OpenVPN assigning interface not working

netgatech

Hello,

I am running OpenVPN on pfsense since years and now, for some need, I would like to assign an interface for it.

I've followed the documentation here : https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/assign.html

But I have a problem... I have now the two following tabs in "Interfaces" :

• OVPNInterface (the new OPT assigned interface)
• OpenVPN (which is the default one)

I have removed all rules in OpenVPN and put them on OVPNInterface. When I do that, I try to connect with my client device on pfsense and I have not any access anywhere... When I try to put a rule again on OpenVPN interface to allow traffic, it works.

My conclusion is that the new interface is totally ignored by Openvpn despite the service restart and firewall reboot I've done.

Anyone has an idea please ?

Thank you.

viragomann

@netgatech
Is the dedicated interface shown up in Status > Interface?
And if it is can you post a screenshot, please?

netgatech

@viragomann Hello, thanks for your answer. For no reason, yesterday it started to work... I can't explain what I've missed but I have rebooted the FW one more time and tested again.

For now, I have to solve the other issue I have; I can access LAN resources but not on internet. I saw I've to create NAT outbound rules but it's not so clear and what I tried is not working yet. I should miss something here...

Thank you!

Gertjan

@netgatech said in OpenVPN assigning interface not working:

can access LAN resources but not on internet. I saw I've to create NAT outbound rules but it's not so clear

Make it clear :

where 192.168.1.0/24 is my LAN
192.168.2.0/24 is my second LAN
192.168.100.0/24 is my third LAN
192.168.3.0/24 is my OpenVPN server interface instance.

I've created nothing.

When I connect with my OpenVPN client to my pfSense OpenVPN server, I can visit LAN(s) and I'm using the Internet of pfSense (so I get into pfSense over the VPN, and that back out again to visit whatever).

netgatech

@Gertjan Hello, I've succeeded to make it works by creating a rule on OpenVPN (default tab) saying that all traffic that don't go to local subnet go to the default pfsense gateway and not the GW on new open vpn interface created.

Gertjan

@netgatech

My default OpenVPN page is completely empty :

The OpenVPN server is bound to the VPNS interface :

Rules : just one pass rule :

netgatech

@Gertjan Ok thanks but can you go on internet from clients using the vpn ?

Gertjan

@netgatech said in OpenVPN assigning interface not working:

thanks but can you go on internet from clients using the vpn ?

I'm answering this post with my phone. The phone uses OpenVPN connect, and is a OpenVPN client.
I'm connected to the pfSense VPN server shown above.
So, yes