Can connect on VPN server, but no internet access.
-
I have a box running pfSense v2.4.3. I 've configured IPsec VPN access using this guide and this guide, and this is how I configured it.
VPN > IPSec > Mobile Clients > Enable IPsec Mobile Client Support User Authentication > Local Database Provide a virtual IP address to clients > 192.168.50.32 / 27 Provide a DNS server list to clients > 8.8.8.8 / 8.8.4.4 Save > Apply Changes Create Phase 1 Description > VPN Authentication Method > Mutual PSK + Xauth Peer Identifier > Distinguished name > vpn Pre-Shared Key > password_here NAT Traversal > Force Save > Apply Changes Show Phase 2 Entries > Add P2 Local Network > Network > 0.0.0.0/0 Save > Apply Changes System > User Manager > Add > Username > Password > Save Edit user Effective Privileges > Add > User – VPN: IPSec xauth Dialin > Save Firewall > Rules > IPSec > Add Description > VPN Save > Apply ChangesMy iPhone can connect on the VPN server and I can access resources on my network. The problem is that while I'm connected, I don't have internet access. What I'm I doing wrong here?
-
These are some of the forums posts describing the same problem, but have no replies. Is this a known issue?
https://forum.pfsense.org/index.php?topic=129265.msg712293
https://forum.pfsense.org/index.php?topic=124620.msg688397
https://forum.pfsense.org/index.php?topic=142969.msg779268
https://forum.pfsense.org/index.php?topic=124787.msg689214
https://forum.pfsense.org/index.php?topic=121332.msg670565
https://forum.pfsense.org/index.php?topic=120609.msg666813 -
Well, this fixed it for me.
https://forum.pfsense.org/index.php?topic=117858.0Firewall > Rules > IPSec > Add > Protocol > TCP/UDP (initially only TCP was selected)
I don't know why UDP was important, but now I can access local network resources and the internet. -
UDP is needed for DNS lookup.
Easiest to just set it for any (if your IPSEC clients are trusted of course)