Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Redirect-gateway / redirect-gateway def1

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 4.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      XIII
      last edited by

      well i cant seem to get this to work it routes all traffic over the VPN but the firewall is blocking it for some reason even though I have an allow all rule on every interface but WAN. I though maybe it was my PKI so I went back to PSK, still nothing.
      Below is my Client Config and a rule that gets generated when trying to access an external website.

      remote vpn.com
      dev tun
      secret ovpn.txt
      cipher AES-256-CBC
      ifconfig 192.168.5.2 192.168.5.1

      i have tried the following:
      route 0.0.0.0 0.0.0.0
      route default gw 10.15.2.1
      redirect-gateway
      redirect-gateway def1

      pf: 6. 488006 rule 166/0(match): block in on tun1: (tos 0x0, ttl 128, id 3217, offset 0, flags [DF], proto TCP (6), length 40) 10.140.1.123.1921 > 74.125.45.125.5222: ., cksum 0xad97 (correct), ack 1 win 32718

      -Chris Stutzman
      Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
      Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
      freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
      Check out the pfSense Wiki

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Try switching to manual outbound NAT and ensure you have an outbound NAT rule that covers the VPN subnet.

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          If you're on 2.0, you also need to make sure you have an allow all rule on the OpenVPN tab, or if you have the interface assigned, whatever interface is there.

          By default pfSense 1.2.3 will not block any OpenVPN traffic unless you have checked the box to disable adding automatic VPN rules under advanced.

          Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • X
            XIII
            last edited by

            This is for a 1.2.3 system. I will give AON a try and see if that fixes it.
            Thanks.

            -Chris Stutzman
            Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
            Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
            freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
            Check out the pfSense Wiki

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.