Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Services over VPN work on one laptop yet not an other

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 198 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      caleb4643
      last edited by caleb4643

      I was able to configure the pfSense OpenVPN so I am able to access services over the VPN from a given laptop. I transferred an exact copy of the client config (*.ovpn) to a different laptop and although I can connect to the VPN, I can ping the same hosts I expect services from as the working laptop, and I can see the firewall rules behave as I would expect (given I am able to block ping). The first service I expect to work is admin over HTTP/S to the firewall however the connection times out over a browser. Nmap says host is up yet finds no open ports. I have tried applying any/any to the OpenVPN and LAN tabs in the firewall rules to no avail. I was able to test SSH on and I was able to SSH in. However, I am completely stuck as to why HTTP/S is apparently getting rejected/blocked. Ultimately, I intend to get SMB over the VPN and firewall yet that is not working either. I have thus far only been able to ping and SSH from this particular laptop. All of the services I expect do work from the first laptop.

      I have read through the OpenVPN troubleshooting KB and I am leaning towards gateway misconfiguration. However, a) I do not see anything different between each laptop yet, b) I would assume, if the gateway or firewall rules on (on the firewall) were misconfigured, the services would not work from either laptop. I have attempted making the rules on all the relevant devices as open as I know how yet still HTTP/S to the firewall when connected to the VPN is always failing from this particular laptop. I have analyzed Wireshark traffic the best I know how. Clearly port 443 signals to the firewall are not getting responses. Using Wireshark

      Furthermore, I tried enabling "Data Channel Offload (DCO) for this instance" and I saw that the VPN connection was made using the "DCO" interface however I have unchecked that box and the VPN connection continues to go through the "DCO" interface.

      I am using the latest version of the Community OpenVPN GUI. Curiously, even the working laptop behaves similarly (unable to HTTP/S to firewall) if I use the OpenVPN Connect client to connect.

      The way I test is by connecting to a public (yet secure) WiFi in my area.

      For the life of me I cannot find what is different between each laptop where one works over the VPN and the other doesn't.

      Thank you for your help or incite.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.