Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    setting up vpn

    Scheduled Pinned Locked Moved OpenVPN
    9 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      RuiMiguel
      last edited by

      Hi.
      I am trying to enable vpn on my pfsense and i used this tutorial:

      https://turbofuture.com/computers/How-to-Setup-a-Remote-Access-VPN-Using-pfSense-and-OpenVPN

      So far everything is great. So now how can i access my web gui in the internet ?

      R 1 Reply Last reply Reply Quote 0
      • R
        RuiMiguel @RuiMiguel
        last edited by

        my LAN is: 10.10.10.0/24; LAN address: 10.10.10.1
        tunel: 192.168.20.0/24

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by johnpoz

          hit your lan IP when you have your vpn connection.. Or if you allowed for dns just hit the pfsense fqdn.

          As long as the local network your vpn from is not 10.10.10 or stepping over that /24 then you should have no issues. I do it almost every day from work.

          My lan IP is 192.168.9.253, and just hitting it via its fqdn from work network.

          0_1531756560008_fromvpn.png

          0_1531756747500_vpntrace.png

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          R 1 Reply Last reply Reply Quote 0
          • R
            RuiMiguel @johnpoz
            last edited by

            @johnpoz
            By hit you mean just put my LAN ip address in browser and press ENTER rigth ?

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by johnpoz

              Well yeah ;)

              As long as your browser is not setup to use a proxy you should go down the vpn and hit your web gui on pfsense.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              R 1 Reply Last reply Reply Quote 0
              • R
                RuiMiguel @johnpoz
                last edited by

                @johnpoz

                My LAN is 10.10.10.0/24 and i am trying to connect at 172.20.18.0/24. Why am i getting this error ?

                Tue Jul 17 09:00:20 2018 OpenVPN 2.3.18 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Sep 26 2017
                Tue Jul 17 09:00:20 2018 Windows version 6.2 (Windows 8 or greater) 32bit
                Tue Jul 17 09:00:20 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
                Tue Jul 17 09:00:27 2018 Control Channel Authentication: using 'pfSense-udp-1194-teste-tls.key' as a OpenVPN static key file
                Tue Jul 17 09:00:27 2018 UDPv4 link local (bound): [undef]
                Tue Jul 17 09:00:27 2018 UDPv4 link remote: [AF_INET]192.168.2.2:1194
                Tue Jul 17 09:00:28 2018 read UDPv4: Net dropped connection or reset (WSAENETRESET) (code=10052)
                Tue Jul 17 09:00:29 2018 read UDPv4: Net dropped connection or reset (WSAENETRESET) (code=10052)
                Tue Jul 17 09:00:33 2018 read UDPv4: Net dropped connection or reset (WSAENETRESET) (code=10052)

                1 Reply Last reply Reply Quote 0
                • johnpozJ
                  johnpoz LAYER 8 Global Moderator
                  last edited by johnpoz

                  @ruimiguel said in setting up vpn:

                  UDPv4 link remote: [AF_INET]192.168.2.2:1194

                  How do you think you could connect to a rfc1918 address over the internet?

                  If you pfsense is behind a NAT and has rfc1918 on its wan, then you have to set your client to use your actual public IP and port forward the device in front of pfsense to pfsense wan the port your running openvpn on, 1194 as example.

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                  R 1 Reply Last reply Reply Quote 0
                  • R
                    RuiMiguel @johnpoz
                    last edited by

                    @johnpoz
                    Ok. Thankx for the heads up.
                    1º) For my configuration to work o should have a public ip address on my WAN. Ok

                    2º) The solution you just pointed me continue to use vpn rigth ?
                    So if yes:
                    I understand the soluton you sugest. I only have 1 doubt. How can i set my clients to use my actual public ip address. The problem is whem i export a client i see no option to do this set you pointed.
                    Forgive my stupidity, if this is so basic

                    1 Reply Last reply Reply Quote 0
                    • johnpozJ
                      johnpoz LAYER 8 Global Moderator
                      last edited by

                      Yes it is always better to have pfsense wan right on the public vs behind a NAT. But in the export util just set what your public is or what some fqdn points to your public is.

                      0_1531826149533_vpnexportname.png

                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                      If you get confused: Listen to the Music Play
                      Please don't Chat/PM me for help, unless mod related
                      SG-4860 24.11 | Lab VMs 2.8, 24.11

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.