OpenVPN DNS and LAN Not Working

fabiolanza

Hi, I configured OpenVPN server for access to local LAN and also DNS. However, these configs are not working. After connected, DNS and LAN not working.

I have the screenshots of my configs, are you able to provide any advice? I am using Viscosity for Windows as OpenVPN client. I also tried to add local DNS and local route in Viscosity client but it did not work the same so I left it not filled, as this info should be being pushed by the server either way.

OpenVPN subnet: 10.0.5.0/24 (GW 10.0.5.1)
LAN subnet: 10.0.1.0/24 (GW 10.0.1.1)

I have the same problem when connecting to the VPN from my mobile phone.

Thanks

DaddyGo

Please configure the OpenVPN based on this (via wizard):
https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/openvpn-remote-access-server.html

then use the OpenVPN Client Export Package:
https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/using-the-openvpn-client-export-package.html

if it still does not work we can start solving the problem.

fabiolanza

Hi, I did use these tutorials to generate the configuration files. Unfortunately I am going through these issues. If there is any advice that could be shared I would appreciate. Thanks!

DaddyGo

Which version of pfSense are you using?
Please pay attention to this:

fabiolanza

@DaddyGo you mean the Force all client-generated IPv4 traffic through the tunnel? If I am not mistaken I did try with that earlier but I will try later today again. What about the DNS issue, any thoughts?

Thanks again, very respectively,

Fabio

DaddyGo

In pfsense, this OpenVPN function works very well, with Wizard + Client Export, so this is always the starting point, if it is OK then you can experiment with individual clients and more... (like Viscosity client), always go through the wizard and you can refine your settings later.

For help, I upload "PNGs" of this one of our pfSense box settings.OpenVPN_server.zip

In my case DNS always points to the box (since I use Unbound) and for windows10 don't forget that either:

In case the VPN connection is established with basic settings (above), then the logs tell you a lot about the possible problems, if you experiment with your custom setting.

fabiolanza

Hi @DaddyGo, I looked into the file you share and I could not understand where my problem is. I attached a print-out of my server settings in PDF. Please see attached: pfSense.lanza.local - VPN_ OpenVPN_ Servers_ Edit.zip

The issue is that no route is being set for my local network. Ping does not work, tracert does not work too. I can't ping the local LAN gateway (10.0.1.1). I also checked with firewall and all configs are there. Not really sure what to change next.

Any advice based on the PDF I shared?

Thanks

DaddyGo

Hi,
Because of the differences, is it still a question for me which pfSense version is this?
(for example, it's a difference...)

The second important thing is server mode (you use TLS), but that's all I see:

instead of:

I don't see your own cert for the connection either:

instead of:

like:

and even a VPN User is required:

with:

exactly where does the DNS (10.0.1.31) point?? this is the box itself or a separate DNS server on the network