Routing all traffic through VPN
-
Yes it should work (that's how mine works) assuming you have written firewall rules to pass the traffic from your OpenVPN Server to your LAN (or whatever subnet you are trying to access). Which I assume you do since it works on other networks.
Is there anything of interest in your logs during the times you are on the wifi network in question? Either on the server or the client side?
I'll have to check the logs. I used the OpenVPN wizard which is supposed to create the firewall rules automatically. The strange part is that it works on the cell network flawlessly.
-
Well I don't think the wizard will make sure that you can access devices on a different subnet. But yeah if it works on cell then it should work all the time. Unless your in law's wifi (or their ISP) is blocking your VPN providers IP.
-
Well I don't think the wizard will make sure that you can access devices on a different subnet. But yeah if it works on cell then it should work all the time. Unless your in law's wifi (or their ISP) is blocking your VPN providers IP.
There is no VPN provider IP, it's all run internally. So comcast would have to be blocking comcast…
-
ah yeah sorry, I blanked and was thinking VPN client, not you running your own server off pfsense.
-
Haven't had a chance to look at logs yet but any other ideas as to what is going on? I'm stumped.
-
Eh, firewall rules on the wifi network in question? Limitation of a crappy home router with some weird bug that doesn't play well with your VPN? Maybe the router is blocking RFC 1918 traffic?
If your configuration is working everywhere but that one wifi network then I would bet that it's an issue on that network and unless you can troubleshoot it there's probably nothing to be done.
If it's an issue on other networks then hopefully you can find the issue in the logs.
-
Eh, firewall rules on the wifi network in question? Limitation of a crappy home router with some weird bug that doesn't play well with your VPN? Maybe the router is blocking RFC 1918 traffic?
If your configuration is working everywhere but that one wifi network then I would bet that it's an issue on that network and unless you can troubleshoot it there's probably nothing to be done.
If it's an issue on other networks then hopefully you can find the issue in the logs.
I tested at a coffee shop and was successful although their subnet was different. Need to do a bit more testing but it's either the in-laws setup or subnet. I need to figure out which to troubleshoot more.
Thanks again!
-
No worries, I wish I could have been more helpful. Just guessing and really don't know if it applies to this, but does the subnet you are trying to access on your network have the block private network and loopback address box checked at the bottom of the page for the interface?
-
No worries, I wish I could have been more helpful. Just guessing and really don't know if it applies to this, but does the subnet you are trying to access on your network have the block private network and loopback address box checked at the bottom of the page for the interface?
No, neither of those are checked on the LAN interface. They are, however, checked on the WAN interface. Should they be on either/both or none?
-
No that's how it is supposed to be.
-
Maybe try turning on logs for your firewall rules, noting the times that you are having trouble connecting and then come back and check your logs in that period.
It's possible that there's a firewall rule somewhere that has an issue with some of the IPs your trying to connect from? But that would be weird. The only networks that I haven't been able to connect to my server from have been ones run by someone actively blocking most of the internet by whitelisting.
Hopefully someone smarter than myself can come in with some advice.
-
me think…
you get the same 192.168.X net at your inlaws as you have at home...
" in vpn route all traffic" does not mean you dissapear from local LAN ( you still reach LOCAL LAN so you.. "get stuck in there" with your traffic.. you never Leave their LAN to reach yours... because of the use of same NET numbers )my suggestion is that you at YOUR home use a 192.168.X net which is not common as a default net ..
common deafult net in home routers:
192.168.0.0/24
192.168.1.0/24use 192.168.100.0/24 at your home instaed
rgrds Johan