Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Client connects but can't access anything except ICMP

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 3 Posters 930 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sreyas
      last edited by

      Hi,
      I able to establish Openvpn client connection, but can't access anything on that network. I am able to ping everything, but sudden packet drop will occurs when I try to connect through rdc or vnc. Finally cant access anything.I can't find any unusual openvpn log, so where do i check apart from openvpn log.
      Regards
      Sreyas

      1 Reply Last reply Reply Quote 0
      • M
        marvosa
        last edited by

        Need more details. Post a network map. Post your server1.conf (/var/etc/openvpn)

        S 1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Either asymmetric routing, not passing TCP/UDP, or, maybe but probably not MSS.

          Check the firewall logs for blocked packets related to the connection you are making.

          Packet capture the OpenVPN instance and make an attempt. See what's happening with the TCP connection. If you see it there, pcap on the LAN and see what's happening there.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • S
            sreyas @marvosa
            last edited by

            @marvosa please find the attached conf file for your ref:0_1546173003617_Server1.conf.txt

            1 Reply Last reply Reply Quote 0
            • M
              marvosa
              last edited by

              Thx for posting the config. It would also be helpful to include a network map so we have an idea of how things are connected.

              Your config looks ok. I see a tunnel network of 10.70.0.0/16 and it looks like your LAN is 10.30.0.0/16. Both of those subnets are entirely too wide, but it's probably not your issue.

              If ICMP is working then routing is working and you need to look at your firewall rules. What do your firewall rules look like?

              S 1 Reply Last reply Reply Quote 0
              • S
                sreyas @marvosa
                last edited by

                @marvosa I WILL SEND YOU THE NETWORK MAP SOON, ONE QUICK UPDATE

                1. THIS IS HAPPENING ONLY FOR SOME SPECIFIC ISP
                2. MY FIREWALL RULE FOR VPN IS ALLOW ALL
                3. I HAD CREATED SOME EASY RULE WHICH I HAD SEEN IN FIREWALL LOG FOR THOSE CONNECTIONS GOT BLOCKED.
                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.