openVPN connects but no traffic.

zMaliz

Hi.

I've followed this guide:
https://turbofuture.com/computers/How-to-Setup-a-Remote-Access-VPN-Using-pfSense-and-OpenVPN

and openVPN is connecting from my Android phone via 4G

From the phone I can ping an internal device, from that device I can ping the android device, however I can't web browse to it. I've confirmed the local device is working and responding correctly locally.

From the android phone I can't connect to the pfsense box which is on the same subnet as the other device.

In Rules / OpenVPN I have a single entry:
Protocol: IPv4
Source: *
Port: *
Destination: *
Port: *
Gateway: *
Queue: None

I can't see anything in my LAN rules that would block this.

Can anyone advise what I have setup wrong.

Thanks :)

zMaliz

@zmaliz
Further details on the networking.

VPN / OpenVPN / Servers
IPv4 Tunnel 10.0.8.0/24
IPv4 Local Network: 192.168.0.0/24

pfSense is 192.168.0.1
Linux server: 192.168.0.20 <- this is the device I'm trying to browse to.

Thanks

zMaliz

@zmaliz
I've just run a Packet catpure with the interface set as the openVPN server and it does look like traffic is routing.

So why does it fail when I browse to it ?

Thanks

17:26:53.692007 IP 10.0.8.2.45078 > 192.168.0.20.443: tcp 0
17:26:53.692288 IP 192.168.0.20.443 > 10.0.8.2.45078: tcp 0
17:26:53.700531 IP 10.0.8.2.45080 > 192.168.0.20.443: tcp 0
17:26:53.700769 IP 192.168.0.20.443 > 10.0.8.2.45080: tcp 0
17:26:53.740240 IP 10.0.8.2.45078 > 192.168.0.20.443: tcp 0
17:26:53.748038 IP 10.0.8.2.45078 > 192.168.0.20.443: tcp 517
17:26:53.748073 IP 10.0.8.2.45080 > 192.168.0.20.443: tcp 0
17:26:53.748238 IP 192.168.0.20.443 > 10.0.8.2.45078: tcp 0
17:26:53.749216 IP 192.168.0.20.443 > 10.0.8.2.45078: tcp 1332
17:26:53.761780 IP 10.0.8.2.45080 > 192.168.0.20.443: tcp 517
17:26:53.761965 IP 192.168.0.20.443 > 10.0.8.2.45080: tcp 0
17:26:53.762862 IP 192.168.0.20.443 > 10.0.8.2.45080: tcp 1332
17:26:54.063347 IP 192.168.0.20.443 > 10.0.8.2.45078: tcp 1332
17:26:54.095597 IP 192.168.0.20.443 > 10.0.8.2.45080: tcp 1332

zMaliz

@zmaliz It appears that I was wrong about the windows PC.
I've just tried this on a laptop connecting via 4G and openVPN connects, but browsing to the server fails.

At one point I had ping & SSH access, but no browsing on port 80 or 443. I've checked the logs and nothing appears to be blocking.

I do have an openVPN client connecting to PIA and that meant I had to add some Hybrid Outbound NAT rules.

eg:
Interface: WAN
Address Family: IPv4 + IPV6
Protocol: Any
Source: Network 192.168.0.0/24
Destination: Any
Translation: Interface Address

Interface: PIA
Address Family: IPv4 + IPV6
Protocol: Any
Source: Network 10.10.0.0/24
Destination: Any
Translation: Interface Address

Would these have any affect on the openVPN server and remote clients ?
For now I've deleted the server, does anyone have a guide I can follow.

Thanks

zMaliz

@zmaliz anyone have any ideas on this ?
Thanks