Vyprvpn and specific port routing..
-
Hi all,
I have a working openvpn client in Pfsense to vyprvpn, it took me a while to get that working but now it is. :)
But I am having trouble to route any traffic over it, I have added the openvpn client as an interface, added the gateway under routing. As described in this tutorial:
http://forum.pfsense.org/index.php/topic,29944.0.html
But I am not able to get my lan traffic to go over the openvpn connection.
The end goal is to have some specific ports to be routed over the vyprvn connection, like port 80 http and port 443 https.
Any idea what the problem could be?
I can ping from within pfsense over the vyprvpn gateway. And when I do a trace over the gateway I can see it is correctly routing. But why doesn't it route my other traffic…..
I am on the latest build from today.
Cheers,
Remco
-
hi;
have you created a firewall rule which forces LAN traffic over that gateway ?
as in this photo:
also, maybe consider writing a HOWTO for this in a new thread, and possibly it will be stickied.
-
Hi,
I have set the firewall according the picture, but it is still not working. I also created a rule under the openvpn client that connects to vypr vpn to allow all traffic… but that also did not help.
If I am getting it to work I will make a tutorial... I can already make a tutorial for the connection to Vyprvpn. Wil try to do that today when I have some spare time at work... ;D
Cheers
-
alright so you've got the firewall rule,
I also created a rule under the openvpn client that connects to vypr vpn to allow all traffic…
this possibly ? ```
redirect-gateway def1provide me with some screenshots of: note : black out or blur any unrelated content ! SYSTEM –> ROUTING --> GATEWAYS FIREWALL --> RULES --> LAN VPN --> OPENVPN --> CLIENT --> CONTENTS OF VYPRVPN CLIENT DIAGNOSTICS --> ROUTES -
Here are the screenshots.. I have disabled the vyprvpn rule because if I enable it no web traffc was possible…
If you need more info let me know !!
-
ahh ok,
everything looks finedo this:
-
re-enable the lan rule
-
go to FIREWALL –> NAT --> OUTBOUND
-
select "Manual Outbound NAT rule generation" and click save
your set.
-
-
I had already Manual Outbound NAT Rule Generation turned on…
So I turned it off, restarted. And I did your steps again, restarted. Still no luck, I can't even ping to the outside, when I turn the vyprvpn firewall rule off I have internet back again.
Any other idea's? Could there be something wrong wtih my pfsense instalation itself? Never had any problems before...
Thnx again for your time.
-
I also created a rule under the openvpn client that connects to vypr vpn to allow all traffic…
this possibly ? ```
redirect-gateway def1if you do not have this, please add it to Advanced Configuration, under the vpn client. disable & restart the client.
-
Added your line to the advanced configuration of the vyprvpn clent..
But no luck, still not working.
I think I am going to setup a new PFsense installation on a different drive, I want to test if it then works..
-
I have a working openvpn client in Pfsense to vyprvpn, it took me a while to get that working but now it is. :)
Remco,
Could you provide some details what exactly you did to configure vyprvpn? I'm trying to set it up and always fail at basically the same point:
When I set peer to peer shared key as server mode openvpn complains about the usage of auth-user-pass setting of the advanced field. when I set server mode to ssl/tls I can set the CA key provided by vyprvpn, but I have no client key… so openvpn fails at that point. how did you get a client certificate?
thanks.
-
Hi,
I will try to make a tutorial tonight, I don't have enough time now.
Remco
-
any further info? i can't wait to get it working but I'm stuck without your help ;)
-
any further info? i can't wait to get it working but I'm stuck without your help ;)
Found the tutorial here,
http://forum.pfsense.org/index.php/topic,35292.0.htmland here,
http://forum.pfsense.org/index.php/topic,29944.0.htmlWorking great, thanks.
-
I have started a tutorial topic:
http://forum.pfsense.org/index.php/topic,35292.0.html