• I want to connect using TUN but I want pfSense to route all the traffic from the tunnel to the LOCAL address interface:

    i.e.  Tunnel address, a computer connects, gets IP, I want it to be able to see servers in LOCAL interface ( so server1's IP I want it to be accessible from machine or any VPN machine.


  • Anybody?  TUN setup on unrooted android device that allows me navigate through my LAN interface?

  • Banned

    Yeah, that's the whole point of the VPN. I seriously do not get what's your special issue with TUN.

  • I configured my TUN, I can connect, it has a network, but I can't access my LAN which is and I don't think I can add routes on my unrooted Toshiba Excite 10.

  • Banned

    Well, then you are doing it wrong. Impossible to advise without any information whatsoever on the configuration.

  • Server Mode: Peer to Peer ( SSL/TLS )
    Protocol: UDP
    Device Mode: tun
    Interface: WAN
    Local port: 1194
    Peer Certificate Authority: M4F1050-CA 
    Server Certificate: FIREWALL (CA: M4F1050-CA) *In Use M4F1050 (CA: M4F1050-CA) 
    DH Parameters Length: 1024 bits 
    Encryption algorithm: AES-128-CBC (128-bit)
    Hardware Crypto: BSD cryptodev engine - RSA, DSA, DH, DES-CBC, DES-EDE3-CBC, AES-128-CBC, AES-192 …   
    Certificate Depth: (Client+Server)
    IPv4 Tunnel Network:
    IPv4 Local Network/s:
    Concurrent connections: 10
    Compression: Compress tunnel packets using the LZO algorithm. 
    Type-of-Service: Set the TOS IP header value of tunnel packets to match the encapsulated packet value. 
    Duplicate Connections: Allow multiple concurrent connections from clients using the same Common Name.  NOTE: This is not generally recommended, but may be needed for some scenarios.

  • Banned

    Where's "IPv4 Local Network/s"?

  • @doktornotor:

    Where's "IPv4 Local Network/s"?

  • Banned

    OMG. Make a screenshot. Not interested in reading perpetually edited post.

  • Here is a screen shot.

  • Banned

    Peer-to-Peer is for site-to-site connection. Cannot see what are you trying to do here with the Android phone.

  • I'm going to sort this later on team viewer…

  • Actually I already did.  I had forgotten to open up UDP port 1195 on my modem, stupid me!  At first I changed the 1194 OpenVPN setting to TUN from TAP but since I couldn't get it to work at first I created a 2nd OpenVPN server (1195) and I never opened the port.  I'm using the TUN as a "TAP" on my Excite 10.  I can now see the local network (LAN) on my pfSense from my Excite connected via OpenVPN Connection (non-root)

  • Thats good - Now you are like everyone else.  Boring huh?

  • @kejianshi:

    Thats good - Now you are like everyone else.  Boring huh?

    LOL… I know right..?  I wanted to play with VoIP next...!  >:- )

  • VOIP - Yippie!  That never causes anyone hardship.  :P

  • If you are going to run a SIP server, remember to forward port 5060 OK?  I read some places it helps.

Log in to reply