Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN traffic being blocked by default deny rule for some users?

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 3 Posters 935 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wmw509
      last edited by wmw509

      I have a basic openVPN server setup on my pfsense (v 22.01), and have made a few VPNs for different users. My VPN works just fine, it connects, passes the appropriate routes, and I can access everything I expect to.

      However an identical VPN for another user I just created does not allow any access to subnets behind the firewall at all. The VPN connects successfully, the openvpn logs all show a successful connection. If I check the routes when the user is connected everything looks fine, but still nothing is accessible.

      When checking the firewall logs I can see that any traffic for this user is blocked by Default deny rule IPv4 (1000000104) or Default deny rule IPv4 (1000000103). I am confused why this is happening, I am testing them both from my computer and as far as I can tell everything is pretty identical.

      Edit: I should add that the pfsense this VPN is on is behind another pfsense. The outside pfsense has an alias WAN address with a port forward pointing to the inside pfsense.

      W V M 3 Replies Last reply Reply Quote 0
      • W
        wmw509 @wmw509
        last edited by

        @wmw509 Bump....anyone else ever have anything like this happen? Kind of has me pulling my hair out, I have probably set up openvpn hundreds of times and never had this issue

        1 Reply Last reply Reply Quote 0
        • V
          viragomann @wmw509
          last edited by

          @wmw509 said in OpenVPN traffic being blocked by default deny rule for some users?:

          When checking the firewall logs I can see that any traffic for this user is blocked by Default deny rule IPv4 (1000000104) or Default deny rule IPv4 (1000000103).

          Ensure that the blocked packets are SYN and not anything else.
          Inexplicable blocks are often due to asymmetric routing.

          1 Reply Last reply Reply Quote 0
          • M
            marvosa @wmw509
            last edited by

            @wmw509 Post the rules on your OpenVPN tab. Also, did you assign your tunnels to interfaces? If so, are there rules allowing traffic on those interfaces?

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.