OpenVPN - client devices aren't receiving return traffic

Started by MrKiwi, April 07, 2021, 03:54:46 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 07, 2021, 03:54:46 AM
I've setup an OpenVPN server similar to what's described here - https://docs.opnsense.org/manual/how-tos/sslvpn_client.html, however instead of certificate auth I have auth going to my directory via LDAP, which is functional.

Clients can connect successfully and traffic passes from the client device through the firewall successfully, however return traffic is (seemingly) being dropped. I can't see this in the live view but for instance, DNS queries are being sent from the client device to my DNS servers (Windows DNS, which forwards to a PiHole, I can see the queries in both of these) however the client never receives a response.

I feel like I'm missing something simple here, where should I start looking? I can get more info if needed, I'm a bit new to OPNsense so I'm not sure what to post to be useful.
April 07, 2021, 07:29:50 AM #1
Is the OPNsense the default gateway for your network? Maybe you have asymmetrical routing and the response traffic is sent to the default gateway instead of your OPNsense.
,,The S in IoT stands for Security!" :)
April 07, 2021, 11:27:07 PM #2
Quote from: Gauss23 on April 07, 2021, 07:29:50 AM
Is the OPNsense the default gateway for your network? Maybe you have asymmetrical routing and the response traffic is sent to the default gateway instead of your OPNsense.

It is, I went and had another look and saw the 'Topology' tickbox under the OpenVPN server settings. Ticking this seems to have fixed it as I was testing with the OpenVPN Connect client on my mobile, hopefully this carries across to the OpenVPN PC client which I'll get to test later :)

Thanks for your reply!
Print
Go Up Pages1
User actions