net/ for VPN connections...
Perhaps you'll try an alternative to check if it's problematic only at StrongVPN.
So this is the reason you can open ticket to StronVPN that there is a versions conflict in their system and hope they fix it quick or you switch to the functional alternative. -
After update, my openvpn is not usable (connect and not passing most of the traffic), looking for instructions to downgrade. Using 3rd party and openvpn client.
-
Alright, I finally got the time to downgrade to 2.0.2 and I'm having the same results. I'll download 2.0.1 and downgrade even further tomorrow, but right now it's not looking good.
-
Hi all,
I'm stationed overseas and I'm trying to use pfSense with StrongVPN to access Hulu, netflix, etc. I've followed the steps outlined in forum.pfsense.org/index.php?topic=29944.0 and the VPN reports that it's up when I look at Status > OpenVPN. I've created an alias group to route only a few devices from my network out the StrongVPN connection and I've created firewall rules to handle the routing out. When I add my PC to that alias group I can't web browse at all and I'm also unable to ping the distant end virtual IP (i can ping the local virtual IP fine). Also, when doing a packet capture I can see my local virtual IP attempting to send traffic to the distant end with no response coming back. I thought it might be something with the StrongVPN server so I've already switched to a different server.
Has anyone run into problems like this in the past? Any help would be greatly appreciated!
I think I have the same problem as you. I am running pfsense 2.0.3. I followed several tutorials (swimminginthought one and the sticky one) and I still can not get it work properly as you mention. It is probably a question of openvpn version ?
-
Are you running automatic or static outbound NAT?
-
Hi Guy's,
I'm having similar issues with pfsense 2.0.3.
I'm using the OpenVPN Client software to setup a remote connection to my pfsense box and the VPN connection itself is up, some routes are being pushed to my client and I can ping the IP-address of the pfsense box itself.
But all traffic going through the VPN to the internal systems (like RDP, ICMP etc.) are not passing through. When doing a Wireshark on the RDP-server and tcpdump on the pfsense box I see that the traffic is coming in via the VPN to the firewall, but not going out of the firewall to the RDP-server. Wireshark is not showing any incoming packets from the VPN client.
So it seems that there maybe is a routing issue or that all VPN traffic is beeing blocked somehow.What I found out is that when configuring a clean pfsense 2.0.3 box the VPN connection is working and traffic is passing through to my RDP-server. But after rebooting the pfsense box, it does not work anymore.
So something changes after rebooting the box.To answer on Kejianshi, i'm using automatic Outbound NAT Rule generation
Regards,
Cedric.