Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    No traffic between OpenVPN client and network.

    OpenVPN
    3
    11
    8319
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jai23155 last edited by

      hi, I am new to pfsense. managed to setup ipsec site-to-site tunnel through pfsense web interface. Now trying to configure openVPN for remote users. downloaded openVPN client software and managed to connect it to pfsense box from anywhere. when i connect to vpn server, it is giving an ip 192.168.12.10, can see on the server's openVPN status as well but i could neither ping this IP nor see it in ipconfig. couldn't ping & browse LAN. I am missing something, but dont know what it is. please help me. thanks

      1 Reply Last reply Reply Quote 0
      • N
        Nachtfalke last edited by

        You have to edit the firewall rule for your OpenVPN.
        You can first try with allow all:
        PASS * * * *

        If your network looks like this example:

        client –-VPN (192.168.12.0/24) --- pfsense --- 192.168.100.0/24

        Then there should be access after editing the firewall rule in OpenVPN.

        If you have different subnets behind your pfsense, then you have to enter:
        push "route x.x.x.x y.y.y.y"
        in advanced configuration of your pfsense OpenVPN Server.

        1 Reply Last reply Reply Quote 0
        • J
          jai23155 last edited by

          could you be more specific please. i already created a rule to allow openVPN from any to any. i can connect, but when i do ipconfig /all on client it is showing self assigned address (169.254.37.36) on openvpn interface.
          my set up is: LAN-192.168.10.0/24; openvpn-192.168.12.0/24; pfsense local-192.168.10.100; pfsense wan-xxx.xxx.xxx.xxx
          please tell me where & what exactly i should create the rule. it's been a week since i am searching for it, i am missing something small issue, but couldn't figure out what it is.
          thanks

          1 Reply Last reply Reply Quote 0
          • N
            Nachtfalke last edited by

            Hi,

            The Network on which the remote user is connected to the internet must NOT be the same as the tunnel network or the network the pfsense uses. There must be three different networks.

            Sometime pictures say more than 1000 words ;)
            In some cases my english isn't so good to explain things like I would do in my native language. But just let me know, if you need some more help!








            1 Reply Last reply Reply Quote 0
            • J
              jai23155 last edited by

              thanks brother, i dont see any openVPN tab in my firewall rules. can see LAN, WAN & IPsec only. i am  getting 255.255.255.252 rather than 255.255.255.0 on client pc when i did ipconfig /all. could you please tell me what i am missing.
              did you mean three private networks ???

              1 Reply Last reply Reply Quote 0
              • N
                Nachtfalke last edited by

                That you do not see any OpenVPN Tab in firewall rules is curious. This tab appeares when you finished your OpenVPN Server Config. Do you use the actual pfsense snapshot ? Perhaps there is a difference between 1.2.3 and 2.0. I am using 2.0.

                Whatever if you use private or not private networks, it should work.
                I think there is something wrong with your server configuration because the OpenVPN tab in firewall rules doesn't appear.

                In "STATUS" -> "SERVICES" check if openvpn is running.

                I added my complete configuration of OpenVPN server so you can check the differences.


                1 Reply Last reply Reply Quote 0
                • J
                  jai23155 last edited by

                  can i run ipsec & openVPN both processes at same time ??

                  1 Reply Last reply Reply Quote 0
                  • J
                    jai23155 last edited by

                    hi, came to know that i can run ipsec and openvpn at same time. but i dont find a way to start openvpn process. thanks

                    1 Reply Last reply Reply Quote 0
                    • N
                      Nachtfalke last edited by

                      A possibility could be - just for testing purposes - to disable and/or deinstall all IPsec configs and just try OpenVPN….but I don't think this will make much sense.

                      are you using the actual snapshot of pfsense 2.0 ?

                      1 Reply Last reply Reply Quote 0
                      • J
                        jai23155 last edited by

                        i am using pfsense 1.2.3.
                        deinstalling ipsec makes no difference.

                        1 Reply Last reply Reply Quote 0
                        • X
                          XIII last edited by

                          as noted in the pfsense docs:
                          "Word of caution: You can have both IPSec and OpenVPN enabled/in use at the same time, however, not for the same subnets. Any IPSec tunnel that references a subnet you wish to use in OpenVPN must be disabled, but IPSec andOpenVPN do not conflict."

                          Your Site-Site is using IPSec so you will want to use IPSec for your remote clients or switch everything over to OpenVPN

                          Edit: To see/set rules for any OpenVPN Tunnel, you need to add it as an interface, so you not seeing it is not unusual. What is your clients OpenVPN config? (remove public IPs/FQDNs)

                          -Chris Stutzman
                          Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
                          Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
                          freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
                          Check out the pfSense Wiki

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post