Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Not able to connect Internet through OpenVPN

    Scheduled Pinned Locked Moved OpenVPN
    13 Posts 5 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Musote
      last edited by

      Take a look on the firewall-rules- open VPN "interface", something happend with the wizard rules created by wizard are wrong.

      T 1 Reply Last reply Reply Quote 0
      • T
        toastposter @Derelict
        last edited by

        @derelict I do have a /24 tunnel network. It is also introduced on the client settings, so I think it cannot be the matter.

        1 Reply Last reply Reply Quote 0
        • T
          toastposter @Musote
          last edited by

          @musote I have re-done the rules, to the OpenVPN "interface" as well as the assigned interface OVPN1, and both have ipv4 all all allow rule applied.

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            And?

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • T
              toastposter
              last edited by

              Well, it is not solved. I have done all that prior to posting here. My VPN traffing is not routed to internet. Currently, I have the "route all traffic to tunnel" option off, because I cannot get it to work. I just have to realize that whenever I am connected to that VPN, my internet traffic is not encrypted.

              1 Reply Last reply Reply Quote 0
              • DerelictD
                Derelict LAYER 8 Netgate
                last edited by

                I don't use Tunnelblick personally. The general recommendation for a quality Mac OpenVPN client is Viscosity.

                If you have redirect gateway checked in the server and you do not end up with two routes on the client (0.0.0.0/1 and 128.0.0.0/1) then it is likely a setting on the client telling it not to honor the routes being pushed. There is not much else to it.

                Did you use the configuration export package?

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • T
                  toastposter
                  last edited by

                  OK,
                  I have to give Viscosity a try. I have been using Tunnelblick for quite a while now, and with the recent WatchGuard Firebox firewall I experienced zero problems using it.
                  And yes, I exported the settings using the latest version of the "openvpn-client-export".

                  1 Reply Last reply Reply Quote 0
                  • C
                    claudio69
                    last edited by

                    Hi, I had the same problem and I solved with an additional command.
                    push "redirect-gateway def1";push "dhcp-option DNS 192.168.254.1";verb 1;mute-replay-warnings

                    192.168.254.1 it's my vpn network0_1535608391771_Schermata del 2018-08-30 07-34-26.png

                    T 1 Reply Last reply Reply Quote 0
                    • T
                      toastposter @claudio69
                      last edited by

                      @claudio69 OK,
                      Have to try this!
                      Are you able to clarify, what does the options do? I know that the "redirect-gateway def1" introduces the default gateway of the router to the VPN client, but what about the "dhcp-option DNS xxx.yyy", do you have a DNS option on the VPN server settings or is it blank?

                      1 Reply Last reply Reply Quote 0
                      • C
                        claudio69
                        last edited by

                        I have no DNS set up on the VPN server.
                        I searched the internet for a long time and found this series of commands that solved the problem,I hope it works for you too.
                        Greetings

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.