[Solved] Can't route LAN through OpenVPN
-
@KOM said in Can't route LAN through OpenVPN:
Did you clear your states before trying your test again?
.... That was it....
-
I can connect to VPN Servers just fine but I'm not able to use the VPN connection to access the Net...
Here are my LAN FW rules:
Here are my NAT Rules:
The problem is when a host on my LAN tries to access the Web, webpages load and end up on a timeout, I can't access anything. I thought that was DNS related but even with an IP address I have the same problem.
Do you have an idea ?
-
https://doc.pfsense.org/index.php/Firewall_Rule_Basics
https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting
Firewall rules are evaluated top-down first-match wins and all other rules are ignored after a match.
Look at your LAN rules. Your third rule says that all traffic from LAN net goes out the default gateway WAN_DHCP. Now do you have an idea as to why no traffic is going out the VPN?
-
Sorry I forgot to mention the third rule is concerning LAN traffic going to a specific (blurred) destination.
-
Yeah, and I still had my head around your old problem.
If it's dying and timing out then it sounds like the routing is working, but there is an issue with your VPN provider. Perhaps you are getting connected at a basic level, but you aren't getting the route updated or something. I'm not a VPN expert so I could only guess here.
Anything in System Log - OpenVPN? Increase the client verbosity and then see if there is something in the logs.
-
That's the twist : I tested several servers with two differents providers so my guess is it's PFSense conf that is the problem ?
-
Possibly. If you give it an incorrect configuration then it's possible that something won't work as expected.
-
Well, nobody seems to have a clue of what's causing this ?
-
@notarobot
ping 8.8.8.8
perform a traceroute to 8.8.8.8the traceroute may fail depending on your vpn provider's settings. Confirm connectivity to the vpn provider in the logs (VPN connection stays up, no errors etc..)
Are you running squid or proxying anything?
-
@notarobot said in Can't route LAN through OpenVPN:
Well, nobody seems to have a clue of what's causing this ?
sure do
if you are not using protonvpn DNS servers. you wo'nt be able to view webpages
services > dhcp server. Add the addresses you want to go out that tunnel with static addresses. then under DNS servers put protonvpn servers
-
I've reset my conf and started all over again and now it seems ok....
Don't know what was wrong though.Thanks you all for you help
