OpenVPN only as "Peer-to-Peer" for my NAS
-
Hi guys / girls,
I want to use some stuf at work that are on my nas server at home but I want to use for the normal stuf (like googling) the normal internet connection of my work.
I a lot of settings but nothing works as expected. Everytime when I traceroute or use speedtest, it uses my openvpn.I tried to change the metrix on the adapters but still the same. Any ideas?
-
rly noone?
I have tried this settings but atm I dont even have a connection to the internet. I can connect to my nas server but it seams like the dns would not work.
I tried to change the metrik at work, to set manual a dns server and so on.When I start to ping then it works and even tracert goes trough the right way but no dns resolving.
I tried this too https://community.openvpn.net/openvpn/wiki/IgnoreRedirectGatewayWe have a WINS Server. Does this cause trouble?
-
Please restate what you're trying to do.
-
Hi, and ty for an answer.
Ok, lets try again.As u can see in the Picture, I want to reach my Home Server trough the VPN Server but block the entire outgoing access over my HomeNetwork.
I want to be able to use the normal office connection to reach the office drive`s and to visit the sites like www.google.com
I was able today to reach finaly my network with a route add and with setting the default gateway. Even after I put the default gateway to the office network, I was not able to reach the office drives. And do I have to make a rule to block the outgoing trafic over the VPN? Or does exist a beter solution?
The point is, I want only at work to use the default connection for surfin and so on.At another place like public WiFi I would like to use the same VPN Server on the pfSense for direct the entire trafic over it.
Is this possible with only change some stuf at the config file or do I have to create a second OpenVPN Server on pfSense side?
-
Ok, so you want to be able to VPN to your home PFsense box and access resources on your home network while traffic destined for the internet goes out the normal Work WAN. That would be a split tunnel setup and is pretty standard and straightforward. You shouldn't need to add any manual routes if your server is configured correctly.
The one thing to note is that in a routed solution, all LAN subnets have to be unique throughout all connected environments. In other words, your Home LAN subnet has to be different from your Work LAN subnet.
As far as your objective, all you have to do is uncheck the "Redirect Gateway" box under the Tunnel Settings section.
At another place like public WiFi I would like to use the same VPN Server on the pfSense for direct the entire trafic over it.
Is this possible with only change some stuf at the config file or do I have to create a second OpenVPN Server on pfSense side?You have two options, one ideal and one less than ideal:
-
Create a separate, "Full Tunnel" OpenVPN server which listens on a different port, has a different tunnel network and has the Redirect Gateway box checked. You'd connect to this server @ WiFi hotspots or whenever you want to bypass filtering, etc
-
You can use the same server for both situations, but you'd have to connect to the server and then toggle the Redirect Gateway box every time you want to go full tunnel. Then uncheck it when you want to go back to split tunnel.
The most straightforward and efficient option is #1, IMO. Option 2 sounds like a nightmare compared to just having two profiles to select from and selecting them accordingly for the appropriate situation.
-
-
Ty for your answer.
I am sure that all areas (work and home) have differen subnet`s.Ty for your answer. Then I will go for the first option.
Anyway I did not have any connection to the internet cause it looked like no dns server was reachable… anyway atm I have the problem since I deinstalled the Hyper-V package, that I could not connect anymore to my server at home so i wanted to reinstall the TAP-Driver but.. now I can not anymore install it. I get everytime this driver install error. A lot of people seams to have this problem but nothing helped. Have to try it tomorrow again.
Tue Feb 20 15:44:20 2018 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Tue Feb 20 15:44:20 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Feb 20 15:44:20 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Tue Feb 20 15:44:24 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]IP:Port
Tue Feb 20 15:44:24 2018 UDP link local (bound): [AF_INET][undef]:1194 <– BTW WHY 1194? I use another Port on my Config and Server
Tue Feb 20 15:44:24 2018 UDP link remote: [AF_INET]IP:Port
Tue Feb 20 15:45:24 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Feb 20 15:45:24 2018 TLS Error: TLS handshake failed
Tue Feb 20 15:45:24 2018 SIGUSR1[soft,tls-error] received, process restarting
-
Hi,
I was able to install the shit driver again but I`m still stuck on the OpenVPN connection.
Maybe the TAP-Adapter is still not right installed.
The office may block vpn access but then.. why did it worked some days ago? I think its more my TAP driver.Wed Feb 21 08:53:21 2018 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Wed Feb 21 08:53:21 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Feb 21 08:53:21 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Wed Feb 21 08:53:22 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]IP:1194
Wed Feb 21 08:53:22 2018 UDP link local (bound): [AF_INET][undef]:1194
Wed Feb 21 08:53:22 2018 UDP link remote: [AF_INET]IP:1194