Remote Networks not working 21.7.2

Started by chrisc543, October 18, 2021, 10:17:38 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 18, 2021, 10:17:38 PM
Hello,

Upgraded firewall from older version 20 to 21.7.2 and now under openvpn server configuration the remote networks are not injecting route into client.

I have the OpenVPN IP range in on both sides of my tunnel. Found multiple articles discuussing CSC option overrides, tried that as well but not working either. Not sure why the remote networks doesnt work anymore when we want remote access openvpn clients to reach network in site to site ipsec configuration.

Tried to diagnose and having hard time determining where to run packet capture in opnsense.

Relatively new to opnsense/pfsense but not networking.

Thanks,
Chris
October 19, 2021, 08:05:35 AM #1
Did you remove spaces in networks?
October 25, 2021, 09:32:44 PM #2
I never had spaces. I tried to delete save and re-enter just to make sure it didnt have spaces and still doesn't work. Remote network is never put into routing table on client.
October 26, 2021, 12:55:05 PM #3
Screenshots of server config and CSO please
October 26, 2021, 06:50:20 PM #4
They are attached.
October 26, 2021, 07:34:51 PM #5
If you use certificate you need a CSC pointing to Common Name with the remote Network to set proper route
October 26, 2021, 08:08:23 PM #6
Where do we setup CSC? Is that something different than CSO?

I tried adding CSO with common name of certificate of user and server and neither worked. Should it be the common name of server or username in certificate?

Thanks for help!
October 27, 2021, 03:31:28 PM #7
Common name of the certificate
October 27, 2021, 08:26:18 PM #8
No change in behavior when i have CSO defined with common name of vpn.domain.com (certificate name). No route for remote network is added to the table on the PC.
October 27, 2021, 09:42:54 PM #9
No, go to Connection Status, check the name of the client and use this as common name
November 18, 2021, 10:07:16 PM #10
No change when using username either in CSO.

Is there documentation of best way to setup? I will delete and start all over. not sure why it didn't work after upgrade but was working before.

Thanks,
Chris
December 01, 2021, 09:25:25 PM #11
Any other ideas or how I can setup so that I can have VPN that connects with AD user credentials and remote networks functions? not sure why it used to work on old version and now doesnt any longer. I never had CSO defined in old version.
December 02, 2021, 07:19:46 AM #12
Please post screenhots of server and one CSO
Print
Go Up Pages1
User actions