OPNsense Forum
Archive => 18.7 Legacy Series => Topic started by: petrus on September 07, 2018, 08:47:35 pm
-
Hi,
The setup:
I'm trying to create a VPN concentrator for my family network, so Opnsense is running on a vserver of a cheap provider with a single public IP (let's say it's 1.1.1.1) available. I'm trying to have a setup, with three OpenVPN servers, listening on three different ports on the single IP. The srv is listening on TCP80 and it is bound to the interface OVPN which has an IP of 10.1.1.1/24.
Everything works about this one, I can access the web GUI. The servers listening on TCP443 and on UDP443 are connected to the interfaces OVPN2 and OVPN3. These are bridged together via the interface OVPNBR.
The web GUI is set up to listen on the interfaces OVPN1-3 and OVPNBR.
OVPNBR has a different IP and network: 10.1.2.1/24
The clients receive an IP from 10.1.1.2-254 if connected on TCP80 or 10.1.2.2-254 if connected via TCP/UDP443
The Problem:
VPNs work well, I can ping 10.1.1.1 or 10.1.2.1 (the IPs on the firewall) from any VPN.
BUT I can only reach the WebGUI via the VPN connected over the TCP80.
Whatever I do I can't figure out, why? The FW logs say, that the packets are accepted.
Lighttpd is shown via sockstat, that it's listening on both IPs.
Maybe someone could have some better ideas then me, because I've reached the limits of my networking wisdom...
A little diagram of the setup will follow.
(http://vpncc.png)
The details:
OPNsense 18.7.2-amd64
FreeBSD 11.1-RELEASE-p13
OpenSSL 1.0.2p 14 Aug 2018
CPU Type Intel(R) Xeon(R) CPU E5-2680 v4 @ 2.40GHz (2 cores)
RAM 6G
VM Type, probably KVM
1 Single interface to the outside world
Disabled any IPv6 config
Tried to let lighttpd listen on any interface.
Thanks a lot!
Regards
Petrus