PFSense OpenVPN server behind OpenWRT router
-
I sincerely apologize as i do not know much about networking! Im trying to setup an OpenVPN server behind a LEDE (fomally OpenWRT) router. I know that OpenVPN server works because if i plug pfsense directly to my modem to work as a router it works correctly. I can not get it to work if it's behind the LEDE router.
The Setup that I'm trying to make work:
I have placed a NAT rule on LEDE router for port 1194. I know that the incoming connection reaches PFSense when it's behind a router since i can see the client connection on PFSense. I test this by using a cellular connection (cell phone as a client) outside of my home network. The client will have bytes transmitting but 0 bytes received, all while pfsense reports an external connection. I think my issue is that PFSense OpenVPN can not make an outgoing connection? The default gateway is my LEDE router on PFSense; if i change the gateway on my laptop to PFSense, I am able to reach external internet. Not sure if i need to make a static route from PFSense to OpenWRT router?again, sorry for the seriously novice questions. any help would be appreciated
-
Why do you have another router ahead of pfSense?
-
router always needs to stay up since it's at my relatives house. i need a remote connection so i dont have to drive to their house when they have issues. PFSense is virtualized on a hypervisor along with pi-hole server and their main computer in passthrough mode. As far as the relatives are concerned it's just a desktop computer that's always running. If the computer goes down, then the whole network goes down.
I really like the idea of having openvpn on pfsense as I feel like i have more control. and….the memory on the router is running at ~90% running as a router only. I admit, it is a bit of a complicated setup -
This is where something like Wireshark comes in handy, but pfSense has packet capture which can also be used. Using one of those, can you see the VPN traffic leaving pfSense? Can you see it leaving the host computer? Without a bit more info, we're just guessing.
-
That's a very fair statement, I'll try a packet capture when I get a chance. Thanks