Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Rules and Routing Problem

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 406 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      powerextreme
      last edited by

      Hello,

      I have an OpenVPN server set up and running for remote access. I am able to connect to the psfsense but I am noticing some strange behavior.

      In the OpenVPN tab of my firewall rules I have this rule:
      Screen Shot 2020-08-30 at 11.14.54 AM.png

      This rule allows me to connect to my internal IP addresses. However it doesn't allow me to surf the Internet through the VPN. I came to the conclusion I need to specify the gateway.

      So I went into advanced settings and selected my gateway. The rule now looks like this:
      Screen Shot 2020-08-30 at 12.15.06 PM.png

      However, now I am not able to access any of the internal IP addresses. When remove the gateway again, it allows me to then reach them.

      Any ideas?

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        You don't have to specify a gateway for internet access. That's given by the default route anyway.

        Possibly you are missing an outbound NAT rule for VPN traffic going out to WAN?

        1 Reply Last reply Reply Quote 0
        • P
          powerextreme
          last edited by

          I do have an outbound NAT rule for VPN traffic to go through the WAN.

          Screen Shot 2020-08-30 at 6.45.26 PM.png

          I don't know why if I specify the gateway the access to local IP's go away.

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @powerextreme
            last edited by

            There is no need to hide private IPs.

            @powerextreme said in OpenVPN Rules and Routing Problem:

            I don't know why if I specify the gateway the access to local IP's go away.

            Cause that rule allow only traffic to the specified gateway. You will need an additional rule on the top of the rule set to allow access to internal subnets.

            What do get on the client, when you try to access an internet resource?

            Check if you can access the web by using an IP instead of a host name to rule out a DNS issue.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.