OpenVPN clients problems
-
Hi, i've a new pfsese installation.
wan--->external Fortigate--->internet
lan---->internal subnets
Openvpn server on pfsenseAll openvpn clients, are negotiating correctily with server, but cannot navigate to internals subnets.
Where can I see why? Firewall logs aren't helping me.
What could be the problem?Thank you
-
@uzzi78 said in OpenVPN clients problems:
Firewall logs aren't helping me.
Maybe they could, if you let them do so.
During test phase, check this option :
Now default (hidden) block rules will also log.
Test again with a VPN client. Can you see traffic (being blocked) now in the firewall log ?@uzzi78 said in OpenVPN clients problems:
but cannot navigate to internals subnets
No access to LANs - but can you access for example the pfSense admin interface ?
The internet ?Do you use this "OpenVPN" interface :
Or have you assigned to the OpenVPN server interface an interface (mine is called OPENVPN here ) :
On the interface used by the OpenVPN server, as it is an 'incoming' interface' there must be pass rules. I've entered a pass for IPv4 and IPv65, as i'm using both.
Also : check your clients, for what OpenVPN version they are using.
pfSense 2.5.2 is based on the "2.5.2" OpenVPN version. There are some minor changes, when compared to the older 2.4.x OpenVPN that was used before. -
Hi @gertjan , thank you
I'm tryng to ping 172.16.6.111 from OpenVPN clients
I have disabled Log firewall default bloks
-
@uzzi78 prob have compression setup wrong, not matching. Do you have comp-lzo set different on server vs client.. Compression really shouldn't be used currently.
https://community.openvpn.net/openvpn/wiki/VORACLE
-
Thank you, now works fine.
Can I notify when Openvpn clients are connected to server? -
@uzzi78 how you mean notify - you can see right on the dashboard if clients are connected, etc.
Just add the openvpn widget
Are you looking for like an email? here is thread
https://forum.netgate.com/topic/151351/email-notification-openvpn-client-connect-common-name/26
-
Thank you
works fine