Can ping internal network but access via TCP (ssh or http or smb) does not work



  • I have a remote connect to a pfSense machine running OpenVPN in remote access mode. The remote client is a Mac OS X laptop running Viscosity. The connection is made and from there I can ping the LAN side of pfSense firewall (e.g. 10.10.10.1) as well as internal hosts e.g. 10.10.10.10 and 10.10.10.111.

    However I can not say connect to the WebGUI of pfSense using http/https. Neither can I ssh to a host on the LAN side.

    OpenVPN is set up in remote access (SSL/TLS) mode. The LAN side firewall rule allows any to any. As does the OpenVPN interface. It allows any to any. Any ideas what is going on?



  • Hi,

    LAN rules aren't important, as initial traffic goes out the LAN, not coming in.

    "VPN"(or, if absent, "OpenVPN" tab rules) rules are important :

    0_1536296717294_ef132e19-b33e-4ea1-8446-ed0be1b97912-image.png
    do you see the state counters going up ?

    And, as you didn't mention : some other little details, like the local LAN from where you run your Mac with Viscosity must be different as the remote LAN on pfSense with OpenVPN.