pfSense 1 to pfSense 2 use internet from pfSense 2 via openVPN

mako

thank you, no. i dont have a floating rule set.
but maybe my nat in pfsense 1 is wrong?
i have exact current the running configuration from my screenshots.

have:

assigned OPT4 (ovpnc2)
have activated the OPT4 interface
have set on LAN4 the FW rule with the ovpn gateway
have checked the nat on pfsense2, but without a chance to get working.

what i made wrong?
can i delete all and do a freh config for this? where i can have the problems?
maybe nat? have manual outbound creation in use.
thank you!

::
what i should check for logging?

viragomann

If the computer which you try to go out is connected to LAN4 it could never go out to WAN on site1 as there is no rule allowing that. The only one firewall rule on LAN4 permits only traffic to the VPN gateway.

Maybe you're using already opened connections. Try kill the states. Diagnostics > States > Reset States

mako

@viragomann

dear! thank you, have now done that, but no better result.

if i disable the one and only firewall rule on lan 4, no internet is working on my clients.
but if i activate them, i get the wan ip from pfSense1 but i have selected the ovpn gateway in advanced settings tab.

what do you mean where i should check as next?

thank you!

many greets

viragomann

Please post Status > Gateways.
Site1.

mako

@viragomann

Thank you, o i think here i have a problem?

0_1532009931807_1b22b6a8-3508-4cbc-8ee4-8568455069e0-grafik.png

viragomann

So you vpn gateway is not online, man.
Get your vpn up first.

To avoid clients from going out WAN check the two options under "Gateway Monitoring" in System > Advanced > Miscellaneous

mako

@viragomann

dear viragomann,

thankyou , the options are:
0_1532010334288_b0a805e4-8452-428b-8e2e-6d9a48716f74-grafik.png

but what i dont know, why gateway is not up? the connection is estalished, or?
where i can have here an error? must i select an other thing on pfsense2 to get the gateway online?
configs are the same from my last screenshots, maybe can u see an error?

it seems that the openvpn tunnel is online...
0_1532010558385_2d38d768-c6ce-4143-9b5f-66b6c8513a3c-grafik.png

thank you thank you thank you thank you!

viragomann

I don't know your vpn configs.
Check the vpn log for errors.

mako

@viragomann

Oh man, ... thank you very much. have created a fresh instance (have first remove the old one).
now all is working so perfect.

THANK YOU so MUCH for you help!

Thanks!

have a nice day, many greets mako!

viragomann

Glad to here it's working now.