"
It was a default gateway misconfiguration in Opnsense.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
Virtual private networks / Re: Ping over VPN
June 14, 2022, 08:22:56 AM
I want to make sure that this discourse stays friendly and within the realm of technical solutions. I'm stating that because technical conversations get out of control quickly and want to make sure you know my tone is one of trying to find a solution.
So, in the interest of debating solutions, all the below states is the VPN process, which is simple and not in debate here. What I'm saying is that I am connecting to the same server, same port, same protocol, different mediums. The difference is the device. There is no routing difference because I am connecting from a router rather than an app. They are both configured in essence identically, yet one can ping and other can't. That suggests a misconfiguration on the device rather than a filter rule.
So, in the interest of debating solutions, all the below states is the VPN process, which is simple and not in debate here. What I'm saying is that I am connecting to the same server, same port, same protocol, different mediums. The difference is the device. There is no routing difference because I am connecting from a router rather than an app. They are both configured in essence identically, yet one can ping and other can't. That suggests a misconfiguration on the device rather than a filter rule.
#3
Virtual private networks / Re: Ping over VPN
June 14, 2022, 07:40:43 AMQuote from: defaultuserfoo on June 14, 2022, 07:11:24 AMQuote from: Vilhonator on June 12, 2022, 09:00:33 PMQuote from: defaultuserfoo on June 12, 2022, 08:52:55 PM
Such a VPN provider would need to fix their configuration so that pinging is possible ...
Ping is at least required for diagnostics, so if they are blocking it, it's a misconfiguration, especially when they don't give you an option to unblock it. What's the point of having a connection that is blocked anyway.
I have no idea what you are saying here, friend. A VPN is created by connecting to a service that runs on a server. Once connected, your source address changes per the translation done over that provider's network, thus hiding your original source addy. In this case the server runs wireguard. Whether you connect to that server via router or app you are still connecting to the same server using the same protocol. There should be no routing difference, it's the same server. You can't selectively block ICMP when you are connecting to the same server on the same network. The difference between the app and hardware device is the device, not the protocol or server.
#4
Virtual private networks / Re: Ping over VPN
June 13, 2022, 06:08:56 AM
Thank all for trying to answer this. Yes, the first thing I thought was that they were blocking ICMP by default, but in trying to troubleshoot the problem I decided to use their app to connect to servers within the same relative region. Ping works over the app.
It's a weird one for sure.
It's a weird one for sure.
#5
Virtual private networks / Re: Ping over VPN
June 11, 2022, 05:00:47 PM
If I change my gateway to WAN under the rule it works, if I use default or the VPN gateway no ICMP.
I have the rule under LAN.
I have the rule under LAN.
#6
Virtual private networks / Re: Ping over VPN
June 11, 2022, 05:55:23 AM
It doesn't work without the rule either though....
#7
Virtual private networks / Ping over VPN
June 10, 2022, 08:06:53 AM
Running Opnsense w/Wireguard VPN. Everything working spectacularly except PING. All my network traffic is routed through the VPN and I have a rule to allow ICMP. The rule looks like this:
IPv4 ICMP LAN net * * * VPN_GATEWAY *
If I change the gateway to the WAN it pings. If I leave it on the VPN gateway it does not.
Must be something simple here.....
IPv4 ICMP LAN net * * * VPN_GATEWAY *
If I change the gateway to the WAN it pings. If I leave it on the VPN gateway it does not.
Must be something simple here.....
Pages1
