Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsesne 2.2 OVPN Problems

    2.2 Snapshot Feedback and Problems - RETIRED
    2
    5
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yudyheck
      last edited by

      Been using OVPN for quite a while with pfsense with no problems. So much so i've done a fresh install at my home now. I am unable to connect to my OVPN home setup.

      I have a OVPN client setup connecting to ipvanish with manual outbound nat. This is working great.

      My server to client setup is not working OUTSIDE the network. I can connect to my server no problems within my internal network…

      I have the proper rule on the wan interface

      IPv4 UDP * * WAN address 1194 (OpenVPN) * none OVPN

      The firewall doesn't log any dropped packets. The ovpn logs don't even show the client is even trying even though I packet capture 1194 UDP hitting the wan interface.

      Socket is listening 1194

      root openvpn 85670 12 udp4 WANIP:1194 :

      It's listening for 1194, the packets are getting there, packets aren't being blocked, and the rule exisxts top allow udp 1194. So the packet filter and OVPN logs are totally quiet so I have no way to trouble shoot...Mind blown at this point. I've never even needed help before since it's so straight forward.

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        Go to Diag>States and filter on :1194, is there a state and if so what does it look like?

        1 Reply Last reply Reply Quote 0
        • Y
          yudyheck
          last edited by

          WAN udp WANIP:49155 -> RandomWanAddress:1194 MULTIPLE:MULTIPLE
          WAN udp LOCALPCDMZMumble:1194 (WANIP:1194) <- ClientWanIpTryingToConnect:7958 NO_TRAFFIC:SINGLE ??????????????
          27MUMBLEDMZ udp ClientWanIpTryingToConnect:7958 -> LOCALPCDMZMumble:1194 SINGLE:NO_TRAFFIC

          ok this is odd looking…It's looks as if my Wan Client is getting pushed to my mumble DMZserver

          1 Reply Last reply Reply Quote 0
          • Y
            yudyheck
            last edited by

            Yea so I packet capture the Mumble DMZ port and yes it's getting my ovpn packets…

            Here is my Nat rule for mumbleDmz

            WAN TCP/UDP * * WAN address Mumble MumbleDMZ_SRV Mumble TCP/UDP Mumble to Media-PC

            Now the port alias mumble

            Mumble_TCP_UDP 64738 UDP/TCP 64738

            This is bizarre...

            1 Reply Last reply Reply Quote 0
            • Y
              yudyheck
              last edited by

              Fixed it! Thank you cmd! By pointing me to the states I was able to troubleshoot the problem! An alias was entered that was specifying IP's not port numbers shooting ALL traffic to my mumble server.

              MY alias's have been renamed, but they never Dynamically changed in my NAT policies. I will make a metal note when you change alias names they don't auto change in NAT policies like they do firewall rules.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post