Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can connect into OpenVPN Server, but all traffic (LAN/WAN) is dead

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 888 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kars85
      last edited by

      I've had an OpenVPN server setup for a couple months so I can remotely VPN in on my phone.

      Out of the blue, the BlueIris & JuiceSSH apps stopped working once I VPN'd in from my phone.  In fact, nothing worked.  No pings to WAN addresses or lan IP's would even work from local terminal.  So, I fired up a hotspot and tethered my Mac to it and connected in.  Same deal, can connect in, but all WAN/LAN connectivity is dead. Can't ping the pfsense 192.168.1.1 gateway address, the 10.0.8.5 OpenVPN gateway, or any LAN or WAN address.

      I'm not very well versed in understanding routing tables, but am I missing anything in there, or something obvious in my server config? I don't know why, out of the blue, things just stopped working with no environment changes whatsoever.

      Server config:

      
dev ovpns1
verb 1
dev-type tun
tun-ipv6
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-256-CBC
auth SHA1
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
client-connect /usr/local/sbin/openvpn.attributes.sh
client-disconnect /usr/local/sbin/openvpn.attributes.sh
local sanitized IP
tls-server
server 10.0.8.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc
username-as-common-name
auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user 'Local Database' false server1" via-env
tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'OpenVPNServer' 1 "
lport 1194
management /var/etc/openvpn/server1.sock unix
push "route 192.168.1.0 255.255.255.0"
push "dhcp-option DNS 192.168.1.1"
push "redirect-gateway def1"
ca /var/etc/openvpn/server1.ca 
cert /var/etc/openvpn/server1.cert 
key /var/etc/openvpn/server1.key 
dh /etc/dh-parameters.2048
crl-verify /var/etc/openvpn/server1.crl-verify 
tls-auth /var/etc/openvpn/server1.tls-auth 0
persist-remote-ip
float

      Client config:

      
remote sanitized.com 1194 udp
pull
auth-user-pass
tls-client
ns-cert-type server
tls-auth ta.key 1
persist-key
ca ca.crt
dev tun
persist-tun
cert cert.crt
key key.key
verify-x509-name "OpenVPNServer" name
resolv-retry infinite
auth SHA1
lport 0
verb 4
cipher AES-256-CBC

      netstat -nr on Mac:

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.