Hello,
Upgraded firewall from older version 20 to 21.7.2 and now under openvpn server configuration the remote networks are not injecting route into client.
I have the OpenVPN IP range in on both sides of my tunnel. Found multiple articles discuussing CSC option overrides, tried that as well but not working either. Not sure why the remote networks doesnt work anymore when we want remote access openvpn clients to reach network in site to site ipsec configuration.
Tried to diagnose and having hard time determining where to run packet capture in opnsense.
Relatively new to opnsense/pfsense but not networking.
Thanks,
Chris
Did you remove spaces in networks?
I never had spaces. I tried to delete save and re-enter just to make sure it didnt have spaces and still doesn't work. Remote network is never put into routing table on client.
Screenshots of server config and CSO please
They are attached.
If you use certificate you need a CSC pointing to Common Name with the remote Network to set proper route
Where do we setup CSC? Is that something different than CSO?
I tried adding CSO with common name of certificate of user and server and neither worked. Should it be the common name of server or username in certificate?
Thanks for help!
Common name of the certificate
No change in behavior when i have CSO defined with common name of vpn.domain.com (certificate name). No route for remote network is added to the table on the PC.
No, go to Connection Status, check the name of the client and use this as common name
No change when using username either in CSO.
Is there documentation of best way to setup? I will delete and start all over. not sure why it didn't work after upgrade but was working before.
Thanks,
Chris
Any other ideas or how I can setup so that I can have VPN that connects with AD user credentials and remote networks functions? not sure why it used to work on old version and now doesnt any longer. I never had CSO defined in old version.
Please post screenhots of server and one CSO