Can't access pfSense over VPN
I have a site to site VPN setup with iroutes so both networks can communicate with each other. I can ping the LAN address of the remote pfSense server but if I try to access it through the web I get nothing. I can access the VPN address of it, but it complains about HTTP_REFERRER problems. Seems I shouldn't have to use the VPN address anyway though.
I don't see anything obvious being blocked in either firewall. Any ideas what I can check? Thanks for your help.
viragomann last edited by
Have you activated the "Anti-Lockout Rule" to allow Access to the webconfigurator from anywhere to LAN address:
ID Proto Source Port Destination Port Gateway Queue Schedule Description * * * LAN Address 1483 * * Anti-Lockout Rule
Otherwise you have to add a rule to allow this from your openVPN subnet.
Yes, it's enabled by default for me.
ID Proto Source Port Destination Port Gateway Queue Schedule Description * * * LAN Address 80 * * Anti-Lockout Rule
Thank you for the suggestion.
Seems I'm still having trouble with this. I can route everything between my two networks just fine, but if I try to access the IP of the remote pfSense server, it just times out. Connecting over the VPN address does seem to be working now though, but is there some sort of setting that would be blocking access to the LAN IP over VPN?
Again, I see no indication of anything being blocked in the firewall and can ping both ways just fine.
priller last edited by
I can access the VPN address of it, but it complains about HTTP_REFERRER problems. Seems I shouldn't have to use the VPN address anyway though.
System: Advanced: Admin Access
Disable HTTP_REFERER enforcement check
.. would be a workaround for that specific issue.
Have only had to use that when the LAN subnet was the same on both sides and had to NAT to access local resources. You doing any NAT for the VPN networks?
Ok, this was a silly problem. I have a multi-wan gateway and a firewall rule that directs anything that is destined for port 80 or 443 and is NOT destined to one of my local subnets to use the mult-wan gateway. I had forgot to add the VPN remote network to my local subnet alias so it was going out the multi-wan gateway and getting lost. All is working perfectly now.