Hi everyone,
I have problem to connect OpenVPN which is installed on the OPNsense located behind the internet router. The topology is as follows:
Internet Routet(Mikrotik) ----> OPNsense ---> LAN
I've already added NAT rule on the Router to forward port 1194 to the OPNsense's IP, but the OpenVPN still doesn't connect. When I OpenVPN from the OPNsense local IP address it just works, means that no problem the VPN server configuration.
Are you guys have the solutions for this? thank you :)
Does the tunnel endpoint have a route to LAN via OPNsense?
If there isn't, you'll have to do outbound NAT for OpenVPN in OPNsense
Check firewall rules on the WAN interface accordingly. I guess that by "NAT Rule"you mean port forward, right?
Quote from: bartjsmit on December 27, 2023, 09:20:54 AM
Does the tunnel endpoint have a route to LAN via OPNsense?
If there isn't, you'll have to do outbound NAT for OpenVPN in OPNsense
In the future I will need to add route from OpenVPN client to the LAN segment, but for this time there is no route yet.
I checkek on the Outboud NAT, and there is no automatic rule generated.
On the Outbound NAT, there are 4 options and the current is automatic NAT generation.
So, did you mean I have to add manual outbound NAT rules ?
Quote from: FraLem on December 27, 2023, 09:37:05 AM
Check firewall rules on the WAN interface accordingly. I guess that by "NAT Rule"you mean port forward, right?
I already recheck the firewall rules on mikrotik but still the same. Likely, the issue is on the OPNsense config, but dont know where :(
Quote from: achocolada on December 27, 2023, 10:55:14 AM
I checkek on the Outboud NAT, and there is no automatic rule generated.
On the Outbound NAT, there are 4 options and the current is automatic NAT generation.
So, did you mean I have to add manual outbound NAT rules ?
Yes, or hybrid - they will have the same effect since there is no automatic rule
unfortunately I couldn't resolve this problem, so I decided to reset to default :(
thank you guys.