Can't Connect to Webservers Behind VPN

picnicsecurity

Hello All,

I am having a rather unique issue that I can not seem to figure out. I posted about this issue a while ago in another section but it was not as high of a priority then so I set it aside for a later date. In a nutshell, I can not connect to the webservers behind the vpn in a browser. Below are all the details and troubleshooting steps I have done so far. If anyone has any idea as to a solution I would be forever grateful.

Problem:
I have pfsense NAT-ing all my traffic from a VLAN through a VPN. I can not type in the IPs of webservers on the remote lab network and have their webpage display in a browser. I can get the page with wget or curl. If I add headers to the wget request though, it will produce the exact same issue as confirmed by wireshark.

Note:
When I refer to "remote webservers" I am referring to the hosts behind the VPN in the external 10.11.0.0/16 network. My internal network is on the 10.0.33.0/24 network. The attached captures came from pfsense under Diagnostics -> Packet Capture and I have confirmed that the captures are the same regardless of where it is captured from.

Goal:
To be able to view the remote webservers through a browser.

Troubleshooting:
I verified that I can ping the remote webservers. I can also scan the hosts with nmap and get full detailed information.
The issue has been confirmed on Windows 10 (x64), Kali Linux (x64), and Kali Linux (x86)
The issue has been confirmed on Chrome, Internet Explorer, and Firefox.
On all OS-es I can use wget/curl to download the index.html file without issue. ( See packetcapture_good.cap )
When using any browser the request will time out after a certain amount of requests. ( See packetcapture_bad.cap )
Verified under Status -> OpenVPN that I am connected and getting Bytes Sent and Received
Verified that OpenVPN, OVPN, and UNTRUSTED33 (local vlan) have a permit all rule under Firewall -> Rules -> $(Interface)
Verified that I am using Manual Outbound NAT and that all trafic from the 33 VLAN is being sent to 10.11.0.0/16. ( See Below Photo )

The following command allows me to download the index.html file:

wget 10.11.1.13

The following command replicates the issue with the browser:

wget 10.11.1.13 --header="User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" --header="Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" --header="Accept-Language: en-US,en;q=0.5" --header="Accept-Encoding: gzip, deflate" --header="Connection: keep-alive" --header="Upgrade-Insecure-Requests: 1" -v

The following command removes the above issue:

wget 10.11.1.13 --header="User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" --header="Accept: text/html,application/xhtml+xml" -v

When connecting any one of my local hosts to the VPN directly, I can view the remote webservers without issue

Temporary Solution:
I used a Firefox extension called Simply Modify Headers that allows me to remove the parts of and or the whole headers that seem to be causing the issue. However, this is not exactly stable and is only a bandaid fix.

I do not know of any other information that I could provide but I will gladly do my best to provide whatever is asked.

Thanks Everyone!