4. New build - Open VPN connects, but only IP I can use is the PFSense LAN interfac

New build - Open VPN connects, but only IP I can use is the PFSense LAN interfac

  • M

    New build new install, performed as listed below.
    Open VPN installed as indicated in the video, but I added my internal DNS, and changed the client export tool to use my dynamic dns name.

    When external (windows 8.1 client) I can connect without issue.  I can also open up my pfSense web configuration GUI via chrome, but thats it.  opening up any other web server in my lab fails to connect, and they are all in the same subnet.
    PFSense 2.1 Build

    From Console
    WAN>RE0 LAN>RE1
    Set Interfaces
    WAN
    IPV4 DHCP - y
    IPV6 DHCP - n
    IPV6 address - n
    -reboot and test - OK
    Set interfaces
    LAN
    ip>192.168.110.1 /24
    no gateway
    DHCP server yes 192.168.110.100-192.168.110.200
    IPV6 - none
    Enable secure shell
    Disable boot menu
    exit to shell
    sysctl kern.geom.debugflags=16
    fdisk -B ad4
    y y
    sysctl kern.geom.debugflags=0
    -reboot and test - OK
    Move to web configuration tool
    logon admin pfsense
    hostname >rtr
    domain xx.xxxxx.ca
    timeserver to ca.pool.ntp.org
    timezone to America/Edmonton
    WAN Page > next
    LAN page > next
    set admin password to XXXXXXXX
    refresh browser on (192.168.110.1)
    Add features to dashboard
    DYNDNS, Gateways, Interface stats, Firewall logs, OpenVPN, PFBlocker, services status, traffic graphs
    SAVE settings

    Complete remove of IPV6
    system>advanced>networking> uncheck allow IPV6 Save

    Check System logs
    status>system logs>settings>GUI LOG entries 50>250
    -reboot and check logs for errors

    Add BandwidthD package and enable
    SYSTEM>PACKAGES>Available>install bandwidthD
    services>bandwidthD> enable and save

    Add OpenVPN Client Export Utility
    SYSTEM>PACKAGES>Available>install OpenVPN Client Export Utility

    Configure Dynamic DNS
    SERVICES>Dynamic DNS

    backup pfsense to file

    setup OpenVPN
    Youtube Video

    0
  • M

    Post your server1.conf.

    0
  • M

    dev ovpns1
    dev-type tun
    tun-ipv6
    dev-node /dev/tun1
    writepid /var/run/openvpn_server1.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto udp
    cipher AES-128-CBC
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    client-connect /usr/local/sbin/openvpn.attributes.sh
    client-disconnect /usr/local/sbin/openvpn.attributes.sh
    local 96.52.127.120
    tls-server
    server 192.168.2.0 255.255.255.0
    client-config-dir /var/etc/openvpn-csc
    username-as-common-name
    auth-user-pass-verify /var/etc/openvpn/server1.php via-env
    tls-verify /var/etc/openvpn/server1.tls-verify.php
    lport 1194
    management /var/etc/openvpn/server1.sock unix
    max-clients 10
    push "route 192.168.110.0 255.255.255.0"
    push "dhcp-option DOMAIN cm.5mars.ca"
    push "dhcp-option DNS 192.168.110.3"
    push "dhcp-option DNS 192.168.110.4"
    push "dhcp-option DNS 8.8.8.8"
    client-to-client
    ca /var/etc/openvpn/server1.ca
    cert /var/etc/openvpn/server1.cert
    key /var/etc/openvpn/server1.key
    dh /etc/dh-parameters.1024
    tls-auth /var/etc/openvpn/server1.tls-auth 0
    comp-lzo
    persist-remote-ip
    float

    0
  • M

    Also should add that I installed the client as an administrator, logged into windows also as a local admin, and I launched the client post install run as administrator.
    also I got the file from here /var/etc/openvpn/server1.conf using the diagnostics, edit a file tool (for the next guy)

    0
  • R

    I have the same problem. Any ideas?

    0
  • R

    It was a config error on my SMB server.

    0
  • M

    I have not tried anything as complex as SMB yet :)  I am concentrating on simple things like the embedded web management sites in my NAS and network devices.

    Access to the pfsense web config page at 192.168.110.1 works fine, access to my nas web config port at 192.168.110.14 does not.

    Is there any other info I can post or tests that I can go that would be helpful?  TIA

    0
  • M

    mervincm, post a network map, so we can see how things are laid out.  Also, post the routing table of the client when connected.

    You said your NAS is on 192.168.110.14, how are you trying to access that?  Can you ping it?

    0
  • R

    I My problem was fixed, for my phone.
    When I sign in on to my network at my office, I can't access anything…

    0
  • M

    This thread can be considered closed.  believe it or not, I had not cabled to tie the LAN segment to the switch with the other devices I was attempting to connect to.  Everything is connecting as expected.
    :-[

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy