OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of duckduck »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - duckduck

Pages: [1]
1
16.7 Legacy Series / Re: OpenVPN client: route everything through VPN fails
« on: September 17, 2016, 11:17:18 am »
Shouldn't the NAT outbound rule and firewall rule take care of this? In some guide I read, it is not correct to set OpenVPN connection as the default route.

2
16.7 Legacy Series / Re: OpenVPN client: route everything through VPN fails
« on: September 17, 2016, 10:29:38 am »
netstat -rn shows:

Code: [Select]
Routing tables

Internet:
Destination        Gateway            Flags      Netif Expire
default            192.168.1.1        UGS        igb1
10.4.0.0/16        10.4.28.95         UGS      ovpnc1
10.4.0.1           link#8             UH       ovpnc1
10.4.28.95         link#8             UHS         lo0
10.42.0.0/16       link#1             U          igb0
10.42.0.1          link#1             UHS         lo0
127.0.0.1          link#7             UH          lo0
192.168.1.0/24     link#2             U          igb1
192.168.1.1        xx:xx:xx:xx:xx:xx  UHS        igb1
192.168.1.129      link#2             UHS         lo0

Internet6:
Destination                       Gateway                       Flags      Netif Expire
...
I don't know how to debug this issue.

It looks like the OpenVPN tunnel is working.
What is not clear for me:
- Is the interface ovpnc1 correctly configured.
- Is the NAT outbound rule working.
- Is the gateway correctly configured.
- Is the firewall rull working correctly.

Any hints how this can be step by step checked?


3
16.7 Legacy Series / OpenVPN client: route everything through VPN fails
« on: September 16, 2016, 08:22:43 pm »
Hi all,

I fail to configure the OpenVPN client properly.

Desired behaviour: All traffic from LAN goes through the OpenVPN client interface connection (and then from the OpenVPN server endpoint to the internet).

Actual behaviour: The OpenVPN connection is working and I see a Initialization Sequence Completed in the log file.
All the traffic from the LAN interface  goes directly to WAN, however the desired behavior would be to go through the OpenVPN connection.

Resources I read so far and follow during the configuration process:

- https://wretmo.se/2016/01/24/how-to-setup-openvpn-client-on-opnsense/
- https://docs.opnsense.org/manual/how-tos/sslvpn_s2s.html?highlight=openvpn#step-5-client-firewall-rules
- https://forum.opnsense.org/index.php?topic=1951.msg6073#msg6073

OpenVPN client log file:
Code: [Select]
Sep 16 18:04:47 openvpn[97185]: Initialization Sequence Completed
Sep 16 18:04:40 openvpn[97185]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1558 10.x.x.x 255.255.0.0 init
Sep 16 18:04:40 openvpn[97185]: /sbin/route add -net 10.y.y.y 10.x.x.x 255.255.0.0
Sep 16 18:04:40 openvpn[97185]: /sbin/ifconfig ovpnc1 10.x.x.x 10.y.y.y mtu 1500 netmask 255.255.0.0 up
Sep 16 18:04:40 openvpn[97185]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sep 16 18:04:40 openvpn[97185]: TUN/TAP device /dev/tun1 opened
Sep 16 18:04:40 openvpn[97185]: TUN/TAP device ovpnc1 exists previously, keep at program end
Interface
-> if.PNG

Gateway
-> gw.PNG

NAT outbound
-> ob.PNG

Firewall rules
-> fw.PNG


What point do I miss here?

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2