New build - Open VPN connects, but only IP I can use is the PFSense LAN interfac
-
New build new install, performed as listed below.
Open VPN installed as indicated in the video, but I added my internal DNS, and changed the client export tool to use my dynamic dns name.When external (windows 8.1 client) I can connect without issue. I can also open up my pfSense web configuration GUI via chrome, but thats it. opening up any other web server in my lab fails to connect, and they are all in the same subnet.
PFSense 2.1 BuildFrom Console
WAN>RE0 LAN>RE1
Set Interfaces
WAN
IPV4 DHCP - y
IPV6 DHCP - n
IPV6 address - n
-reboot and test - OK
Set interfaces
LAN
ip>192.168.110.1 /24
no gateway
DHCP server yes 192.168.110.100-192.168.110.200
IPV6 - none
Enable secure shell
Disable boot menu
exit to shell
sysctl kern.geom.debugflags=16
fdisk -B ad4
y y
sysctl kern.geom.debugflags=0
-reboot and test - OK
Move to web configuration tool
logon admin pfsense
hostname >rtr
domain xx.xxxxx.ca
timeserver to ca.pool.ntp.org
timezone to America/Edmonton
WAN Page > next
LAN page > next
set admin password to XXXXXXXX
refresh browser on (192.168.110.1)
Add features to dashboard
DYNDNS, Gateways, Interface stats, Firewall logs, OpenVPN, PFBlocker, services status, traffic graphs
SAVE settingsComplete remove of IPV6
system>advanced>networking> uncheck allow IPV6 SaveCheck System logs
status>system logs>settings>GUI LOG entries 50>250
-reboot and check logs for errorsAdd BandwidthD package and enable
SYSTEM>PACKAGES>Available>install bandwidthD
services>bandwidthD> enable and saveAdd OpenVPN Client Export Utility
SYSTEM>PACKAGES>Available>install OpenVPN Client Export UtilityConfigure Dynamic DNS
SERVICES>Dynamic DNSbackup pfsense to file
setup OpenVPN
https://www.youtube.com/watch?v=VdAHVSTl1ys -
Post your server1.conf.
-
dev ovpns1
dev-type tun
tun-ipv6
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-128-CBC
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
client-connect /usr/local/sbin/openvpn.attributes.sh
client-disconnect /usr/local/sbin/openvpn.attributes.sh
local 96.52.127.120
tls-server
server 192.168.2.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc
username-as-common-name
auth-user-pass-verify /var/etc/openvpn/server1.php via-env
tls-verify /var/etc/openvpn/server1.tls-verify.php
lport 1194
management /var/etc/openvpn/server1.sock unix
max-clients 10
push "route 192.168.110.0 255.255.255.0"
push "dhcp-option DOMAIN cm.5mars.ca"
push "dhcp-option DNS 192.168.110.3"
push "dhcp-option DNS 192.168.110.4"
push "dhcp-option DNS 8.8.8.8"
client-to-client
ca /var/etc/openvpn/server1.ca
cert /var/etc/openvpn/server1.cert
key /var/etc/openvpn/server1.key
dh /etc/dh-parameters.1024
tls-auth /var/etc/openvpn/server1.tls-auth 0
comp-lzo
persist-remote-ip
float -
Also should add that I installed the client as an administrator, logged into windows also as a local admin, and I launched the client post install run as administrator.
also I got the file from here /var/etc/openvpn/server1.conf using the diagnostics, edit a file tool (for the next guy) -
I have the same problem. Any ideas?
-
It was a config error on my SMB server.
-
I have not tried anything as complex as SMB yet :) I am concentrating on simple things like the embedded web management sites in my NAS and network devices.
Access to the pfsense web config page at 192.168.110.1 works fine, access to my nas web config port at 192.168.110.14 does not.
Is there any other info I can post or tests that I can go that would be helpful? TIA
-
mervincm, post a network map, so we can see how things are laid out. Also, post the routing table of the client when connected.
You said your NAS is on 192.168.110.14, how are you trying to access that? Can you ping it?
-
I My problem was fixed, for my phone.
When I sign in on to my network at my office, I can't access anything… -
This thread can be considered closed. believe it or not, I had not cabled to tie the LAN segment to the switch with the other devices I was attempting to connect to. Everything is connecting as expected.
:-[