Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cannot access web site after establishing site-to-site vpn

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TKenny
      last edited by

      I have a pfsense 2.2.5 setup going here with a gateway of 192.168.0.1 and another lan machine at 192.168.0.103 from which I host a website.

      Its all workin great with the port forwards and WAN pass rules you would expect…

      Then I followed this tutorial to setup site-to-site vpn with openvpn:

      https://www.privateinternetaccess.com/pages/client-support/pfsense

      It works great too.

      But now I cannot access my website from outside or even inside the network.  If I disable the VPN that I built in the supplied link and reboot the router I can access the website again.

      If I then start up the associated vpn service again, I can still access the website for a while but after 5 minutes or so I can no longer access it (thinking maybe there is a clue there).

      I hesitate to provide more details since its all contained in that link.  I'm a newb at this stuff but it makes sense I guess for it to fail because the router sees my request on the WAN and (probably) sends it off to the PIA VPN server instead of routing it to the LAN machine.

      But what can I do?  Do I add a static route or do something with NAT?  Im still a newb when it comes to this stuff so please be gentle :)

      Thanks for any advice.

      The error on Chrome when I go to the URL is  ERR_CONNECTION_CLOSED  btw...

      1 Reply Last reply Reply Quote 0
      • T
        TKenny
        last edited by

        Im sure you have all been on the edge of your seats over this one…  ;D

        Turns out the "works for 5 minutes" observation was important.  Thats the amount of time it took the ddclient script running on my webserver to update the dynamic DNS entry with the one given to me by PIA.  DOH!  :P

        So I moved that over to pfsense and now it provides the WAN address to the DDNS whether Im hooked up to PIA or not.

        Live and learn as they say.

        1 Reply Last reply Reply Quote 0
        • D
          divsys
          last edited by

          Thanks for updating your progress.

          If you update the title of your first post to include [SOLVED], it makes it easier to find the fixed issues.

          Welcome to pfSense  :)

          -jfp

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.