Hello Forum, in an installation we added one more WAN (WAN1) to perform load balancing, we already configured everything and almost everything works fine, except the VPN that although it connects and does not give an error, we cannot access the LAN. We configure the opnsense as follows.
Firewall --> NAT --> Port Forward
--> Add (+)
- Interface WAN1
- Protocol UDP
- Destination WAN1 address
- Destination port range from: to:
OpenVPN OpenVPN
- Redirect target IP Single Host or Network
127.0.0.1
- NAT reflection Use system default
- Filter rule association Add associated filter rule
- Save
--> Add (+)
- Interface WAN2
- Protocol UDP
- Destination WAN1 address
- Destination port range from: to:
OpenVPN OpenVPN
- Redirect target IP Single Host or Network
127.0.0.1
- NAT reflection Use system default
- Filter rule association Add associated filter rule
- Save
VPN --> OpenVPN --> Servers
--> Edit
- Interface Localhost
- Save
What about firewall rules on the WAN interfaces?
When doing NAT, opnsense in the WAN1 and WAN2 firewall rules is automatically added Direction: IN. Protocol IPv4, Source: *, Port: *, Target: 127.0.0.1 , Port Target: 1194, Gateway: *
if I get you right, your VPN client shows conneted.
You can see the route to your remote network, but you can not ping it.
can you ping the Remote Ip address of the VPN tunnel interface
rgds
If it's correct, I can only access the OPNSense web manager and it responds to PINGs (192.168.254.254). But the other computers (192.168.254.229), (192.168.254.230) and (192.168.254.231) on the LAN are turned off.
This is the block diagram
(https://imagizer.imageshack.com/img923/9485/iszizN.png)
Hi, On the firewall rule for the LAN interface, I guess you have selected the Gateway group, right?
Can you run a tcpdump/wireshark on any of the LAN devices and check if packets reach them?
Rgds