4. Can connect into OpenVPN Server, but all traffic (LAN/WAN) is dead

Can connect into OpenVPN Server, but all traffic (LAN/WAN) is dead

  • K

    I've had an OpenVPN server setup for a couple months so I can remotely VPN in on my phone.

    Out of the blue, the BlueIris & JuiceSSH apps stopped working once I VPN'd in from my phone.  In fact, nothing worked.  No pings to WAN addresses or lan IP's would even work from local terminal.  So, I fired up a hotspot and tethered my Mac to it and connected in.  Same deal, can connect in, but all WAN/LAN connectivity is dead. Can't ping the pfsense 192.168.1.1 gateway address, the 10.0.8.5 OpenVPN gateway, or any LAN or WAN address.

    I'm not very well versed in understanding routing tables, but am I missing anything in there, or something obvious in my server config? I don't know why, out of the blue, things just stopped working with no environment changes whatsoever.

    Server config:

    
dev ovpns1
verb 1
dev-type tun
tun-ipv6
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-256-CBC
auth SHA1
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
client-connect /usr/local/sbin/openvpn.attributes.sh
client-disconnect /usr/local/sbin/openvpn.attributes.sh
local sanitized IP
tls-server
server 10.0.8.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc
username-as-common-name
auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user 'Local Database' false server1" via-env
tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'OpenVPNServer' 1 "
lport 1194
management /var/etc/openvpn/server1.sock unix
push "route 192.168.1.0 255.255.255.0"
push "dhcp-option DNS 192.168.1.1"
push "redirect-gateway def1"
ca /var/etc/openvpn/server1.ca 
cert /var/etc/openvpn/server1.cert 
key /var/etc/openvpn/server1.key 
dh /etc/dh-parameters.2048
crl-verify /var/etc/openvpn/server1.crl-verify 
tls-auth /var/etc/openvpn/server1.tls-auth 0
persist-remote-ip
float

    Client config:

    
remote sanitized.com 1194 udp
pull
auth-user-pass
tls-client
ns-cert-type server
tls-auth ta.key 1
persist-key
ca ca.crt
dev tun
persist-tun
cert cert.crt
key key.key
verify-x509-name "OpenVPNServer" name
resolv-retry infinite
auth SHA1
lport 0
verb 4
cipher AES-256-CBC

    netstat -nr on Mac:

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy