Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFsense 2.0 and 1.2.3 mixed OpenVPN

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 2 Posters 4.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pisang98
      last edited by

      Site 1 (PFSense 1.2.3-RELEASE)
      Dual WAN (Fixed IP's)
      OpenVPN Server
      LAN 192.168.1.1

      Site 2 (PFSense 2.0-BETA1)
      Dual WAN (Dyn IP's)
      OpenVPN Client
      LAN 192.168.0.250

      When I had a PFSense 1.2.3 on site 2 my OpenVPN (Site2Site) worked without any problems.

      Now that I have upgraded to PFSense 2.0 (2x Dyn PPPoE)  I'm having troubles with my OpenVPN

      My 2XWAN on Site2 are balanced TIER1 and thats working.
      OpenVPN connects and is working.  Ping on the PFsense interfaces work to all ip's (Site1 & Site2)

      Connecting from site 1 -> site 2 is working.  (OpenVPN Server)
      Connecting from site 2 -> site 1 is NOT working. (OpenVPN Client)

      I need a OpenVPN Bridge <-> from all networks.

      I have a Firewall rule   *  *  *  *  *  *  none     OpenVPN  for the OpenVPN Traffic on Site2

      I have something wrong on my new PFSense 2.0 (Site2) config.  Or I don't understand the new OpenVPN in 2.0

      Please help.

      1 Reply Last reply Reply Quote 0
      • B
        blackb1rd
        last edited by

        This should work fine, make sure you specify both local and remote subnets at the 2.0 configuration. 1.2.3 seems only require the remote subnet, it isn't even possible to provide the localnet, so that's fine. I have a working OVPN tunnel between 1.2.3 and 2.0.

        1 Reply Last reply Reply Quote 0
        • P
          pisang98
          last edited by

          @blackb1rd:

          This should work fine, make sure you specify both local and remote subnets at the 2.0 configuration. 1.2.3 seems only require the remote subnet, it isn't even possible to provide the localnet, so that's fine. I have a working OVPN tunnel between 1.2.3 and 2.0.

          In the 1.2.3 its not possible to provide the localnet like you said.  (1)
          But where do you enter the localnet subnet it in the 2.0 config ? (2)

          1 Reply Last reply Reply Quote 0
          • B
            blackb1rd
            last edited by

            I'm sorry, checked it but there doesn't seem to be a localnet value. Don't know why I thought that, prolly mixed up ipsec and openvpn. My bad!
            Not sure what's wrong with your configuration, as pinging from one site to the other is possible, both should have the correct routes put in. You could try adding an allow all from/to all rule for the LAN interface and make sure it's on top of the other rules, but I would suspect you'd have the same problem with 1.2.3 <-> 1.2.3. Always worth trying, making sure no firewall interferes.

            Good luck.

            1 Reply Last reply Reply Quote 0
            • P
              pisang98
              last edited by

              Found the solution:

              Due to the Dual WAN solution.  all my LAN traffic  wanted to go true the  MULTIWAN  Gateway.    this means also OpenVPN traffic.

              Now that I made 1 rule on my LAN    that only traffic for port 80 needs to be balanced and go true the MULTIWAY Gateway 
              then 1 rule  lower pri  that lets all other traffic  true the * default gateway.

              NOW my OpenVPN works in both directions

              @pisang98:

              Site 1 (PFSense 1.2.3-RELEASE)
              Dual WAN (Fixed IP's)
              OpenVPN Server
              LAN 192.168.1.1

              Site 2 (PFSense 2.0-BETA1)
              Dual WAN (Dyn IP's)
              OpenVPN Client
              LAN 192.168.0.250

              When I had a PFSense 1.2.3 on site 2 my OpenVPN (Site2Site) worked without any problems.

              Now that I have upgraded to PFSense 2.0 (2x Dyn PPPoE)  I'm having troubles with my OpenVPN

              My 2XWAN on Site2 are balanced TIER1 and thats working.
              OpenVPN connects and is working.  Ping on the PFsense interfaces work to all ip's (Site1 & Site2)

              Connecting from site 1 -> site 2 is working.  (OpenVPN Server)
              Connecting from site 2 -> site 1 is NOT working. (OpenVPN Client)

              I need a OpenVPN Bridge <-> from all networks.

              I have a Firewall rule   *  *  *  *  *  *  none     OpenVPN  for the OpenVPN Traffic on Site2

              I have something wrong on my new PFSense 2.0 (Site2) config.  Or I don't understand the new OpenVPN in 2.0

              Please help.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.