Can connect to VPN from LAN but not from WAN
-
Hi,
So I've just setup my VPN tunnel on PFSense 2.4.4-RELEASE-p3 (amd64) following a tutorial online. My problem is that I can connect to the VPN with my phone and my laptop when I'm connected to my wifi on LAN but when I connect to my hotspot on my phone or with my phone with the app OpenVPN I can not connect to my VPN anymore?
I tried to post info from my log files but the post was blocked as spam. I'll post this and see if I can post more later...
Thanks for any help!
-
@sonnyboy said in Can connect to VPN from LAN but not from WAN:
Hi,
So I've just setup my VPN tunnel on PFSense 2.4.4-RELEASE-p3 (amd64) following a tutorial online. My problem is that I can connect to the VPN with my phone and my laptop when I'm connected to my wifi on LAN but when I connect to my hotspot on my phone or with my phone with the app OpenVPN I can not connect to my VPN anymore?
I tried to post info from my log files but the post was blocked as spam. I'll post this and see if I can post more later...
Thanks for any help!
From /var/log/openvpn.log on PFSense server when I successfully connect from within the LAN with IP 192.168.1.50. I would get the same result if I connected from my phone:
Oct 19 09:58:15 pitbull openvpn[487]: 192.168.1.50:39175 peer info: IV_VER=2.4.7
Oct 19 09:58:15 pitbull openvpn[487]: 192.168.1.50:39175 peer info: IV_PLAT=linux
Oct 19 09:58:15 pitbull openvpn[487]: 192.168.1.50:39175 peer info: IV_PROTO=2
Oct 19 09:58:15 pitbull openvpn[487]: 192.168.1.50:39175 peer info: IV_NCP=2
Oct 19 09:58:15 pitbull openvpn[487]: 192.168.1.50:39175 peer info: IV_LZ4=1
Oct 19 09:58:15 pitbull openvpn[487]: 192.168.1.50:39175 peer info: IV_LZ4v2=1
Oct 19 09:58:15 pitbull openvpn[487]: 192.168.1.50:39175 peer info: IV_LZO=1
Oct 19 09:58:15 pitbull openvpn[487]: 192.168.1.50:39175 peer info: IV_COMP_STUB=1
Oct 19 09:58:15 pitbull openvpn[487]: 192.168.1.50:39175 peer info: IV_COMP_STUBv2=1
Oct 19 09:58:15 pitbull openvpn[487]: 192.168.1.50:39175 peer info: IV_TCPNL=1
Oct 19 09:58:15 pitbull openvpn[487]: 192.168.1.50:39175 [pitbullvpn] Peer Connection Initiated with [AF_INET]192.168.1.50:39175
Oct 19 09:58:15 pitbull openvpn: user 'pitbullvpn' authenticated
Oct 19 09:58:16 pitbull openvpn[487]: MULTI_sva: pool returned IPv4=10.101.1.2, IPv6=(Not enabled) -
@sonnyboy said in Can connect to VPN from LAN but not from WAN:
Hi,
So I've just setup my VPN tunnel on PFSense 2.4.4-RELEASE-p3 (amd64) following a tutorial online. My problem is that I can connect to the VPN with my phone and my laptop when I'm connected to my wifi on LAN but when I connect to my hotspot on my phone or with my phone with the app OpenVPN I can not connect to my VPN anymore?
I tried to post info from my log files but the post was blocked as spam. I'll post this and see if I can post more later...
Thanks for any help!
From /var/log/openvpn.log on PFSense server when I unsuccessfully connect from iPhone from WAN side. I would get the same result if I connected from my laptop connected to the phones hotspot:
Oct 19 10:05:26 pitbull openvpn[55881]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Oct 19 10:05:26 pitbull openvpn[55881]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 19 10:05:26 pitbull openvpn[55881]: TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xxx.xxx.xxx:1194
Oct 19 10:05:26 pitbull openvpn[55881]: UDPv4 link local (bound): [AF_INET]xx.xxx.xxx.xxx:0
Oct 19 10:05:26 pitbull openvpn[55881]: UDPv4 link remote: [AF_INET]xx.xxx.xxx.xxx:1194
Oct 19 10:05:26 pitbull openvpn[487]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Oct 19 10:05:26 pitbull openvpn[487]: TLS Error: incoming packet authentication failed from [AF_INET]xx.xxx.xxx.xxx:37900
Oct 19 10:05:28 pitbull openvpn[487]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Oct 19 10:05:28 pitbull openvpn[487]: TLS Error: incoming packet authentication failed from [AF_INET]xx.xxx.xxx.xxx:37900
Oct 19 10:05:33 pitbull openvpn[487]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Oct 19 10:05:33 pitbull openvpn[487]: TLS Error: incoming packet authentication failed from [AF_INET]xx.xxx.xxx.xxx:37900
Oct 19 10:05:41 pitbull openvpn[487]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Oct 19 10:05:41 pitbull openvpn[487]: TLS Error: incoming packet authentication failed from [AF_INET]xx.xxx.xxx.xxx:37900
Oct 19 10:05:57 pitbull openvpn[487]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Oct 19 10:05:57 pitbull openvpn[487]: TLS Error: incoming packet authentication failed from [AF_INET]xx.xxx.xxx.xxx:37900
Oct 19 10:06:26 pitbull openvpn[55881]: [UNDEF] Inactivity timeout (--ping-restart), restarting
Oct 19 10:06:26 pitbull openvpn[55881]: SIGUSR1[soft,ping-restart] received, process restarting -
@sonnyboy said in Can connect to VPN from LAN but not from WAN:
Hi,
So I've just setup my VPN tunnel on PFSense 2.4.4-RELEASE-p3 (amd64) following a tutorial online. My problem is that I can connect to the VPN with my phone and my laptop when I'm connected to my wifi on LAN but when I connect to my hotspot on my phone or with my phone with the app OpenVPN I can not connect to my VPN anymore?
I tried to post info from my log files but the post was blocked as spam. I'll post this and see if I can post more later...
Thanks for any help!
-
Post your server1.conf (/var/etc/openvpn)
-
Certainly!
-
@sonnyboy , is your issue is resolved, i am asking because, facing the same issue
-
@neyamt , unfortunately the issue is not yet solved. I'm away from the server for another 2 weeks and I can not look into the problem right now. If you find a solution please post it here. I'm starting to suspect there i something wrong with the firewall rules?
-
@sonnyboy said in Can connect to VPN from LAN but not from WAN:
rules
yes, i think its firewall rule issue only with wan interface in new 3p update of pfsense, there was no issue in previews update, i have practiced and implemented more than 10 time before this update, but now i am not able to get successed with same steps and documents which i was following before, i tried more than 10 time with 3p patched update of pfsense but no luck!, again i am searching and practicing to find the issue.