Text only | Text with Images

OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: dpbklyn on March 31, 2017, 08:00:56 PM

Title: Can't connect to network using TunnelBlick
Post by: dpbklyn on March 31, 2017, 08:00:56 PM
Hello and thank you in advance,

I am a complete newbie to OPNSense and firewalls of its ilk.

I followed the tutorial and TunnelBlick is able to connect, but when I try to access any of my machines (or try to ping them) I can't.

Any ideas are appreciated.

dp
Title: Re: Can't connect to network using TunnelBlick
Post by: fabian on March 31, 2017, 08:02:09 PM
Forgotten to add firewall rules?
Title: Re: Can't connect to network using TunnelBlick
Post by: dpbklyn on March 31, 2017, 08:15:42 PM
no, they're there...
Title: Re: Can't connect to network using TunnelBlick
Post by: bartjsmit on March 31, 2017, 08:54:06 PM
Do the internal machines have OPNsense as their default gateway or a static route to the OpenVPN subnet?

Bart...
Title: Re: Can't connect to network using TunnelBlick
Post by: dpbklyn on March 31, 2017, 09:20:48 PM
The machines have OPNSense as their default gateway.
Title: Re: Can't connect to network using TunnelBlick
Post by: dpbklyn on April 04, 2017, 05:01:08 PM
Should they be configured as static routes?
Title: Re: Can't connect to network using TunnelBlick
Post by: bartjsmit on April 04, 2017, 11:09:59 PM
No, not necessarily. There are essentially four ways a VPN connection can fail;

1. The client doesn't have a route to the destination host
2. The host doesn't have a route back to the client
3. There is a firewall in between denying the traffic
4. The tunnel reports connected but isn't

Can you see any of the traffic in the OPNsense packet dumps? Interfaces -> Diagnostics -> Packet Capture

Wireshark is the most comprehensive tool to analyse the dump files. https://www.wireshark.org/

Bart...
Title: Re: Can't connect to network using TunnelBlick
Post by: dpbklyn on April 05, 2017, 04:48:05 PM
Thank you for your continued help...

As you suggested, I ran the packet capture and I will attach the results below. 

From what I can tell, it seems that I am able to connect to the VPN, but there is something blocking me from getting to the LAN.  While connected to the VPN I ping'd both the router and one of the servers I need to access remotely.  I CAN ping these devices when I am connected to the LAN.  I checked the VPN Server configuration and I don't see where I went wrong.

The Tunnel Network is set to a 10.10.0.0/24 network and the IPv4 Local Network is set to my local subnet 192.168.12.0/24. 

Again, thank you for your help

Packet Capture:
QuoteOPENVPN Server:
Capture output
09:29:13.028975 IP 10.10.0.6 > 192.168.12.10: ICMP echo request, id 8392, seq 0, length 64
09:29:13.999148 IP 10.10.0.6 > 192.168.12.10: ICMP echo request, id 8392, seq 1, length 64
09:29:14.982003 IP 10.10.0.6 > 192.168.12.10: ICMP echo request, id 8392, seq 2, length 64
09:29:16.036760 IP 10.10.0.6 > 192.168.12.10: ICMP echo request, id 8392, seq 3, length 64
09:29:17.037190 IP 10.10.0.6 > 192.168.12.10: ICMP echo request, id 8392, seq 4, length 64
09:29:18.036378 IP 10.10.0.6 > 192.168.12.10: ICMP echo request, id 8392, seq 5, length 64
09:29:19.061622 IP 10.10.0.6 > 192.168.12.10: ICMP echo request, id 8392, seq 6, length 64
09:29:20.061011 IP 10.10.0.6 > 192.168.12.10: ICMP echo request, id 8392, seq 7, length 64
09:29:21.036283 IP 10.10.0.6 > 192.168.12.10: ICMP echo request, id 8392, seq 8, length 64
09:29:22.014551 IP 10.10.0.6 > 192.168.12.10: ICMP echo request, id 8392, seq 9, length 64
09:29:40.416110 IP 10.10.0.6 > 192.168.12.1: ICMP echo request, id 8904, seq 0, length 64
09:29:41.414638 IP 10.10.0.6 > 192.168.12.1: ICMP echo request, id 8904, seq 1, length 64
09:29:42.397614 IP 10.10.0.6 > 192.168.12.1: ICMP echo request, id 8904, seq 2, length 64
09:29:43.437726 IP 10.10.0.6 > 192.168.12.1: ICMP echo request, id 8904, seq 3, length 64
09:29:44.398069 IP 10.10.0.6 > 192.168.12.1: ICMP echo request, id 8904, seq 4, length 64
09:29:45.399384 IP 10.10.0.6 > 192.168.12.1: ICMP echo request, id 8904, seq 5, length 64
09:29:46.433634 IP 10.10.0.6 > 192.168.12.1: ICMP echo request, id 8904, seq 6, length 64
09:29:47.454048 IP 10.10.0.6 > 192.168.12.1: ICMP echo request, id 8904, seq 7, length 64
09:29:48.471237 IP 10.10.0.6 > 192.168.12.1: ICMP echo request, id 8904, seq 8, length 64
09:29:49.436249 IP 10.10.0.6 > 192.168.12.1: ICMP echo request, id 8904, seq 9, length 64

LAN Capture:
Capture output
09:18:07.438275 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 394
09:18:07.438485 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.438510 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.438519 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.438538 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.438547 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.438555 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.438572 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.438587 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.438604 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.438620 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.438627 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.438647 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 485
09:18:07.438923 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.439643 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.442705 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.442754 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.442770 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.442782 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.444495 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.444538 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.444552 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.444564 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.444575 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.444588 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.444601 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.444613 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.444621 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.444643 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.444656 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.444663 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.444684 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.445618 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.445667 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.445681 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.445694 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.446600 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.446624 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.446637 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.448510 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.448541 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.449228 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.449253 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.449265 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.449279 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.449291 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.449303 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.449317 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.449328 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.449339 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.449347 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.449369 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.449376 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.449396 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.449408 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.449421 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.450332 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.450356 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.450403 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.450427 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.450446 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.452315 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.452343 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.452352 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.453978 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.454009 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.454024 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.454036 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.454048 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.454061 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.454072 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.454084 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.454095 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 50
09:18:07.458779 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.458800 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.458813 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.459216 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.460866 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 0
09:18:07.462233 IP 192.168.12.112.63787 > 192.168.12.1.443: tcp 496
09:18:07.462261 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 0
09:18:07.462677 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 363
09:18:07.462918 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.462945 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.462953 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.462973 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.462982 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.462990 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.463016 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.463025 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.463043 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.463052 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.463058 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.463077 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 485
09:18:07.463295 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.463304 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.463323 IP 192.168.12.1.443 > 192.168.12.112.63787: tcp 1448
09:18:07.463916 IP 192.168.12.112.63788 > 192.168.12.1.443: tcp 508
09:18:07.463957 IP 192.168.12.1.443 > 192.168.12.112.63788: tcp 0
09:18:07.464257 IP 192.168.12.112.63785 > 192.168.12.1.443: tcp 508
09:18:07.464294 IP 192.168.12.1.443 > 192.168.12.112.63785: tcp 0

WAN Capture:
Capture output
09:22:01.206179 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.208957 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.208971 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.208980 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.208988 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.209005 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.209014 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.209022 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.209030 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.237089 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.253044 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.253086 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.253099 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.253110 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.253121 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.253396 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.253534 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.253876 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.253903 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.253914 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.254225 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.255546 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.257336 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.257506 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.258856 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.258891 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.258911 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.258943 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.259064 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.259225 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.259242 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.259507 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.259535 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.259554 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.259572 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.259942 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.259968 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.259986 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.260012 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.260030 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.260561 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.262178 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.262210 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.265254 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.266133 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.266148 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.291442 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.291454 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.291463 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.296175 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.296195 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.296209 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.296224 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.299387 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.299402 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.301842 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.301886 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.302137 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.302167 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.302614 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.302637 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.307811 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.308105 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.308141 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.308276 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.308580 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.308605 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.308625 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.308642 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.308658 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.309086 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.309113 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.309324 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.309346 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.309546 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.309570 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.309593 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.309609 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.309627 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.309653 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.310429 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.310445 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.310459 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.313320 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.313748 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.315211 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.317337 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.318665 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.318680 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.318694 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.321333 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.321342 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
09:22:01.359261 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.359299 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.359318 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.359335 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.359559 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.359767 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.359794 IP 208.76.41.91.443 > 10.40.47.50.46310: tcp 1448
09:22:01.361615 IP 10.40.47.50.46310 > 208.76.41.91.443: tcp 0
Title: Re: Can't connect to network using TunnelBlick
Post by: bartjsmit on April 05, 2017, 08:21:32 PM
It looks like the firewall rule on the OpenVPN interface is wrong. Try setting the source to * (any) instead of 192.168.12.0/24

Bart...
Title: Re: Can't connect to network using TunnelBlick
Post by: dpbklyn on April 05, 2017, 08:49:31 PM
Bart,

Thank you for your help,  That seems to have worked! 

For future seekers...
The documentation here: https://docs.opnsense.org/manual/how-tos/sslvpn_client.html (https://docs.opnsense.org/manual/how-tos/sslvpn_client.html)

Seems to indicate that the Source should be set to the internal network.

Thank you!
Text only | Text with Images