Hidemyass
-
Hi,
I have pfSense 2.1.5-RELEASE amd64 (and 2.2 same problem). I configured the VPN as this topic says, but I have the same issues described here. So I switched to Manual Outbound NAT rule generation but when OPENVPN connection goes up, I cannot surf.Openvpn logs
May 18 19:32:22 pfSense openvpn[31930]: PUSH: Received control message: 'PUSH_REPLY,topology subnet,route-gateway 10.200.0.1,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,redirect-gateway def1,ifconfig 10.200.1.118 255.255.252.0' May 18 19:32:22 pfSense openvpn[31930]: OPTIONS IMPORT: --ifconfig/up options modified May 18 19:32:22 pfSense openvpn[31930]: OPTIONS IMPORT: route options modified May 18 19:32:22 pfSense openvpn[31930]: OPTIONS IMPORT: route-related options modified May 18 19:32:22 pfSense openvpn[31930]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified May 18 19:32:22 pfSense openvpn[31930]: ROUTE_GATEWAY 192.168.0.254 May 18 19:32:22 pfSense openvpn[31930]: TUN/TAP device ovpnc1 exists previously, keep at program end May 18 19:32:22 pfSense openvpn[31930]: TUN/TAP device /dev/tun1 opened May 18 19:32:22 pfSense openvpn[31930]: ioctl(TUNSIFMODE): Device busy: Device busy (errno=16) May 18 19:32:22 pfSense openvpn[31930]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 May 18 19:32:22 pfSense openvpn[31930]: /sbin/ifconfig ovpnc1 10.200.1.118 10.200.1.118 mtu 1500 netmask 255.255.252.0 up May 18 19:32:22 pfSense openvpn[31930]: /sbin/route add -net 10.200.0.0 10.200.1.118 255.255.252.0 May 18 19:32:22 pfSense openvpn[31930]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1543 10.200.1.118 255.255.252.0 init May 18 19:32:22 pfSense openvpn[31930]: /sbin/route add -net 104.224.1.2 192.168.0.254 255.255.255.255 May 18 19:32:22 pfSense openvpn[31930]: /sbin/route add -net 0.0.0.0 10.200.0.1 128.0.0.0 May 18 19:32:22 pfSense openvpn[31930]: /sbin/route add -net 128.0.0.0 10.200.0.1 128.0.0.0 May 18 19:32:22 pfSense openvpn[31930]: Initialization Sequence Completed
Nat Outbound Mappings
WAN 127.0.0.0/8 * * 500 WAN address * YES WAN 127.0.0.0/8 * * * WAN address * NO WAN 192.168.1.0/24 * * 500 WAN address * YES WAN 192.168.1.0/24 * * * WAN address * NO
IP Pfsense
192.168.1.253
Can you help me? Thanks
-
update to 2.2.2 if you have no reason NOT to.
you don't have NAT rules for your vpn connection. after assigning an interface to your vpn's connection and enabling it with type 'none' pfSense should do this automatically if outbound nat = auto.
(you could offcourse add the nat yourself when using manual outbound nat)the reason internet stops working when vpn goes online is because your vpn overwrites the default-route and thus forces everything out the VPN, without proper NAT setup.
-
I am on 2.1.5 because
Transparent proxy with SquidSquidguard don't work.
Anyway I am a very beginner, which manual NAT roule do I need?HMA 192.168.1.0/24 * * * HMA address * NO
Fixed. Thank you soo much