4. SOLVED! - pfSense OpenVPN route trough WAN interface

SOLVED! - pfSense OpenVPN route trough WAN interface

  • G

    Hi all,

    after reading some howto's im successfully having my client to connect to my pfSense using PKI.

    when connected trough OpenVPN i want my client to be able to 'internet' trough my pfSense box.
    however when connected it just keep using my own gateway.

    i have been reading about pushing a route but not sure how to format it.

    can someone help me out?

    thanks!

    Had to create a manual entry in the Firewall -> NAT -> Outbound to add the OpenVPN subnet

    0

  • Please use the search function:
    http://forum.pfsense.org/index.php?action=search

    –> http://forum.pfsense.org/index.php/topic,6056.0.html

    0
  • G

    Hi,

    Sorry for not being very complete.

    I already used a open-vpn client specific push which looked like this:

    push "dhcp-option DNS 172.16.2.1";push "redirect-gateway def1"

    resolving DNS goes correct, but all other traffic does not work.

    0

  • What is in the log on the client side upon connection?
    Did you make sure that the pushes actually get to the client?

    0
  • G

    @GruensFroeschli:

    What is in the log on the client side upon connection?
    Did you make sure that the pushes actually get to the client?

    I see the following in my console:

    
Wed Jun 10 15:47:05 2009 PUSH: Received control message: 'PUSH_REPLY,dhcp-option
 DISABLE-NBT,route 10.0.50.1,ping 10,ping-restart 60,dhcp-option DNS 172.16.2.1,
redirect-gateway def1,ifconfig 10.0.50.6 10.0.50.5'

-- snip --

Wed Jun 10 15:47:10 2009 route ADD [b]<pfsense-wan-ip>[/b] MASK 255.255.255.255 172.17.3.8
Wed Jun 10 15:47:10 2009 Route addition via IPAPI succeeded
Wed Jun 10 15:47:10 2009 route ADD 0.0.0.0 MASK 128.0.0.0 10.0.50.5
Wed Jun 10 15:47:10 2009 Route addition via IPAPI succeeded
Wed Jun 10 15:47:10 2009 route ADD 128.0.0.0 MASK 128.0.0.0 10.0.50.5
Wed Jun 10 15:47:10 2009 Route addition via IPAPI succeeded
Wed Jun 10 15:47:10 2009 route ADD 10.0.50.1 MASK 255.255.255.255 10.0.50.5
Wed Jun 10 15:47:10 2009 Route addition via IPAPI succeeded
Wed Jun 10 15:47:10 2009 Initialization Sequence Completed</pfsense-wan-ip>
    0
  • G

    Also tried with TunnelBrick on Mac OS X.

    When looking in the console i see the def gw being set but i can not trace out further then the first hop (10.0.50.1) in my case…

    ???

    
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
0/1                10.0.50.5          UGSc        5       12   tun0
default            192.168.1.254      UGSc       12      113    en1
10.0.50.1/32       10.0.50.5          UGSc        0        0   tun0
10.0.50.5          10.0.50.6          UH          5        0   tun0
[PFSENSE-WAN-IP]/32    192.168.1.254      UGSc        1        0    en1
127                localhost          UCS         0        0    lo0
localhost          localhost          UH          4     3888    lo0
128.0/1            10.0.50.5          UGSc        1        0   tun0
    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy