OpenVPN connection fails unless appliance has static IP WAN

abinition

This post is deleted!

abinition

I stand corrected: the WAN setting via the console or via the web gui are the same thing.

But, the provider router is an ATT Uverse Arris NVG599. It can be a DHCP server of the static sub-net, so it can assign the pfsense router one of those static IPs. When that happens, how I don't know exactly, things will work great, including openvpn.

But if the pfsense appliance get's assigned a 192.168 DHCP IP, then there seems no way to contact the OpenVPN server. But all the CARP VIP's work just great.

If the pfsense is assigned one of the static IPs, then no remote connections, including HTTP,SSH,OpenVPN seem to get thru on the other VIPs.

Maybe tell the NVG599 router about the mac address of the pfsense appliance and have it allocated one of the static IPs to that.

abinition

Solved!

For those with ATT Uverse Arris NVG599 router and a block of 5 static IP's, the key to getting OpenVPN to connect is as follows:

1. Leave WAN interface in DHCP mode. Ex: 192.168.1.199
2. Add a static route for the x.y.z.48/29 network
3. Add 5 CARP VIP's 49,50,51,52,53
4. Use OpenVPN wizard to generate WAN address service
5. Confirm RULE also written for port 1194 WAN address
6. Add NAT to translate x.y.z.53 for port 1194 to WAN address 192.168.1.99
7. Export openvpn config.
8. Edit the config and change 192.168.1.199 to x.y.z.53

Away you go...

JKnott

@abinition said in OpenVPN connection fails unless appliance has static IP WAN:

Away you go...

What about IPv6?