OpenVPN Connection to pfSense
-
Hello,
I have local NPS server, which I have setup as an authentication server for pfSense. NPS authenticates against an Active Directory database with MFA enabled. I have setup a OpenVPN server, which uses user authentication from the NPS server. When I connect using OpenVPN locally, I enter my credentials and authorize the login from Microsoft Authenticator and everything works - I get an IP assigned.
When I try the same thing, but from outside the network - it fails. This means that it must be related to pfsense firewall rules and etc. Do you have any idea what could cause that or where can I start with the debug?
Thanks
-
@crasht1me Is your Windows Server firewall blocking traffic not from it's local subnet? Windows Defender has a nasty habit of blocking traffic from networks it doesn't see regularly. You can test this temporarily by disabling defender for a bit to see if it accepts the traffic request.
-
Mmm, I would have expected the authentication traffic to have been between pfSense and NPS in that situation. Maybe the MFA part is forwarded?
The server side authentication logs are the first place I would check.
-
Thank you for the answers! It turned out to be unrelated to pfsense issue, which is now resolved.