How to access pfSense LAN/OPT subnets from mobile devices?
-
Hi, All
I have successfully setup my iPhone/iPad wirelessly connect to my pfSense box using IPSec VPN, no issue accessing the internet. However, my iphone/ipad can't access NAS on 192.168.1.0/24 (LAN) subnet or VOIP Webui on 192.168.2.0/24 (OPT) subnet behind pfSense router.
The firewall rules for IPSec set to allow any source to any destination. Outbound rules for IPSec VIP (192.168.6.0/24) was set properly.
What am I missing? Thanks.
-
What is the destination network for your VPN. You can try setting it to 0.0.0.0/0
-
What is the destination network for your VPN. You can try setting it to 0.0.0.0/0
It was LAN subnet, but changed to "network", 0.0.0.0/0, didn't work and failed connecting to the internet.
-
My pfSense box is currently using DNS Resolver, Does IPSec VPN work with DNS Resolver?
-
are you accessing VPN to your device from a wifi connection or mobile? If your phone is on a wifi that is also 192.168.1.0 then I think the phone will not pass the traffic across the VPN as it will see that subnet as a local subnet to the phone. I never use 192.168.1.0 as it is sooo heavily used in most places. I use 172.20.20.0. Or 10.20.x.xas these are uncommon.
-
are you accessing VPN to your device from a wifi connection or mobile? If your phone is on a wifi that is also 192.168.1.0 then I think the phone will not pass the traffic across the VPN as it will see that subnet as a local subnet to the phone. I never use 192.168.1.0 as it is sooo heavily used in most places. I use 172.20.20.0. Or 10.20.x.xas these are uncommon.
My wifi was in a 192.168.111.0/24 range, while my pfSense LAN was in a 192.168.1.0/24 range, and OPT was in a 192.168.2.0/24 range. shouldn't be a problem, but iphone/ipad just can't access pfSense box 's LAN/OPT subnets. the IPSec VIP was in a 192.168.6.0/24 range.
IPhone/iPad (192.168.111.aaa) ->Netgear R7000 router-> ISP Modem 1 –>Internet-->ISP Modem 2->pfSense (IPSec)-> NAS (192.168.1.xxx), VOIP (192.168.2.yyyy)
-
Is this a clean install or an upgrade? What version are you running?
-
Guessing your mobile P2 doesn't include those subnets, so the clients aren't sending that traffic over the VPN.
-
Is this a clean install or an upgrade? What version are you running?
Using 2.2.6, this was the first time to set up IPSec
-
Solved by adding multiple P2s, one for LAN, one for OPT.