OPNsense Forum

English Forums => General Discussion => Topic started by: zer0k on August 23, 2019, 11:55:32 pm

Title: OpenVPN and forcing a single host out
Post by: zer0k on August 23, 2019, 11:55:32 pm: This seems like it should be really straight forward and it's just not working for me :(
OpenVPN tunnel is through Usenetserver.com and is up and appears to be working as expected.

VPN interface is assigned to opt2
Gateway is assigned and looks good
Outbound NAT is for a single host on the VPN interface
Outbound LAN rule has the gateway set as the VPN interface

Straight forward VPN setup with a cert and creds, using these advanced settings:
persist-key;
persist-tun;
persist-remote-ip;
tls-client;
remote-cert-tls server;
comp-lzo;
verb 3;
auth SHA256;
cipher AES-256-CBC;
auth-retry nointeract;

One weird thing is the if I try and ping an external host the firewall replies from the lan IP?

It might just be my VPN provider causing the issue, and I'll test it with another one soon.

I'm at a loss and I was wondering if anyone might have some hints
Title: Re: OpenVPN and forcing a single host out
Post by: zer0k on August 24, 2019, 03:47:49 am: Seems it's all on the VPN provider side of things.

They are handing out a gateway IP address as the same one they are giving my client :(
Weird stuff, because it works with a windows client flawlessly.

Manual gateway settings make things work just fine with OPNsense, but I'm trying to get their support to fix things so that the correct assignments are set dynamically

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy