Messages

[OPT3_GW]

SOLVED!

I realized that I need to create a LAN rule, and force Traffic to a specific gateway.

So:

- Created (assign) a new interface for OVPN (OPT3): "Dynamic gateway policy" cheked, to auto-create a gateway

- Confirmed that a new Gateway (OPT3_GW) was created to that interface.

- Created a rule (image attached), marked as quick, BEFORE other rules, forcing traffic destinating OVPN Addresses, to OPT3_GW

Ok! I just confirmed: there is no firewall at clients: any remote client can ping or telnet any tcp port between them.

So, activating the logs at firewall, I can see the traffic matching rule "Default allow LAN to any rule" (Image attached)

But the traffic does not reach the remote Vpn client.

Can I check which configuration is dropping/blocking the packet to remote client?

Thanks for your response Gustaf!

I can't get to the linux boxes via the Vpn IP.

Executing a ping 10.10.0.2 (remote vpn host), I can see at diagnostics/firewall/log that opnsense is forwarding the packet via system default gateway (in image ends with 129).

I tried to create a route, but Opnsense does not offer Ovpn1 available to select as destination.

Whats can I do?

Hi all!

We have 2 linux boxes seamlessly connected to Openvpn as clients, from the WAN side. But I need to manage these boxes from my LAN.

So, I configured OpenVPN server to listen on "Any" interfaces (please see image attached).

On my LAN side, the OPNSense box is my gateway. So, I configured the ".opnsense" file to connect to my lan gateway, but it does not work...

It is possible?

Just to confirm: I executed tcpdump at opnsense box, and I can see packets arriving from my lan host (tcpdump -i bge0 host 192.168.9.152 and port 1194)

I searched a lot of material available online, but the search terms are too generic: "connect to opnsense openvpn from lan side", so I did not found any solution!

Regards from Brazil!