Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    MSCHAPv2 VPN Working … mostly

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      krankykoder
      last edited by

      (In hindsight, I posted this as a reply in another thread, I shouldn't have hijacked that thread. My apologies…)

      After following the instructions here https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2, and learning more in the forums, I finally have a working VPN with MSCHAPv2. (I would rather have L2TP working, but that's another story for another thread)

      The issue I have now, hopefully the last issue, I am able to get connected just fine, and have outbound internet access through my VPN.

      What I don't have, however is access to hosts within my network, and there appears to be no DNS name resolution.

      Through my VPN, I can browse to webconfigurator, by IP, but not by name. I can also communicate with the PCs on the network by IP.

      I have allow any rules set on my firewall which should be allowing the traffic between LAN, IPsec and the virtual network set in the mobile clients.

      Don't know if this is relevant or not, but doesn't look normal to me, so I'll include it

      When the VPN is established on the Windows device,

      DNS Suffix= <empty>IP address=192.168.33.2 (within the range I set on Mobile Clients)
      Subnet mask=255.255.255.255
      Default Gateway=0.0.0.0

      If anyone has any insight, I would be grateful.

      Thanks!</empty>

      1 Reply Last reply Reply Quote 0
      • H
        hege
        last edited by

        Which DNS server you have set in the mobile clients section?

        Open a CMD and type nslookup, what is the Output with / without the VPN connection?

        1 Reply Last reply Reply Quote 0
        • K
          krankykoder
          last edited by

          @hege:

          Which DNS server you have set in the mobile clients section?

          Open a CMD and type nslookup, what is the Output with / without the VPN connection?

          Thank you for responding.

          Well, the doc I followed (linked in my original post) does not mention entering a DNS server. So I didn't enter one at first. Since when I wasn't able to reach the hosts inside my lan, I did try entering the IP of my PF box. Still not luck.

          To test from 'outside' my network, I am using internet sharing on my phone. when connected through my Phone nslookup returns my phone and it's IP as the default server and address. I get the same result whether I have the VPN connected or not.

          Going one step further, ipconfig /all still shows no entry for DNS server on the VPN interface.

          ipconfig.png
          ipconfig.png_thumb

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.