Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    [RESOLVED]Access webGUI using DDNS address

    OpenVPN
    2
    3
    1076
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • PrototypeActual
      PrototypeActual last edited by

      Hello,

      I'm trying to access my webGUI using my DDNS address thru my OpenVPN connection; which I know I can do with a firewall rule. I'm having difficulties with (if it is a simple firewall rule) accessing the webGUI thru OpenVPN using my DDNS address, and possibly my hostname+domain name. I set up a basic OpenVPN setup and with no specific guide being followed. The reason i'm doing this is because (even though my local network ip address isn't common) I want a way into my home network while in the event i'm in a place that uses the same address space as my home network; while i'm trying to vpn into my home network.

      Retired pfSense user now migrated to OPNsense:
      Last OS ran: pfSense 2.4.3-RELEASE-p1
      I thank everyone that made pfSense possible and here to help the community where/when I can.

      1 Reply Last reply Reply Quote 0
      • Derelict
        Derelict LAYER 8 Netgate last edited by

        So has this happened or is this a what if?

        I don't know of any way to include a dynamic address in an OpenVPN route.

        If you tell your OpenVPN server to

        Force all client generated traffic through the tunnel.

        then you should be able to access your pfSense device at its WAN address, firewall rules permitting.

        If you have a random local network address scheme, the chances of a collision are pretty slim. If you're on 192.168.1.0/24, your chances increase more than significantly.

        You could also try adding an IP alias VIP to Localhost on an IP network distinct from your LAN and include that address/network in the Local Networks of the OpenVPN Server. In the unlikely event you experience a subnet collision with LAN, you could connect to the localhost VIP instead. Less heavy-handed than redirecting all traffic through the tunnel if that's not what you want.

        Chattanooga, Tennessee, USA
        The pfSense Book is free of charge!
        DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • PrototypeActual
          PrototypeActual last edited by

          @Derelict:

          You could also try adding an IP alias VIP to Localhost on an IP network distinct from your LAN and include that address/network in the Local Networks of the OpenVPN Server. In the unlikely event you experience a subnet collision with LAN, you could connect to the localhost VIP instead. Less heavy-handed than redirecting all traffic through the tunnel if that's not what you want.

          Thank you for the reply/suggestions,

          Yes this situation has previously happened; I was told I could access my WAN DDNS link from anywhere so long as I make the correct rules in my firewall (for my VPN connections exclusively of course). I tried the VIP as such.

          1.Selected IP Alias for the type
          2. For interface I selected Localhost
          3. Address type only allowed me to use Single address
          4. I input my OpenVPN address for the Address section
          5. Left Virtual Ip Password, VHID Group, Advertising frequency, and Skew blank/at defaults

          My connections can now access my hostname + domain link url to my pfSense box (previously wasn't able to); but I cannot put my DDNS link into the VIP, or access it still from its url. Can you guide me on your suggestion?

          Retired pfSense user now migrated to OPNsense:
          Last OS ran: pfSense 2.4.3-RELEASE-p1
          I thank everyone that made pfSense possible and here to help the community where/when I can.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post