OpenVPN fails after LAN IP address change
-
Running pfSense 2.1.
I had my test unit working perfectly with OpenVPN. Then I changed the LAN IP address. Now my OpenVPN clients can connect but can't get anywhere in the network. I even tried disabling all firewall Block rules.
Is this a cert authentication issue due to the IP change???
-
The OpenVPN server settings screen has a field to put "Local Network/s" - the old LAN subnet is probably in there, update it.
Thought: It would be nice if these fields allowed use of "LAN net" or an alias that contained a network/s. Then it can automatically generate itself when the LAN interface address or the alias is changed.
-
That's not it. Went from 10.10.0.x/16 to 10.10.4.x/16, so nothing should change.
-
Since I had done all of this virtually and had the foresight (for once) to take a snapshot before making my changes, I simply rolled back to my snapshot and carried on.
The moral of the story, for me anyway, is to make damned sure what your IP addresses are going to be before you install because changing them may break stuff.
-
Hi,
Did you check the OpenVPN firewall rules after you did the change?
Best regards
Kostas
-
I disabled them to make sure they weren't blocking anything.
-
Are you outbound nats auto or manual - if manual you would have to update them.
-
Outbound NAT was set to Auto.
-
did you restart openvpn after making the change?
-
Yes. Anyway, don't worry about it. I moved back to the old IP a few days ago, it's working fine ever since and I've moved on to other projects.