Messages

It seems like I removed other interfaces from the access for hardening purposes. "SYSTEM>SETTINGS>ADMINISTRATION>WEB GUI>LISTEN INTERFACES"

Hello:

I'm able to access all of my clients OPNsense firewalls using the VPN IP and obviously their LAN IP once I'm connected with a "Road-Warrior" setup.

Back at my office, I believe I have the same setup but I'm not able to use the VPN network IP of my OPNsense box "10.0.0.1" to access the web UI. I can use the LAN IP and it loads just fine. I port scan my client's 10.0.0.1 and port 80 and 443 are open. On my box they don't show up indicating that they are closed, although 22 and 53 show open (which makes sense to me) and I can ping no problem.

I tried to look at a live log to see if I'm being blocked but there's no entry.

I've compared my clients OPNsense box to mine and see no remarkable differences but what else can I check?

Hello:

I got a network on LAN: 192.168.0.0/24
OpenVPN (road warrior): 10.0.0.0/24 (5 concurrent connections)

I see that there are a handful of hosts like 10.0.0.11, 10.0.0.13, 10.0.0.107, 10.0.0.120, etc.
I want to know how are they showing up. They are tagged with LAN as their source. On System>Routes>Status the 10.0.0.0/24 comes from the OPT1 interface as expected.

How do I go about finding out where these IPs are coming from other than physically unplugging cables from the switch?

Edit: forgot to mention; My biggest concern are the DNS request they are sending to nat.vssnat.net and ets.mny9.com
They seem to be resolving to China IPs.

Just found this post after I experienced the same problem.

I've seen a tutorial for multiple clients and the way it's setup is that the server openvpn has 2 server instances.
Eachnwith different tunnel networks and remote/local subnets.

Still nitnsure if that's the way to do it. It requires another port (e.g. 1195) to be open.

My thought was I can have 1 server instance and multiple clients for it.