4. Possible firewall problem between OpenVPN and LAN

Possible firewall problem between OpenVPN and LAN

  • K

    I've got a setup where an OpenVPN tunnel is used to access a second management port on an ESXi host to allow remote administration - pfSense runs as a guest on the host.

    There is a "Pass all IPv4" rule on the LAN and OpenVPN interfaces.

    The ESXi host has been configured to route OpenVPN tunnel traffic back via the pfSense LAN interface.

    With this setup I can ping the ESXi host over the VPN and I can access its web interface at https://host.ip/ui.

    However, I cannot ssh into the ESXi host or access it using the vSphere client.

    Using "Diagnostics / Test Port" I am able to open a connection to the ESXi host on port 22 from the "VPN" source address, but not from the "OpenVPN Server:" source address.

    Any pointers as to what's going on here? Is this some sort of firewall state issue?

    0
  • K

    Found the problem. It was the firewall - the one on the ESXi host! This had been enabled for SSH access, but did not have an "allow" for the VPN tunnel network.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy