openvpn on the lan side

kramtw

Ok did all of that and still not able to go on the internet from my iPhone with OpenVPN client installed and connected to the WiFi on the lan side

Gertjan

@kramtw said in openvpn on the lan side:

connected to the WiFi on the lan side

You mean : LAN == pfSense LAN (with an AP on your LAN) so your iPhone connects to the LAN side of pfSense ?
Never tried to do this. Why would you do so ?
Your OpenVPN is really listening like this :

I connect my iPhone from "anywhere on the planet" to the WAN IP of pfSense, that works (if set up correctly)

claudio69

Hello, I have a network configuration similar to yours. I had the same problem that I could not surf the internet when I was connected to my wifi with the vpn. I solved this problem with this custom option:
push "redirect-gateway def1";push "dhcp-option DNS 192.168.254.1";verb 1;mute-replay-warnings

The IP address (192.168.254.1) is my vpn tunnel network, this may be different in your configuration.

kramtw

@gertjan

Hi I was thinking that you could still have a man in the middle Attack The seem concerned you would have for using a VPN on a network or a wireless network that is outside of your own network

kramtw

@claudio69

Hi would try what you are Suggesting and let you all know the outcome

Thanks

kramtw

Ok guys still not working did what you were suggesting and not able to get to the internet when connected to the WiFi on the lan of the pfsense with my iPhone using the openvpn client for iOS

kramtw

Ok guys after deleting the configuration for both the lan and the wan for the openvpn a few times now.

It is working on the lan side and I am able to see the computer How with the iPhone using openvpn client on the WiFi that is in the lan

Don’t know what I did but so far It is working

One thing that I have noticed is that I would have to enter the IP address of things like the web server and an the mail server when the vpn is enable on the phone

Gertjan

@kramtw said in openvpn on the lan side:

One thing that I have noticed is that I would have to enter the IP address of things like the web server and an the mail server when the vpn is enable on the phone

That means : your iPhone didn't receive a working DNS. Solution : inform to your OpenVPN client a DNS, for example, pfSense.

kramtw

hi
how i am able to get the lan side vpn too work i am able to get to the internet and see all the computers on the lan side with send all vpn traffic enable

now i am working on the wan side of the vpn now and i am able to connect to the vpn server, however i am not able to get any internet traffic when send all traffic through the vpn tunnel is enable if i disable that i am able to get to the internert and i am not able to see any of the computers on the lan side

any help on this one

Gertjan

Firewall rules (called OpenVPN) ?
VPN server settings ?
Your client VPN file ?

From here, can't see what you did wrong, added to that, you telling us nothing.
Difficult ....

kramtw

ok
firewall rules created by openvpn wizard
vpn server settings created with vpn wizard
vpn client vpn file created by export wizard