OpenVPN WiFi Client Internet Access
-
Hello everyone,
First time post to this site and relatively new to the firmware after switching from OpenWRT.
So I am adding another layer of security to our home WiFi traffic and in doing so, I managed to sucessfully get OpenVPN WiFi up and running on my network and have got local traffic flowing between two Android and IOS devices using the following tutorials:
https://wiki.opnsense.org/manual/how-tos/two_factor.html
https://wiki.opnsense.org/manual/how-tos/sslvpn_s2s.html
https://wiki.opnsense.org/manual/how-tos/freeradius.htmlMy problem is that although I can see the connections popping up on the OpenVPN server, neither of my test devices can actually get out to the internet. My gut tells me that it might have something to do with my fireall/NAT/DNS settings but I am not sure due to my lack of experience with PFsense.
Below are some images showing firewall/NAT/tunnel settings if this helps:
Firewall Rules:
NAT:
OpenVPN Server:
Below is a brief summary of my network running on a dedicated VM with three physical interfaces.
vtnet0 - WAN DHCP client from ISP
vtnet1 - Unassigned for VLAN usage
vtnet2 - LAN - 10.1.10.1/24The two VLANs I have placed on vtnet1 are as follows:
VL10_ADM 10.10.10.1/24 - Admin
VL20_IOT 10.10.20.1/24 - IOT/WiFi/OpenVPN
VL30_CLR 10.10.30.1/24 - ClearnetThe OpenVPN server I have configured resides on 10.10.25.1. We DO NOT actually require remote access from outside our home network and use static mapping for all of our network devices. I am aware that some devices such as smart TVs etc do not support OpenVPN connections but I can compensate this with the use of ethernet cabling.
Could some from the community please chime in and give me a hand to work out what is wrong?
Many thanks in advance.
Kawa -
You're missing the outbound NAT rule for the OpenVPN tunnel network.
Just copy one of the WAN rules and change the soure to 10.34.25.0/24. -
This post is deleted! -
Hey thanks. Its working now thank you so much for your help! Been trying to resolve this for ages!!
Kawa