OpenVPN Firewall Rules problem

mathais

Hi,
I have configured OpenVPN with NordVPN on my pfsense 23.05.1
I added one Rule to NAT and another to Rules :

Now, all my LAN traffics pass through the VPN.
But I have a problem with my IPTV Smarters application. When I use then VPN, the apps doens't works.
I need to allow port 80 and 8080. I tried to add theses 2 rules on LAN, NORDVPN and OpenVPN, but nothing works...
I alos tried to open and allow ALL ports, but it doesn't works...
How can I open theses ports through my VPN ?
Thank you very much.

viragomann

@mathais
Edit both rules and add your IPTV subnet as destination.
Then move both up above the NORDVPN policy routing rule.

mathais

@viragomann said in OpenVPN Firewall Rules problem:

@mathais
Edit both rules and add your IPTV subnet as destination.
Then move both up above the NORDVPN policy routing rule.

thx, you're talking about the 8080 an 80 ports rules?

viragomann

@mathais
Yes.

mathais

@viragomann said in OpenVPN Firewall Rules problem:

@mathais
Yes.

I tried it but it doesn't works.
I don't understand...
Without VPN, I use this rule and my IPTV works well :

But if I switch the gateway to NORDVPN_Gateway, my IPTV stop working... This is the same on my computer.

viragomann

@mathais
From where do you need to access to where here?
I assumed, that you access from LAN to the LAN_IPTV network.

mathais

@viragomann said in OpenVPN Firewall Rules problem:

@mathais
From where do you need to access to where here?
I assumed, that you access from LAN to the LAN_IPTV network.

Ok, don't look about LAN2_IPTV on my pfsense. This interface is dedicated to my Formuler Z11 IPTV (192.168.3.0/24) and it works well with VPN through pfsense. I connect to an IPTV server on the WEB.

My problem is when I want to connect to the same IPTV server with "IPTV Smarters pro" application on my computer.
My computer is on the LAN network (192.168.2.0/24)
Without the VPN, I can connect to the server from my computer to the IPTV server.
But when I configure the VPN on pfsense with OpenVPN, the connexion from my computer to the IPTV server doesn't works.

IPTV Smarters pro works when I use the NordVPN client directly on my computer.

That's weird...

I can't explain why.

viragomann

@mathais
So the destination server is in the web. Then I guess, it blocks VPN providers like some others too.

So you have to send request to it to the WAN gateway instead of the VPN.

To do so add a rule to the top of the LAN rule set and put the server into the destination, not dest ports. In the advanced options state the WAN gateway.

If you only have one or multiple hostnames, create an host alias and add all host names to it. Then use this alias as destination.

mathais

@viragomann said in OpenVPN Firewall Rules problem:

o do so add a rule to the top of the LAN rule set and put the server into the destination, not dest ports. In the advanced options state the WAN gateway.

Yes, the destination server is in the web. But this web server doesn't block VPN connection because :

1. With my Formuler Z11, I can access to the web server IPTV (MyTVOnline 3) through the VPN installed in pfsense.
2. With my computer, I can access to the web server IPTV through NordVPN client directly installed on my computer.

The problem is when I want to connect to the web server from my computer through the VPN installed on pfsense. Maybe the problem is IPTV Smarter Pro application ?