OpenVPN Pf-Sense <-> Unifi Dream Machine Pro

tpensel

Hi there,

i would like to connect my Unifi Dream Machine Pro (UDMP) to an existing PF-Sense via OpenVPN. The VPN Server shall be on the Side of the PF-Sense. UDMP connects to home Network which is handled by a Telekom Speedport Smart 3 (i cannot change this one due to construction and Telekom entertain Service for TVs) so the WAN Port is connected to the Speedport via fixed internal IP.

Till now i tried a lot but the UDMP does not even seem to connect to the Server von PF-Sense (i see nothing in the logs the Pf-Sense)

alt text

DaddyGo

@tpensel said in OpenVPN Pf-Sense <-> Unifi Dream Machine Pro:

but the UDMP does not even seem to connect to the Server von PF-Sense

Hi,

by the time you get out of the UDMP you will need to forward the port(s) multiple times... it's not lucky situation

as I understand it, it is a dual-NAT or...., ++++ public..... / 192.... / 10......
make the port forwarding settings on Speedport + UDMP

(is the pfSense also in dual-NAT? (Vigor in bridge mode or not? - 192.168.38.1 is LAN or WAN IP?, may be LAN)

use this pls.:
https://docs.netgate.com/pfsense/en/latest/packages/openvpn-client-export.html

and take the initiative test from here 10.100.1.x OVPN client and monitor the logs after
https://openvpn.net/community-downloads/
(if this works, you can proceed to configure the UDMP OVPN client)

BTW:_
I don't understand why you are using this 10.x.y.z range (RFC1918) this is unnecessary...
(it is a home network not an office with 4000 - 8000 clients)

tpensel

@daddygo

192.168.38.1 is LAN IP
The PF-Sense is connected via a DynDNS Name

10.x.y.z is nessesary cause we are running a bunch of offices - 192.x.x.x does no longer serve us. We are changing all up to 10.X.Y.Z but till everything is up I need to connect the old firewalls with the new ones :-) Later on everything will be changes to 10.x.y.z :-)