Remote OpenVPN client traffic being blocked because of Public IP address



  • I am running PfSense 2.2.4.  I have an Asterisk PBX behind the firewall.  I set up OpenVPN with SSL/TLS + User auth.  When I have my remote users try to connect their SIP client software to the PBX, it will ring and connect but no audio.  I have discovered that it is trying to connect the RTP connections by using the remote user's public IP address NOT the tunnel network.  This will not work due to the fact they are access the PBX with different public ip's.  The OpenVPN server is using the wan interface.  Any assistance would be appreciated.



  • Active the option "Force all client generated traffic through the tunnel." on OpenVPN Server.



  • ega

    Thanks for the information but that did not work.  When look in the firewall system logs it shows it blocking packets from the public IP address of the remote user running the openvpn client.


  • LAYER 8 Netgate

    What are your OpenVPN firewall rules?


  • LAYER 8 Global Moderator

    Why would the traffic for you public IP go thru the tunnel, did you hand out routes to the clients that the public IP is down the tunnel?  When your call is ssetup, the client should be told what the private IP is so it will go down the tunnel just like the call setup.


Log in to reply