Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't access certain clients through openVPN

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 223 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      leo_1988
      last edited by

      Hi guys,
      At my office I have a pfsense router with openvpn remote accesses server (ssl/tls + user auth) which is working great.
      The vpn is mostly used for pbx connection with android softphones.
      I recently needed to use a yealink T23G SIP device through the vpn and I saw that I had to use ssl/tls only in order to export the config file with the client export utility and import it into the device.
      So, I created a new vpn server through the wizard with the same settings except the tunnel network and Server mode which is ssl/tls only and the yealink T23G is online now.
      Problem is that when I use the new VPN I can’t access the pbx server but I can access other devices and servers on the network.
      Pbx has 2 network cards 192.168.3.1 on another VLAN 192.168.1.230 on my LAN
      Any ideas?

      Info below

      alt text

      Old VPN (works well)
      Tunnel net : 10.20.4.0/24
      Lan net:192.168.1.0/24

      dev tun
      persist-tun
      persist-key
      cipher AES-128-CBC
      ncp-ciphers AES-128-GCM
      auth SHA256
      tls-client
      client
      resolv-retry infinite
      remote 84.85.xx.xx 1194 udp4
      verify-x509-name "vpn-Certificate" name
      auth-user-pass
      pkcs12 link-UDP4-1194-lm.p12
      tls-auth link-UDP4-1194-lm-tls.key 1
      remote-cert-tls server
      

      new VPN (not working properly)
      Tunnel net : 10.20.5.0/24
      Lan net:192.168.1.0/24

      dev tun
      persist-tun
      persist-key
      cipher AES-128-CBC
      ncp-ciphers AES-128-GCM
      auth SHA256
      tls-client
      client
      resolv-retry infinite
      remote 84.85.xx.xx 1195 udp4
      verify-x509-name "vpn-Certificate" name
      pkcs12 link-UDP4-1195-lm.p12
      tls-auth link-UDP4-1195-lm-tls.key 1
      remote-cert-tls server
      
      

      rules
      alt text
      alt text

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.