Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN WiFi Client Internet Access

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 611 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K Offline
      kawakawa
      last edited by

      Hello everyone,

      First time post to this site and relatively new to the firmware after switching from OpenWRT.

      So I am adding another layer of security to our home WiFi traffic and in doing so, I managed to sucessfully get OpenVPN WiFi up and running on my network and have got local traffic flowing between two Android and IOS devices using the following tutorials:

      https://wiki.opnsense.org/manual/how-tos/two_factor.html
      https://wiki.opnsense.org/manual/how-tos/sslvpn_s2s.html
      https://wiki.opnsense.org/manual/how-tos/freeradius.html

      My problem is that although I can see the connections popping up on the OpenVPN server, neither of my test devices can actually get out to the internet. My gut tells me that it might have something to do with my fireall/NAT/DNS settings but I am not sure due to my lack of experience with PFsense.

      Below are some images showing firewall/NAT/tunnel settings if this helps:

      Firewall Rules:
      0_1541598145900_VL20_FW.PNG

      0_1541598205300_OpenVPN_FW.PNG

      NAT:

      0_1541598236200_nat.PNG

      OpenVPN Server:

      0_1541598270700_OpenVPN_ServerTunnel.PNG

      0_1541598287100_OpenVPN_ServerTunnel_1.PNG

      0_1541598309000_OpenVPN_Server.PNG

      0_1541598325600_OpenVPN_Status.PNG

      Below is a brief summary of my network running on a dedicated VM with three physical interfaces.

      vtnet0 - WAN DHCP client from ISP
      vtnet1 - Unassigned for VLAN usage
      vtnet2 - LAN - 10.1.10.1/24

      The two VLANs I have placed on vtnet1 are as follows:

      VL10_ADM 10.10.10.1/24 - Admin
      VL20_IOT 10.10.20.1/24 - IOT/WiFi/OpenVPN
      VL30_CLR 10.10.30.1/24 - Clearnet

      The OpenVPN server I have configured resides on 10.10.25.1. We DO NOT actually require remote access from outside our home network and use static mapping for all of our network devices. I am aware that some devices such as smart TVs etc do not support OpenVPN connections but I can compensate this with the use of ethernet cabling.

      Could some from the community please chime in and give me a hand to work out what is wrong?

      Many thanks in advance.
      Kawa

      1 Reply Last reply Reply Quote 0
      • V Offline
        viragomann
        last edited by

        You're missing the outbound NAT rule for the OpenVPN tunnel network.
        Just copy one of the WAN rules and change the soure to 10.34.25.0/24.

        K 2 Replies Last reply Reply Quote 1
        • K Offline
          kawakawa @viragomann
          last edited by kawakawa

          This post is deleted!
          1 Reply Last reply Reply Quote 0
          • K Offline
            kawakawa @viragomann
            last edited by

            @viragomann

            Hey thanks. Its working now thank you so much for your help! Been trying to resolve this for ages!!

            Kawa

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.