Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing Issue: LAN Clients > Local pfSense > Proxy > Remote pfSense > Internet

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 864 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jmtyra
      last edited by

      Hi everyone :)

      I'm having an issue with traffic routing over OpenVPN when a proxy is used. Without the proxy, everything works perfectly. This guide was used to configure everything:
      https://doc.pfsense.org/index.php/Routing_internet_traffic_through_a_site-to-site_OpenVPN-connection_in_PfSense_2.1
      (AMAZING guide by the way, thank you!!!!)

      The layout without the proxy is as follows: LAN Clients > Local pfSense 2.1 (OpenVPN client) > Remote pfSense 2.1 (OpenVPN server) > Internet

      The problem comes in when I introduce a proxy in front of the local pfSense. Obviously, the OpenVPN client won’t connect, until I modify the client configuration (within the pfSense GUI) to the correct proxy IP and port. No authentication is needed, so ‘none’ is selected there.

      After that change, the OpenVPN client will successfully connect to the OpenVPN server, but the local LAN clients can’t connect to the internet. However, they can successfully reach the remote LAN clients as well as ping the remote gateway.

      After hours of searching the forum and visiting the Google ‘oracle’ ;) I’ve finally given up and decided to reach out to the pfSense experts. Any ideas? Thank you in advance for your help!

      (For reference if needed)

      IP addressing:

      • 10.14.x.0/24 for the LAN clients

      • 10.14.x.1 for the local pfSense gateway

      • 10.14.z.0/24 for the remote pfSense LAN clients

      • 10.14.z.1 for the remote pfSense gateway

      Local pfSense (OpenVPN Client):

      • Peer-to-peer, TCP, TUN, TLS

      • 192.168.y.0/28 for the tunnel

      • IPv4 Remote Network/s: 10.14.z.0/24

      • Advanced config: redirect-gateway def1;route 10.14.z.0 255.255.255.0

      Remote pfSense (OpenVPN Server):

      • Peer-to-peer, TCP, TUN, TLS

      • 192.168.y.0/28 for the tunnel

      • IPv4 Local Network/s: 10.14.z.0/24

      • IPv4 Remote Network/s: 10.14.x.0/24

      • Advanced config:<blank></blank>

      • Client Specific Override: iroute 10.14.x.0 255.255.255.0

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.