Weird connection issue from W10 client to pfsense OpenVPN
Local Windows 10 client, remote server running a self compiled Xen 4.6.1-pre with Debian Jessie with a backport kernel (4.3) in Dom0.
Server has 3 public IPs shared by one physical nic. One is assigned to Dom0, the others together with the their virtual MACs are assigned to a pfsense VM and a Windows Server 2012.
On the Xen host is an internal, bridged network 10.0.0.0/16 connecting the pfsense instance, the WS2012(10.0.0.10), and a Debian DomU(10.0.0.20), Dom0(10.0.0.250) (will be removed later from the Lan) through additional virtual Nics.
On the pfsense VM which shall act as VPN access point there is an OpenVPN server running in bridged mode with a bridge(10.0.0.2) between xn1(10.0.0.1) and ovpns1(10.0.0.3). pfSenses DHCP server works on the bridge assigning IPs between 10.0.0.50 and 10.0.0.100.
– I can ping from my WS10 client to any machine and receive a response.
-- I can open the pfSense web interface on 10.0.0.1 from my windows client.
-- I can SSH to 10.0.0.20. from inside the virtualized Lan and
-- I can RDP into 10.0.0.10 over an SSH tunnel from 10.0.0.250
-- I can RDP and SSH into other servers over the internet though.
But I can NOT SSH or RDP from my windows client through the VPN to the said machines - the connections just die (No response errors).
Doing a #tcpdump -n -i ovpns1 'icmp or port 22' on the pfsense VM I can see the Ping and SSH packets go back and forth between my local Windows 10 Client and the servers.
I had the same issue when trying a tunneled setup with the tun driver. Switching off the windows firewall entirely didn't change anything.
I assume the error is somewhere between my ears, just where?