Cannot Access WebGUI over OpenVPN.

wheeler9691 · Feb 28, 2017, 7:02 PM

So my original purpose for a VPN server was to use Steam "In Home Streaming" over the internet. I setup OpenVPN based on some guides and it worked perfectly. Then I found out that in order to utilize services that broadcast across the LAN, I would need to use a tap instead of the tunnel.

This has been somewhat of a nightmare. I plinked around for days, making small changes I'd read in 1 of 100 forum posts which would fix one thing and break another, etc. Lots of trial and error. I'm now very close.

I can,
Ping my pfSense box
Ping my FreeNAS machine
Ping 8.8.8.8
Ping google.com
Map my FreeNAS' Windows share as a Network Drive on a remote computer.
Access my FreeNAS WebGUI
Access my Transmission WebGUI
Access my Owncloud WebGUI
Play my Steam games remotely over the internet.

I cannot,
Access my pfSense WebGUI

That's it. The one thing I still can't do. No iteration of this tap setup has allowed me access to this. It worked when I used a tunnel, but now I get nothing. It's bizarre that I can access FreeNAS' WebGUI, but not pfSense'. ipconfig shows the correct DNS domain, DNS servers, default gateway, ipv4 address, etc. Everything looks correct on the client.

I can provide any information needed to help me.

Thank you

jimp · Mar 1, 2017, 3:32 PM

Are you trying to access the firewall GUI using the LAN IP address or the WAN IP address?

Which pfSense version? Which OpenVPN Client version?

jtl · May 19, 2017, 7:02 PM

I have the same problem with OpenVPN TAP on pfSense 2.3.3_1 with OpenVPN 2.3.14

Client is OS X 10.11 with Tunnelblick 3.7.1beta02.

I am trying to bridge OpenVPN TAP and management VLAN, on which WebGUI and a few other services are listening in the case of the pfSense box. Can access other hosts on that VLAN such as IPMI of various servers, switch config over telnet/http, etc.

Management VLAN network is 10.3.0.0/24

pfSense box is 10.3.0.1

Management VLAN has DHCP server listening on it through pfSense. Can ping the pfSense box just fine, but trying to SSH into it with it's IP on the Management VLAN does not work, neither running dig queries against the BIND resolver running on it.

LongDistanceSwimmer · Jan 27, 2018, 3:40 PM

I am also having this issue. I did not have this issue until I changed from 32 bit install to 64 bit install. I am able to ping but I cannot ssh or access the web gui. Has anyone resolved this issue?

jtl · Jan 31, 2018, 1:20 AM

I fixed the issue.

From memory I had to create a BRIDGE interface between my MGMT VLAN interface and OpenVPN TAP interface and remove the assigned IP from the MGMT VLAN interface and assign it to the BRIDGE interface.

I now use a tun routed setup though.