How to get (strong)VPN thrue fire wall ? (I will pay for remote help (100 $))
-
You need to move your last LAN rule up to the top. Rules are matched from the top down, and the first rule that matches is the only one carried out (see the 'hint' at the bottom of the page). So right now your "Default LAN to any" rule is seen first and packets go out by the default GW from the routing table; nothing gets down to your strongvpn rule to be sent out by the strongvpn gateway.
Note if you only want some of your LAN clients to pass through the VPN, you can make an alias such as 'strongVPN_clients', and enter their IPs. Then use that alias for the source in your vpn pass rule.
-
Thx i am most definitely going to follow your advice. I will let you know how it works out.
-
Even if i put the lan rule first i can not connect to web pages. All connection are up and have an ip adress.
-
Sorry, no idea. Is there nothing suspicious in the logs?
-
There probably is. But my knowledge is limited….
-
Perhaps there is some one who wants to take a look at it remote, message me. Ofcourse i will pay you for effort. Somebody with skills should be able to make this work in 20 min or so.
I will pay you via payal, bitcoin what ever you want. I really want to have this problem solved.
-
This is probably an obvious question, but have you set the routing between your two LANs correctly? Your VPN connection could be up but if your hosts at either end don't know which way to route traffic to one another then you won't be able to communicate between the two points.
As a test, try pinging a host at one end of the VPN tunnel from a host at the other end. If they don't ping, try adding a route to each host to point back to each others' networks. For instance, if you have a network at site A with address range 192.168.1.0/24 and a network at site B with address range 10.10.1.0/24, with your pfsense firewalls at either end having addresses 192.168.1.1 and 10.10.1.1 respectively, you'll need to type something like 'route add -net 10.10.1.0/24 gw 192.168.1.1 metric 1' at the host in the 192.168.1.0 network, and 'route add -net 192.168.1.0/24 gw 10.10.1.1 metric 1' at the host in the 10.10.1.0 network.
Re-run the ping test if it failed the first time and see if that solves the issue.
-
I am just a client trying to connect to StrongVPN. I am not connecting 2 lan's.
Sorry if i understand you completely wrong.
-
Apologies - I should have read the previous posts more closely.
-
I will pay 100 $ for who will fix this problem remote.