SOLVED! - pfSense OpenVPN route trough WAN interface
-
Hi all,
after reading some howto's im successfully having my client to connect to my pfSense using PKI.
when connected trough OpenVPN i want my client to be able to 'internet' trough my pfSense box.
however when connected it just keep using my own gateway.i have been reading about pushing a route but not sure how to format it.
can someone help me out?
thanks!
Had to create a manual entry in the Firewall -> NAT -> Outbound to add the OpenVPN subnet
-
Please use the search function:
http://forum.pfsense.org/index.php?action=search -
Hi,
Sorry for not being very complete.
I already used a open-vpn client specific push which looked like this:
push "dhcp-option DNS 172.16.2.1";push "redirect-gateway def1"
resolving DNS goes correct, but all other traffic does not work.
-
What is in the log on the client side upon connection?
Did you make sure that the pushes actually get to the client? -
What is in the log on the client side upon connection?
Did you make sure that the pushes actually get to the client?I see the following in my console:
Wed Jun 10 15:47:05 2009 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DISABLE-NBT,route 10.0.50.1,ping 10,ping-restart 60,dhcp-option DNS 172.16.2.1, redirect-gateway def1,ifconfig 10.0.50.6 10.0.50.5' -- snip -- Wed Jun 10 15:47:10 2009 route ADD [b]<pfsense-wan-ip>[/b] MASK 255.255.255.255 172.17.3.8 Wed Jun 10 15:47:10 2009 Route addition via IPAPI succeeded Wed Jun 10 15:47:10 2009 route ADD 0.0.0.0 MASK 128.0.0.0 10.0.50.5 Wed Jun 10 15:47:10 2009 Route addition via IPAPI succeeded Wed Jun 10 15:47:10 2009 route ADD 128.0.0.0 MASK 128.0.0.0 10.0.50.5 Wed Jun 10 15:47:10 2009 Route addition via IPAPI succeeded Wed Jun 10 15:47:10 2009 route ADD 10.0.50.1 MASK 255.255.255.255 10.0.50.5 Wed Jun 10 15:47:10 2009 Route addition via IPAPI succeeded Wed Jun 10 15:47:10 2009 Initialization Sequence Completed</pfsense-wan-ip> -
Also tried with TunnelBrick on Mac OS X.
When looking in the console i see the def gw being set but i can not trace out further then the first hop (10.0.50.1) in my case…
???
Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire 0/1 10.0.50.5 UGSc 5 12 tun0 default 192.168.1.254 UGSc 12 113 en1 10.0.50.1/32 10.0.50.5 UGSc 0 0 tun0 10.0.50.5 10.0.50.6 UH 5 0 tun0 [PFSENSE-WAN-IP]/32 192.168.1.254 UGSc 1 0 en1 127 localhost UCS 0 0 lo0 localhost localhost UH 4 3888 lo0 128.0/1 10.0.50.5 UGSc 1 0 tun0
