4. OpenVPN not routing anywhere with filtered bridge on WAN/OPT1 /w Public IPs

OpenVPN not routing anywhere with filtered bridge on WAN/OPT1 /w Public IPs

  • B

    Hopefully this will be an easy one to answer…

    I'm on Uverse using passthrough from my RG to my WAN port with a filtered bridge between my WAN and OPT1 ports - All of that works great.  I've got public static IPs and I want the firewall rules to work on it.

    With the Filtered Bridge, my WAN port has 104.54.x.x while my internal (but public, non NATted) IPs are 104.49.x.x/28

    My LAN is connected off of my OPT1 interface, as my WAN and OPT1 are in a filtered bridge.  Interface status is showing 10.10.10.1 as my IP there.

    So for my VPN setup, which is using 192.168.x.x/24 as its IPs, what should I set the "local network" to?  Setting it to either my internal IP range or the WAN range is leaving me without an ability to get to anything.  Do I need to set it to the opt1 (10.10.10.1) address?  Any other suggestions?

    Cheers!

    0
  • H

    Perhaps it's not working as intended because of you disabled routing (=filtering bridge)?

    0
  • B

    No, I've previously had it working with a filtered Bridge.

    0
  • B

    To add clarity, None of my internal IPs are on NAT, however I'm certain the VPN uses it for translating to the internal IP addresses it's assigned.  My client gets an IP and DNS servers, but has no internal or external access.  Any suggestions on where to look here?  The Wizard usually creates rules that work, and the ones there look correct, but I'm uncertain.

    0
  • B

    Anyone have any suggestions? I've just added a bit more info to my initial question.

    0
  • M

    Your local would appear to be 10, but it is a bit hard to tell from your convoluted setup.  Check Diagnostic / routes once your vpn is up.

    If it's still not clear, setup 3 or 4 pfSense virtual machine instances, and simulate your environment.  Then you can diagnose all scenarios.

    0
  • B

    One would be led to believe, but since it's a filtered bridge, I don't assign an IP to the LAN side of it.  I'm just saying it's showing up as 10, even though it's not set.  My locals (which are working) are 104.49...

    Regardless, I'm still where I was - All of my rules are working, folks can get in and out of my statics/servers, but OpenVPN client can connect but go nowhere.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy