Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Multiple conection from a network to OpenVPN

    OpenVPN
    2
    7
    943
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jbalreira last edited by

      Hi everybody!

      I configured a OpenVPN Server with the wizard, and created a tunnel network (192.168.230.0/24) to make the users access resources from the LAN network (192.168.0.0/24).

      The VPN is working flawlessly, but I found a problem when connecting clients that use the same connection to the internet.

      I make a connection from my Windows 7 and got the IP 192.168.230.6 and I can access to all the resources provided by the computers on the destination LAN network 192.168.0.0/24.
      But then I make a connection on my Android phone and got the IP 192.168.230.6, but I can't access the resources as I should be able to.

      Both my Windows 7 and Android are connected to the same network that is providing access to the internet.

      When I disconnect the Android from the Wifi network that is providing internet to the Windows 7 too, and use the 3G connection from the phone, the Android can access everything as it should without problems.

      So the problem only happens when both VPN clients (Windows and Android) are using the same internet resources.

      What can I do to solve this?

      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • K
        kejianshi last edited by

        Have you tried this with TCP?  I assume this is UDP?

        1 Reply Last reply Reply Quote 0
        • J
          jbalreira last edited by

          Yes it's UDP. TCP is better for OpenVPN? I can give a try…
          It's a kinda strange because this issue only happens when both clients are using the same internet resources from the same wifi router.

          1 Reply Last reply Reply Quote 0
          • K
            kejianshi last edited by

            I didn't say TCP is better.  In fact its not as nice usually especially over a long haul.

            However some networks treat lots of incoming UDP as if its an attack and try to shut down those connections.

            My ISP here can be like that from time to time.  Seems they will try every trick in the book to shut down a UDP VPN.  Comes and goes.

            Could also be just a network quality issue where they are dropping the packets?  I doubt it though.

            So, on pfsense I run a couple of VPN instances at minimum.  One UDP, NOT on the standard port.  One TCP preferably on port 443, but maybe 80.

            If you are married to running pfsense HTTPS gui on port 443 then make the TCP VPN on port 80.  Give it a try.

            Also, before you switch, let me ask.  Are you using the same common name (username) on both the VPNs simultaneously?  Or are they seperate usernames?

            Try giving each device a seperate username and exporting seperate packages to each with UDP because UDP is preferable.

            TCP on 443/80 is just a backup.  Usually more reliable at the expense of a performance hit.

            1 Reply Last reply Reply Quote 0
            • J
              jbalreira last edited by

              I'm using diferent users/names for the client devices.
              I have tested your sugestion (TCP), but it's equal… I'm having the same problem.

              Once more.. when I disconnect the Android from the wifi(that it is being used by the windows client too), and use 3G, everything works fine...

              1 Reply Last reply Reply Quote 0
              • K
                kejianshi last edited by

                Don't suppose you can post your server settings?

                1 Reply Last reply Reply Quote 0
                • J
                  jbalreira last edited by

                  kejianshi:

                  Thanks alot for your tips! I have solved the problem!

                  Now I'm running the VPN Server using UDP on a high port (51750), and disabled the option to redirect all the traffic through the gateway. And I have also changed the topology(of the VPN tunnel) from subnet30 to /24.

                  Now I can connect using Android Phone, Android Tablet and Windows PC and acess all resources from the destination network, even if all the devices are using the same shared internet connection.

                  Thank you! :)

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post

                  Products

                  • Platform Overview
                  • TNSR
                  • pfSense Plus
                  • Appliances

                  Services

                  • Training
                  • Professional Services

                  Support

                  • Subscription Plans
                  • Contact Support
                  • Product Lifecycle
                  • Documentation

                  News

                  • Media Coverage
                  • Press
                  • Events

                  Resources

                  • Blog
                  • FAQ
                  • Find a Partner
                  • Resource Library
                  • Security Information

                  Company

                  • About Us
                  • Careers
                  • Partners
                  • Contact Us
                  • Legal
                  Our Mission

                  We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                  Subscribe to our Newsletter

                  Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                  © 2021 Rubicon Communications, LLC | Privacy Policy