Connection to OpenVPN successful but unable to access local resources



  • Hi All,

    Having a bit of an issue, had the OpenVPN service running smoothly for about 5 clients for 6 months.
    Suddenly, I'm unable to access any local resources when connected on my laptop at home. I've also attempted to connect when tethered to my phone to ensure it wasn't just my home network.

    I can connect to the VPN, and when i check on the firewall, there appears to be packets recieved, but when i try to remote onto a server, or open emails, no luck!

    When connecting, i get the following messages:

    On the OpenVPN client: I've masked the external IP as .*.*. for security

    Mon Jun 09 22:28:49 2014 OpenVPN 2.3.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Apr  9 2014
    Mon Jun 09 22:28:50 2014 Control Channel Authentication: using 'pfsense-udp-1194-ggcert-tls.key' as a OpenVPN static key file
    Mon Jun 09 22:28:50 2014 UDPv4 link local (bound): [undef]
    Mon Jun 09 22:28:50 2014 UDPv4 link remote: [AF_INET]**.***.***.**:1194
    Mon Jun 09 22:28:57 2014 [ServerCert] Peer Connection Initiated with [AF_INET]**.***.***.**:1194
    Mon Jun 09 22:28:59 2014 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
    Mon Jun 09 22:28:59 2014 OpenVPN ROUTE: failed to parse/resolve route for host/network: 172.18.200.0
    Mon Jun 09 22:28:59 2014 open_tun, tt->ipv6=0
    Mon Jun 09 22:28:59 2014 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{010D02F6-3E97-4A0B-80F2-B92C618432E5}.tap
    Mon Jun 09 22:28:59 2014 Successful ARP Flush on interface [19] {010D02F6-3E97-4A0B-80F2-B92C618432E5}
    Mon Jun 09 22:29:04 2014 Initialization Sequence Completed
    

    Server OpenVPN log:

    Jun 9 21:28:57	openvpn[14733]: 176.26.7.52:60993 [ggcert] Peer Connection Initiated with [AF_INET]176.26.7.52:60993
    Jun 9 21:28:57	openvpn[14733]: MULTI: no dynamic or static remote --ifconfig address is available for ggcert/176.26.7.52:60993
    Jun 9 21:28:59	openvpn[14733]: ggcert/176.26.7.52:60993 send_push_reply(): safe_cap=940
    

    Does anyone have any ideas? I previously worked, stopped all of a sudden.
    The VPN is running in bridge mode.

    Let me know if you need any more information.

    Thanks,


  • Rebel Alliance Developer Netgate

    tun mode or tap mode?
    What is your tunnel network? "remote networks"? Any client-specific overrides?



  • Hi Jimp,

    Many thanks for the reply.

    I'm running it in TAP mode and i have no Client Specific Overrides.
    I'm running in bridge mode with Lan being the bridge interface and the local network being 172.18.200.0/24 which is our local network in the business.

    Thanks,

    GG93



  • FIXED

    I went into the VPN interface, clicked 'Save' and all miraculously started working again.
    got the idea from another Thread: https://forum.pfsense.org/index.php?topic=75142.0

    Same problem too (vpn tap with certificate + bridge)

    The vpn connects correctly (from logs either client and server side), but no traffic passes through it as interface is down.
    Going to the interface properties hitting save makes it work

    The problem doesn't happen with vpn tun with shared key to another location

    Thanks for the help though!


Log in to reply