Messages

1

20.1 Legacy Series / Re: Assign static IP to OpenVPN user

« on: November 17, 2020, 03:10:04 pm »

Hi,
first of all your ip adresses are off. Any octet cannot be bigger than "255". 

Then the syntax depend on the topology your openvpn server uses (default: topology net30) und what clients you are serving.
For topology net30 (default) and windows clients the following syntax is correct:

Code: [Select]

ifconfig-push x.y.z.105 x.y.z.106
The valid ip adress pairs can be viewed by executing the openvpn binary on the windows client with the following parameter:

Code: [Select]

"c:\Program Files\OpenVPN\bin\openvpn.exe" --show-valid-subnets

2

20.1 Legacy Series / Outbound NAT not working after reboot

« on: November 17, 2020, 10:25:45 am »

Hi,
we are experiencing a strange problem on our opnsense box. Our outbound nat is set to manual mode and we have defined quite a lot outbount nat rules. While running everything is working fine. As soon as I reboot the opnsense box the outbound nat rules stop working.
After the reboot I see unnated traffic on the wan interface as allowed by the firewall rules.
As soon as I change any outbound nat rule the rest of the bunch starts working and traffic start to flow.

The one thing special in this case is that we are running a single node cluster (the other cluster member died and is still offline) with several carp virtual ip adresses.
I suspect that shortly after the reboot the virtual ip is not available and the nat rules cannot be applied. Is this a reasonable theory?


Cheers