OpenVPN to DMZ
-
Greetings!
Project pretty close to completion.
The final hurdle: VPN to DMZ connectivity.
While connected to the network remotely via VPN (without TLS -not sure if this is relevant or not) I can't seem to ping or connect to any of the server in the DMZ. IS there a Rule or other options to Set.
Thank you -
Off course you need a firewall rule on VPN interface to allow the access. If you used the wizard for set up this rule should be allready there.
Otherwise ensure that the pfSense running the VPN server is the default gateway in the DMZ.
Also check if local SW-firewall on the server is blocking the access.
-
Hi,
Thanks for your assistance.
I can confirm the DMZ auto rule exists.
I can also conform their is no local firewall preventing ping (from the remote location I can ping servers in the 192.168.1.0 segment but nothing in the 192.168.50.0 segment).I am at a loss what to enter in the upstream gateway (pictured). 192.168.1.1 in the private side of the firewall and is blocked by deny LAnnet rule. Pfsense complains if i enter the official verizon fios upstream gateway. Not sure what should be entered.
Any additional help appreciated.
-
The upstream gateway has only to be entered for WAN interfaces.
Have you entered the DMZ subnet in the "Local network(s)" box in the VPN server settings to push the route to the client?
To ensure check the clients routing table. -
Hero Member you are! Thank you very much!