"
And then I did figure it out. It turns out that opnsense created a dynamic gateway for the vpn1 interface when I assigned the ovpns1 to it. Disabling this gateway made it work.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
General Discussion / Re: Multiple OpenVPN Servers with different firewall rules. Please help.
November 20, 2019, 05:02:42 PM #2
General Discussion / Multiple OpenVPN Servers with different firewall rules. Please help.
November 19, 2019, 05:11:24 PM
I am trying to set up two different openvpn servers with two different sets of firewall rules. I have read that you can simply disable the rules in the OpenVPN firewall section and assign the individual devices (ovpns1, ovpns2) to interfaces and then apply the firewall rules there. The issue is that when I do this, I can connect to the firewall fine. It assigns me an IP and everything, but I can't do anything. I cannot reach any machines within my lan (the primary purpose of these VPN's are to allow lan access from the road). I also cannot reach the internet when connected.
Everything works fine if the rules are on the OpenVPN interface. What is really confusing for me is that if I put the rules on the ovpns1 interface and force the gateway to be my wan gateway, I can then connect to the internet, but still not to machines on my lan.
I am pretty out of ideas and would appreciate any help in figuring this out.
Everything works fine if the rules are on the OpenVPN interface. What is really confusing for me is that if I put the rules on the ovpns1 interface and force the gateway to be my wan gateway, I can then connect to the internet, but still not to machines on my lan.
I am pretty out of ideas and would appreciate any help in figuring this out.
#3
19.1 Legacy Series / Can't connect to a host on ipv4, but can on 1pv6
July 30, 2019, 04:36:24 PM
I wonder if anyone can help me diagnose a really odd issue. I have a server in a different vlan that I can't connect to on ipv4.
I can connect on ipv6.
I can connect from the same VLAN on ipv4.
I can connect to other servers on the same VLAN over ipv4 normally.
I can connect to that server on a different interface that is in a different subnet/vlan over IPv4.
I have done a pcap and source and destination ethernet looks good, just see no response
I am not sure where to go from here, everything seems like it should work, but it doesn't.
So to sum up, trying to connect to server one (VLAN 2, ip 192.168.2.x) from workstation one (vlan 3 ip 192.168.3.x) doesn't work, but connecting to server 2 (vlan2 ip 192.168.2.y) does work. Connecting to server one on ipv6 from workstation one does work. Connecting to server one from server two does work. Connecting to Server one on interface 2 (vlan4, ip 10.0.0.x) works. Traceroute stops at gateway.
Any help?
I can connect on ipv6.
I can connect from the same VLAN on ipv4.
I can connect to other servers on the same VLAN over ipv4 normally.
I can connect to that server on a different interface that is in a different subnet/vlan over IPv4.
I have done a pcap and source and destination ethernet looks good, just see no response
I am not sure where to go from here, everything seems like it should work, but it doesn't.
So to sum up, trying to connect to server one (VLAN 2, ip 192.168.2.x) from workstation one (vlan 3 ip 192.168.3.x) doesn't work, but connecting to server 2 (vlan2 ip 192.168.2.y) does work. Connecting to server one on ipv6 from workstation one does work. Connecting to server one from server two does work. Connecting to Server one on interface 2 (vlan4, ip 10.0.0.x) works. Traceroute stops at gateway.
Any help?
Pages1
