OpenVPN VM no longer working
-
Sometime in the last week my OpenVPN VM (no, I'm not use the built in PFSENSE Open VPN server, although that may change pending the results of this thread), stopped working.
The client connects and appears to be working, but when I attempt to browse out to the internet, it fails to load anything.
I rolled back to 2.2 and it works normally.
Any way someone can shine some light as to why this is happening, or ideas on where to look?
I have a rule that allows 443 (I'm only using the TCP option) out from my VPN server.
Thank you.
-
What is the reasoning behind running your own vm behind pfsense, to vpn into your network? It is much easier and cleaner to just run the openvpn on your edge, ie pfsense.
-
The VM I use was pre-pfsense.
At the time it was easier to just run a .deb installer package in the VM, and then open the port on the firewall.
I have no problem moving over to a pfsense instance of OpenVPN, I just have no idea how to do it and will have to find a guide. It's just easier right now to continue using the VM. However, if that's no longer possible I'll look into it. Will the pfsense instance of OpenVPN work with the iPhone client? On the iPhone, the app just navigates to my domain name and downloads a cert to import.
-
Well I think I figured it out… the pfsense admin page is currently accessible externally on my IP with 443, but I don't remember enabling this. And from what I can tell the options for this functionality are disabled. Maybe I'll just clean install.
-
So aside from don't do it that way, does anyone have any technical information as to why this is suddenly an issue? I can provide logs or what not if someone specifies. If I change the port to a random number, like 1400, it works.
-
Have no idea why it would of broke other than maybe you were using 443 for your web gui on 2.3 and not on 2.2?
I use the openvpn on pfsense with my iphone and ipad without any issues, and works on android as well. As to auto downloading, sounds like your using the access server vs community version. You will have to install the config on the phone to connect to pfsense openvpn, there is no web gui like access server.
-
I switched to standard http and still no go. At this point I'm ready to just throw the towel in and move to a different software vendor. I shouldn't have to dissect something so simple and it was working fine until this week.
-
Diag>States, filter on your WAN IP port 443. If your WAN's 1.2.3.4, filter 1.2.3.4:443. While you have something external trying to connect. What's that show?
-
I went ahead and just used the native pfsense implementation and retired the VM. It's now working. Thank you though for the help!
