VPN subnet can't communicate LAN via HTTP



  • Hi all,

    I've tried to figure out the issue I am currently having but couldn't so I'd like to get some help from you if that's okay.

    I have configured OpenVPN on pfSense (it's running as a VM on a hypervisor, version 2.4.4 p3). So, after VPN access I can communicate with other VMs on the LAN. However, there is a bit of strange situation. I have set up a web server VM in the LAN and when I tried to access via web browser, it doesn't work. Routing is fine since I can ping the server. At the moment, no fancy firewall rules are implemented. For OpenVPN, it allows any IPv4 from any to any.

    It looks like the request hits the web server as shown below:

    ovpns1 	tcp 	172.20.3.12:36058 -> 172.28.1.21:80 	CLOSED:SYN_SENT 	3 / 0 	180 B / 0 B
    

    But nothing returns unfortunately. I have captured packet from the web server VM and it shows the server sent back SYN,ACK packet multiple times but packets didn't seem to return.

    Hardware checksum offloading is disabled. I'd like to know where I should start to figure out. If you require further information, I am willing to provide. Thanks very much.

    Eoin


  • LAYER 8 Rebel Alliance

    Asymetric routing maybe?
    Is your webserver using the pfSense as gatway?

    -Rico



  • @Rico Since ping is working between pfSense and the VM, I believe routing is fine. But if you could let me know the way to check, I will do that and post the result here. Thanks.


Log in to reply