Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    I'm just missing a bit, can you help?

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 93 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      alanbaker
      last edited by

      Due to Unifi's awful implementation of OpenVPN by way of not allowing persistent custom options I've come back to my trusty PFSense.

      I have internet to unifi router with UDP port 1194 forwarded to PFSense in the lan.

      Pfsense is on a stand alone PC with just LAN cable connected.
      In PFSense WAN is simply disabled.
      I have configured OpenVPN to listen on LAN connection UDP port 1194

      I've tried a PCAP on PFSense and see the incoming packet.

      19:28:52.221140 IP connecting.public.ip.address.21067 > 10.0.0.4.1194: UDP, length 54

      and in sockets

      root openvpn 44809 6 udp4 10.0.0.4:1194 :

      So PFSense seems to be receiving the request and listening for it but not reacting to it.
      OpenVPN logs show no reaction to the connection attempt either.
      What am I missing?

      Happy to submit further information to assist.

      Thanks in advance!

      V 1 Reply Last reply Reply Quote 0
      • V Offline
        viragomann @alanbaker
        last edited by

        @alanbaker
        Is UPD port 1194 allowed from anywhere in the LAN rules?
        Possibly the source is limited to the LAN subnet.

        @alanbaker said in I'm just missing a bit, can you help?:

        19:28:52.221140 IP connecting.public.ip.address.21067 > 10.0.0.4.1194: UDP, length 54

        If the OpenVPN server is listening on this IP and port and the firewall allows the access, I expect to see something in the OpenVPN log. Otherwise there must be something wrong with the server.

        1 Reply Last reply Reply Quote 0
        • A Offline
          alanbaker
          last edited by

          Thanks but I'mafraid to say I've had a conversation with chatgpt about it and it didn't take long to find the solution, firstly as you suggested I binded to any interface, then created a dedicated firewall rule in the LAN interface.

          Then got
          Connection Attempt write UDPv4: No route to host (fd=6,code=65)
          in OpenVPN logs

          Which again chatgpt advised creating a default gateway route back to the UDM in System/Routing

          Hope this helps someone else in the future.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.