timeouts after adding an SSL server

Started by jds, August 17, 2018, 07:44:59 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
August 25, 2018, 07:18:26 PM #30
Yeah, at some point, I want to document and share what I did as I struggled quite a bit on using a HomeVPN Server and connecting a OpenVPN client as well. It took me quite some time to get port forwarding and everything to work so I have a nice backup of it now should I need to go back.

Happy to hear you got everything working!
August 25, 2018, 07:50:30 PM #31
That would be great if you could document that.  Let me know if you have want to double check anything with my settings.
I was so happy about getting it working, that I made a small donation to opnsense.

I hate to be too greedy, but it would great if I could get my outside clients (e.g., my phone) to go out my router through
the VPN when I am logged in from outside.  Just clicking that button on the OpenVPN SSL server was not sufficient. I even
tried adding a firewall NAT rule, but that didn't do it either.  Have you tried?
August 25, 2018, 10:58:55 PM #32
So to rephrase, you'd go:

Remote Client through OpenVPN SSL Server -> OPN Router -> Out via OpenVPN Client (PIA/Torguard/etc)?

For me, I would have a rule under my HomeVPN Interface that routes out via my default gateway. You should be able to change that to the OpenVPN Client Gateway that is setup.

I'm home now so I can't test it but assume that is all it would be changing.
August 26, 2018, 08:07:10 PM #33
Yes, that is exactly what I want to do.  How would that be done?  I tried making a bridge between the client
and server, but that did not work.
August 26, 2018, 11:50:29 PM #34
So for me, my OpenVPN Server Tunnel network is 10.0.8.0/24 so I added an Outbount NAT for that through my TorGuard Interface:



I added a rule to allow my HomeVPN to use the default gateway so it can do DNS and such and changed the 2nd rule to make it go out the TorGuard VPN and validated my IP address was from TorGuard:

August 28, 2018, 03:28:34 AM #35
Brilliant!  The NAT outbound rule worked.  I did not need the second rules when I used the button that redirects gateway in the
OpenVPN server.  If I tried your second set of rules, I ran into problems.  However, now away from home, I can log into my
network with 2FA, and access everything at home, and, if I so elsewhere, I get the ad blocking of my piholes, and everything
through the VPN.  Great. Many thanks.
Print
Go Up Pages 1 2 3
User actions