Reach AWS server when connecting to LAN by OpenVPN

  • I have a site hosted on AWS setup to allow traffic from my WAN address only. It works no problem if connecting directly from our LAN but if I connect outside the LAN via OpenVPN I can't reach the site. I have attached my OpenVPN settings. Any help is greatly appreciated.

  • it's not a matter about openvpn, it's a problem about whether routing or firewall rules or NAT policies. It depends on the rest of your config, which you haven't posted ;-)
    does your openvpn sets an redirect-gateway - or will you be visible with your pfsense-wan-ip when openvpn is established?
    Are you able to connect to WebIF of your pfSense via openvpn, or able to ping the device (if enabled)?

    If you need furtherer assistence, please just ask ;-)

  • Ok. I wasn't thinking it through very well. From your response it looks as though I need to force all traffic from the client through the tunnel in order for them to be recognized as coming from my IP when connected to the VPN. Otherwise, it sees their home WAN IP as what is trying to connect. Is that correct?

    Also, here's my current setup pertaining to OpenVPN:

    • I firewall rules allowing all OpenVPN traffic through the WAN and all OpenVPN traffic through the LAN.
    • I don't have the Redirect Gateway option checked as shown in the second attachment on the original post.
    • I have Advanced Outbound Nat turned on with a rule allowing OpenVPN on our LAN (had to implement AON due to outbound pptp VPN).

    Thanks so much for your help.