OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: alh on August 08, 2019, 10:37:01 am

Title: OpenVPN woes
Post by: alh on August 08, 2019, 10:37:01 am

We upgraded an existing installation to 19.7.2 and since then OpenVPN does not work reliably if at all. As suggested in the migration guide we changed the interface to local and setup port forwards from our WAN interfaces to localhost with mixed results:

- tunnel is established but no traffic passes
- tunnel fails with tls handshake failed check your connection
- tunnel is established and everything works

We tried to switch between local interface and WAN interface itself as suggested in this topic (https://forum.opnsense.org/index.php?topic=5760.msg63101#msg63101) but we had no success. Any help appreciated.

Title: Re: OpenVPN woes
Post by: alh on August 08, 2019, 10:54:20 am

OpenVPN connection is possible on one of the WAN connections after some more testing but will fail on the other???

Title: Re: OpenVPN woes
Post by: alh on August 08, 2019, 03:41:19 pm

Maybe this is a routing issue? Do I need to define outbound NAT on both interfaces to masquerade the internal IP of the OpenVPN-Server?

E. g. source-nat 127.0.0.0/8 to interface address?

Well it works on the static interface (private ip) with no outbound rule and fails on the dhcp wan interface (masquerade all)... So that probably makes no sense...