OpenVPN Connectivity Issue from Public Network | Pfsense VM

Gokulapandi

Hi Team,

We are configuring a new OpenVPN server on a pfSense VM inside Proxmox, but the VPN connection is not working when accessed from the public network.

Infrastructure Setup

Proxmox Host IP: 10.10.35.3
Gateway: 10.10.35.1
Upstream Firewall Public IP: x.x.x.x

Bridge vmbr1: Connected to NIC (Public network)

Internal Network

Bridge vmbr0: 10.10.50.0/24 (no NIC attached)

pfSense LAN IP: 10.10.50.1 (vmbr0)
pfSense WAN IP: 10.10.35.5 (vmbr1)
pfSense Gateway: 10.10.35.1

Port Forwarding (Configured on Upstream Firewall)

x.x.x.x:1194 → 10.10.35.3:1194 (OpenVPN)
x.x.x.x:8088 → 10.10.35.3:8088 (pfSense GUI)

Current Status

pfSense GUI is accessible from public using x.x.x.x:8088.

Upstream firewall VPN is working.

If we connect to the upstream firewall VPN, we can successfully connect to the pfSense OpenVPN server.

Issue

The pfSense OpenVPN server is not reachable directly from the public network using x.x.x.x:1194.

Is this possible this setup ?

Mon Mar 16 17:58:26 2026 OpenVPN 2.6.12 [git:v2.6.12/038a94bae57a446c] Windows [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jul 18 2024
Mon Mar 16 17:58:26 2026 Windows version 10.0 (Windows 10 or greater), amd64 executable
Mon Mar 16 17:58:26 2026 library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10
Mon Mar 16 17:58:26 2026 DCO version: 1.2.1
Mon Mar 16 17:58:29 2026 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Mon Mar 16 17:58:29 2026 UDPv4 link local: (not bound)
Mon Mar 16 17:58:29 2026 UDPv4 link remote: [AF_INET]x.x.x.x:1194
Mon Mar 16 17:59:29 2026 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Mar 16 17:59:29 2026 TLS Error: TLS handshake failed
Mon Mar 16 17:59:29 2026 SIGUSR1[soft,tls-error] received, process restarting
Mon Mar 16 17:59:30 2026 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Mon Mar 16 17:59:30 2026 UDPv4 link local: (not bound)
Mon Mar 16 17:59:30 2026 UDPv4 link remote: [AF_INET]x.x.x.x:1194

stephenw10

@Gokulapandi said in OpenVPN Connectivity Issue from Public Network | Pfsense VM:

Port Forwarding (Configured on Upstream Firewall)

x.x.x.x:1194 → 10.10.35.3:1194 (OpenVPN)

That should be forwarded to the pSense WAN IP at 10.10.35.5 not to the Proxmox host IP at .3

Gokulapandi

@stephenw10 I mentioned incorrectly, But we did port forwarding for 10.10.35.5:1194

stephenw10

And it still fails the same way?

Check the states in pfSense when you're trying to connect. Do you see the incoming state on WAN?

If you don't see a state do you see blocked traffic in the firewall log?