Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    From 1.2.3 to 2.1.2 - no LAN access for VPN Clients

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    5 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pfsense123
      last edited by

      Hello,

      we have 4 years used the version 1.2.3 and want now upgrade to 2.1.2.
      I tested it on a new machine with a fresh install. But i cant get it work…

      The WAN and LAN connection is ok. Now i setup a PPTP Server with the same config like the running old pfsense.
      From the Homeoffice i connect to the pfsense and it runs. But now i cant access any Server/Client on the pfsense Side. I forgot to set the "ALL" Rule for PPTP in the Firewall. Ok, now i can ping and access the pfsene but that is all, not any other running Server in the same LAN.

      Same problem with OpenVPN, IPSec, L2P,

      tested with 32 and 64bit.

      ???

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        Do you have policy-routing rules? (i.e. rules that specify a gateway)
        The behavior of those has changed. In older versions, extra pass rules were automatically put in to allow "local" traffic to be passed to the normal routing table. Now in newer versions (2.1 and later), policy-routing rules do as they say, if you policy-route everything, then everything goes out the specified gateway. Often this is the reason for simple "local routing" to stop working on an upgrade like this.
        Add rule/s before the policy-routing rules to pass traffic between "local" subnets, with no gateway specified.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • P
          pfsense123
          last edited by

          thanks for your answer!

          where must i set the extra policy-routing (NAT?) rule and with which configuration?

          now i have a fresh pfsense with only pptp settings. and a rule for the traffic
          IPv4* * * * * * none  All Rule

          with no Gateway  i can't make a rule, because the dropbox says default, or the IP from WAN.

          i looked in my 1.2.3 pf an there the same rules.

          pic1.PNG
          pic1.PNG_thumb
          pic2.PNG
          pic2.PNG_thumb

          1 Reply Last reply Reply Quote 0
          • P
            pfsense123
            last edited by

            From local Net i can ping the PPTP Client on the other Side. I can remote control the PPTP Client with tightvnc.

            On the PPTP Client "Homeoffice" Side i can only reach the PFSense IP.

            1 Reply Last reply Reply Quote 0
            • P
              pfsense123
              last edited by

              someone any ideas which rules i must set for LAN traffic?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.