Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can connect into OpenVPN Server, but all traffic (LAN/WAN) is dead

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 888 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kars85
      last edited by

      I've had an OpenVPN server setup for a couple months so I can remotely VPN in on my phone.

      Out of the blue, the BlueIris & JuiceSSH apps stopped working once I VPN'd in from my phone.  In fact, nothing worked.  No pings to WAN addresses or lan IP's would even work from local terminal.  So, I fired up a hotspot and tethered my Mac to it and connected in.  Same deal, can connect in, but all WAN/LAN connectivity is dead. Can't ping the pfsense 192.168.1.1 gateway address, the 10.0.8.5 OpenVPN gateway, or any LAN or WAN address.

      I'm not very well versed in understanding routing tables, but am I missing anything in there, or something obvious in my server config? I don't know why, out of the blue, things just stopped working with no environment changes whatsoever.

      Server config:

      
      dev ovpns1
      verb 1
      dev-type tun
      tun-ipv6
      dev-node /dev/tun1
      writepid /var/run/openvpn_server1.pid
      #user nobody
      #group nobody
      script-security 3
      daemon
      keepalive 10 60
      ping-timer-rem
      persist-tun
      persist-key
      proto udp
      cipher AES-256-CBC
      auth SHA1
      up /usr/local/sbin/ovpn-linkup
      down /usr/local/sbin/ovpn-linkdown
      client-connect /usr/local/sbin/openvpn.attributes.sh
      client-disconnect /usr/local/sbin/openvpn.attributes.sh
      local sanitized IP
      tls-server
      server 10.0.8.0 255.255.255.0
      client-config-dir /var/etc/openvpn-csc
      username-as-common-name
      auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user 'Local Database' false server1" via-env
      tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'OpenVPNServer' 1 "
      lport 1194
      management /var/etc/openvpn/server1.sock unix
      push "route 192.168.1.0 255.255.255.0"
      push "dhcp-option DNS 192.168.1.1"
      push "redirect-gateway def1"
      ca /var/etc/openvpn/server1.ca 
      cert /var/etc/openvpn/server1.cert 
      key /var/etc/openvpn/server1.key 
      dh /etc/dh-parameters.2048
      crl-verify /var/etc/openvpn/server1.crl-verify 
      tls-auth /var/etc/openvpn/server1.tls-auth 0
      persist-remote-ip
      float
      
      

      Client config:

      
      remote sanitized.com 1194 udp
      pull
      auth-user-pass
      tls-client
      ns-cert-type server
      tls-auth ta.key 1
      persist-key
      ca ca.crt
      dev tun
      persist-tun
      cert cert.crt
      key key.key
      verify-x509-name "OpenVPNServer" name
      resolv-retry infinite
      auth SHA1
      lport 0
      verb 4
      cipher AES-256-CBC
      
      

      netstat -nr on Mac:

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.