Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Beginner: VPN works, but gateway issue (can't route to internet)

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 2 Posters 439 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sremick
      last edited by

      Despite being on pfSense for years, I've never gotten OpenVPN to work until today. Still a beginner, but finally getting some success!

      I can see all my internal network (10.1.1.xxx) from my VPN client (10.1.2.xxx) but I can't see the internet. From checking ipconfig (Windows), I see there's no default gateway. I do want all traffic routed through my home internet connection when connecting remotely to pfSense.

      I do have the option checked in pfSense for "Force all client-generated IPv4 traffic through the tunnel." I'd think that'd cover this but I guess not. I also tried adding "redirect-gateway def1
      " to the client config but that didn't help.

      I found this post but it didn't make a lot of sense to me so I need it dumbed down a bit (it sounds like it'd apply to me). The OP intrinsically understood things more than me:
      https://forum.netgate.com/topic/129490/openvpn-no-gateway-assigned-to-client

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @sremick
        last edited by

        @sremick said in Beginner: VPN works, but gateway issue (can't route to internet):

        "Force all client-generated IPv4 traffic through the tunnel."

        This option will be needed.
        But on the client side there is no need to make changes, since you push the necessary settings to the client.

        However, you will need to add an outbound NAT rule for the tunnel network (clients) to WAN, if it was not set by the wizard.

        S 1 Reply Last reply Reply Quote 0
        • S
          sremick @viragomann
          last edited by

          @viragomann said in Beginner: VPN works, but gateway issue (can't route to internet):

          However, you will need to add an outbound NAT rule for the tunnel network (clients) to WAN, if it was not set by the wizard.

          I'll need some guidance on this one. Sorry.

          Under Firewall / Rules / WAN I see one rule made by the VPN setup, IPv4 UDP from : to "WAN Address" port 1153 gateway *.
          Under Firewall / Rules / OpenVPN there's 1 rule also made by the VPN wizard, which is just from * to * (everything).

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @sremick
            last edited by

            @sremick
            Firewall > NAT > Outbound

            You should have a rule here on WAN for the tunnel subnet. If not you have to add it manually.

            S 1 Reply Last reply Reply Quote 0
            • S
              sremick @viragomann
              last edited by

              @viragomann Thanks, that's the nudge I needed. I was able to figure the rest out and I'm good to go!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.