VPN connects but no internet for client



  • Im trying to use a road warrior setup.  It worked on 1.2 but 1.2.1 I have no connection to the the internet while connected to the VPN. I can see my network fine.

    My initial startup log…

    Oct 5 18:28:20 openvpn[354]: Need IPv6 code in mroute_extract_addr_from_packet
    Oct 5 18:28:20 openvpn[354]: Initialization Sequence Completed
    Oct 5 18:28:20 openvpn[354]: UDPv4 link remote: [undef]
    Oct 5 18:28:20 openvpn[354]: UDPv4 link local (bound): [undef]:1194
    Oct 5 18:28:18 openvpn[354]: /etc/rc.filter_configure tun0 1500 1542 172.31.130.1 172.31.130.2 init
    Oct 5 18:28:18 openvpn[354]: /sbin/ifconfig tun0 172.31.130.1 172.31.130.2 mtu 1500 netmask 255.255.255.255 up
    Oct 5 18:28:18 openvpn[354]: TUN/TAP device /dev/tun0 opened
    Oct 5 18:28:18 openvpn[354]: gw 24.113.123.1
    Oct 5 18:28:18 openvpn[354]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible
    Oct 5 18:28:16 openvpn[354]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Oct 2 2008
    Oct 5 18:28:16 openvpn[354]: SIGHUP[hard,] received, process restarting
    Oct 5 18:28:14 openvpn[354]: /etc/rc.filter_configure tun0 1500 1542 172.31.130.1 172.31.130.2 init
    Oct 5 18:28:14 openvpn[354]: event_wait : Interrupted system call (code=4)
    Oct 5 18:27:52 last message repeated 2 times
    Oct 5 18:27:48 openvpn[354]: Need IPv6 code in mroute_extract_addr_from_packet
    Oct 5 18:27:48 openvpn[354]: Initialization Sequence Completed
    Oct 5 18:27:48 openvpn[354]: UDPv4 link remote: [undef]
    Oct 5 18:27:48 openvpn[354]: UDPv4 link local (bound): [undef]:1194
    Oct 5 18:27:47 openvpn[345]: /etc/rc.filter_configure tun0 1500 1542 172.31.130.1 172.31.130.2 init
    Oct 5 18:27:47 openvpn[345]: /sbin/ifconfig tun0 172.31.130.1 172.31.130.2 mtu 1500 netmask 255.255.255.255 up
    Oct 5 18:27:47 openvpn[345]: TUN/TAP device /dev/tun0 opened
    Oct 5 18:27:47 openvpn[345]: gw 24.113.123.1
    Oct 5 18:27:47 openvpn[345]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible
    Oct 5 18:27:47 openvpn[345]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Oct 2 2008

    Option= push "redirect-gateway def1"



  • http://forum.pfsense.org/index.php/topic,7001.0.html

    Every locally connected subnet, whether defined and reachable via a static route or attached to a LAN or OPT interface, will have its outbound traffic leaving any WAN interfaces NATed to that WAN interface's IP. You can change this behavior by enabling Advanced Outbound NAT (AON) but this is usually unnecessary and adds unneeded complexity.
    For OpenVPN if you want the OpenVPN subnet NAT'ed to WAN, you will have to use AON.



  • Thank You sir!  :)


Log in to reply