pfSense not routing connection's traffic to OpenVPN

PintsizedSix40 · May 22, 2019, 6:02 AM

I'm kinda a noob with pfSense. I have an OpenVPN Server on a Ubuntu VPS and I'm trying to proxy (ik its the wrong term but idk the right one for vpn) a single IP. My configuration for the VPN seems to be correct (I can see connections from my IP in the status). For the other configs, I have setup (and enabled) the VPN interface (VPN1) and it currently has no firewall rules. The only rules I've set are my nat rules (the IP I want to proxy is 192.168.1.100). Heres an image of the config I've set to route traffic. When I go onto the machine that should be proxied, it isn't. Looking up my ip gives the same result. If anyone could point out what I'm doing wrong, it would be great!

EDIT: I also tried setting a lan rule for the machine (source 192.168.1.100) and setting the gateway in advanced. Same result.

viragomann · May 22, 2019, 9:49 AM

Is pfSense the default gateway on the machine with 192.168.1.100?
Does not seem so. If it was, there should be an additional outbound NAT rule for the WAN gateway.

PintsizedSix40 · May 22, 2019, 2:19 PM

Yes, pfSense is the default gateway. I can access pfSense's control panel (192.168.1.1) and ipconfig (this is a windows machine) says the default gateway is 192.168.1.1.

viragomann · May 22, 2019, 3:20 PM

So that
@PintsizedSix40 said in pfSense not routing connection's traffic to OpenVPN:

EDIT: I also tried setting a lan rule for the machine (source 192.168.1.100) and setting the gateway in advanced. Same result.

should do the trick.
Ensure that that rule is on the top of the LAN rule set, so it matches at first.

Otherwise post the whole LAN rule set, please.

PintsizedSix40 · May 22, 2019, 4:32 PM

It is at the top and all the other rules are the default ones (expect the anti-lockout). NAT is set to only use custom rules.
EDIT: WAN, LAN, my VPN Interface (VPN1) and OpenVPN have no rules, NAT.

PintsizedSix40 · May 22, 2019, 10:47 PM

My VPN settings are:
P1 P2 P3 P4 P5

PintsizedSix40 · May 23, 2019, 1:14 AM

When I disable the LAN to WAN, I lost all internet connection (I also changed the source of my VPN LAN rule so that it accepts any source from 192.168.1.0/24 instead of 192.168.1.100/32). When I check the status of the OpenVPN server though, it's getting connections from my IP. I'm not quite sure what the problem is from.

viragomann · May 23, 2019, 7:19 PM

You wrote in your first post above, you've set up an OpenVPN server on Ubuntu VPS, but your screen-shots show the a server set up on pfSense.
An OpenVPN server cannot connect to another one. I can't believe, that the connection is shown as up.

If you're running the server on Ubuntu you have to set up a client on pfSense to connect to it.

PintsizedSix40 · May 24, 2019, 1:32 AM

@viragomann I did setup a client. My screenshots show it on the client tab.

EDIT: I checked the box to not allow the VPN to set it's own routing and now I'm getting no network on the machine (ping 8.8.8.8 doesn't work either). It seems to be routing it, but I'm not sure why it has no connection.

PintsizedSix40 · May 24, 2019, 7:44 PM

Checking OpenVPN staus, I get Bad compression stub (swap) decompression header byte: 42. My settings are right.