Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Windows openvpn client behind a PfSense firewall can t connect to a remote ovpn

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 3 Posters 3.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jmarcosm
      last edited by

      Hi, my ovpn client of my notebook (winxp) on a lan of a PfSense firewall can t connect to a remote openvpn server.
      My question is what im doing wrong with the configuration of the pfsense firewall.  I already done the following wan firewall rule:

      Action:pass
      interface:wan
      protocol:udp
      Source:any
      dest:any
      dest range port: from OPenVPN to OpenVPN

      There is another rule i have to ?

      Thanks in advance for any help or advice!

      1 Reply Last reply Reply Quote 0
      • K
        kpa
        last edited by

        That rule is wrong and probably not needed, the outgoing connection to the remote openvpn server comes from LAN, not WAN. You don't need any rules for outgoing connection unless your LAN rules are restrictive, are they?

        1 Reply Last reply Reply Quote 0
        • J
          jmarcosm
          last edited by

          Hi kpa,
          Thankyou for your answer.

          I have "Automatic outbound NAT rule generation (IPsec passthrough)" activated. I m using 1.2.3-RC1.

          1 Reply Last reply Reply Quote 0
          • K
            kpa
            last edited by

            Automatic/manual outbound NAT does not matter with OpenVPN since it does not require a static source port like IPSEC does. Can you post a screenshot of the firewall rules on LAN interface?

            1 Reply Last reply Reply Quote 0
            • Cry HavokC
              Cry Havok
              last edited by

              You need to create the rule on the LAN interface - all pfSense rules apply to the interface the traffic arrives on, not the interface it leaves on.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.