Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VLAN not getting packets back while using vpn gateway

    Scheduled Pinned Locked Moved NAT
    2 Posts 1 Posters 503 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      justblackcoffee
      last edited by

      Hi all,

      I've done quite a bit of digging and I'm just completely lost at this point. I've had vlans running on my pf without issues for over a year. Now I finally had time to sit down and setup the vpn connection. Everything works just as expected with the vpn I excluded one laptop going out through the WAN GATEWAY while the rest of the LAN goes out the VPN gateway. I also have specific ports using WAN over VPN and these work just fine. I have two  vlans both going to the same esxi host (2 nics).

      The problem is I can get the assigned IP address and even switching the networks around gives me the expected results. However, in my troubleshooting I identified that the problem on this VPN with getting internet is the vpn gateway. Since I can set the gateway to WAN reboot the vm and it goes out, but when I switched the WAN to VPN gateway the outbound routing looks to be ok. My main machine which uses the VPN as gateway works flawlessly and a laptop on the same network using the WAN gateway works as expected.

      I went and checked the outbound nat (manual) and it's nasty in there but what I be expecting to be in there? I see 3 rules for each interface that I have, WAN, VPN, and HOSTNET (the vlan i'm using) as well as some additional WAN routes but everything is working as expected except for this one part.

      When I run a ping, or curl or try to upgrade my repos in the vm the commands just hang and eventually time out. When I look in the state table it shows 3 connections ( depending) 2 for my DNS and 1 to the ip address I did the curl on. So I know the packets are reaching the firewall at a minimum.

      I would love to get this figured out so I can continue with my testing but I need to solve this gateway issue.

      Any help, recommendations or tips would be appreciated!

      1 Reply Last reply Reply Quote 0
      • J
        justblackcoffee
        last edited by

        While talking with someone else they mentioned a GRE tunnel. To my knowledge a GRE needs a L2 device at either end. Since this is OpenVPN on a VLAN GRE wouldn't work.. would it? I mean because I can't assign a VLAN tag and a GRE tunnel to the same interface - correct?  :-\

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.