Redirect-gateway / redirect-gateway def1



  • well i cant seem to get this to work it routes all traffic over the VPN but the firewall is blocking it for some reason even though I have an allow all rule on every interface but WAN. I though maybe it was my PKI so I went back to PSK, still nothing.
    Below is my Client Config and a rule that gets generated when trying to access an external website.

    remote vpn.com
    dev tun
    secret ovpn.txt
    cipher AES-256-CBC
    ifconfig 192.168.5.2 192.168.5.1

    i have tried the following:
    route 0.0.0.0 0.0.0.0
    route default gw 10.15.2.1
    redirect-gateway
    redirect-gateway def1

    pf: 6. 488006 rule 166/0(match): block in on tun1: (tos 0x0, ttl 128, id 3217, offset 0, flags [DF], proto TCP (6), length 40) 10.140.1.123.1921 > 74.125.45.125.5222: ., cksum 0xad97 (correct), ack 1 win 32718


  • Rebel Alliance Developer Netgate

    Try switching to manual outbound NAT and ensure you have an outbound NAT rule that covers the VPN subnet.


  • Rebel Alliance Developer Netgate

    If you're on 2.0, you also need to make sure you have an allow all rule on the OpenVPN tab, or if you have the interface assigned, whatever interface is there.

    By default pfSense 1.2.3 will not block any OpenVPN traffic unless you have checked the box to disable adding automatic VPN rules under advanced.



  • This is for a 1.2.3 system. I will give AON a try and see if that fixes it.
    Thanks.


Log in to reply