Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Config OpenVpn Multiwan
« previous
next »
Print
Pages: [
1
]
Author
Topic: Config OpenVpn Multiwan (Read 1225 times)
desartecsrl@gmail.com
Newbie
Posts: 10
Karma: 0
Config OpenVpn Multiwan
«
on:
January 04, 2023, 10:14:26 pm »
Hello Forum, in an installation we added one more WAN (WAN1) to perform load balancing, we already configured everything and almost everything works fine, except the VPN that although it connects and does not give an error, we cannot access the LAN. We configure the opnsense as follows.
Firewall --> NAT --> Port Forward
--> Add (+)
- Interface WAN1
- Protocol UDP
- Destination WAN1 address
- Destination port range from: to:
OpenVPN OpenVPN
- Redirect target IP Single Host or Network
127.0.0.1
- NAT reflection Use system default
- Filter rule association Add associated filter rule
- Save
--> Add (+)
- Interface WAN2
- Protocol UDP
- Destination WAN1 address
- Destination port range from: to:
OpenVPN OpenVPN
- Redirect target IP Single Host or Network
127.0.0.1
- NAT reflection Use system default
- Filter rule association Add associated filter rule
- Save
VPN --> OpenVPN --> Servers
--> Edit
- Interface Localhost
- Save
Logged
FraLem
Jr. Member
Posts: 81
Karma: 2
Re: Config OpenVpn Multiwan
«
Reply #1 on:
January 05, 2023, 08:32:01 am »
What about firewall rules on the WAN interfaces?
Logged
desartecsrl@gmail.com
Newbie
Posts: 10
Karma: 0
Re: Config OpenVpn Multiwan
«
Reply #2 on:
January 05, 2023, 04:34:03 pm »
When doing NAT, opnsense in the WAN1 and WAN2 firewall rules is automatically added Direction: IN. Protocol IPv4, Source: *, Port: *, Target: 127.0.0.1 , Port Target: 1194, Gateway: *
«
Last Edit: January 05, 2023, 04:45:25 pm by desartecsrl@gmail.com
»
Logged
FraLem
Jr. Member
Posts: 81
Karma: 2
Re: Config OpenVpn Multiwan
«
Reply #3 on:
January 07, 2023, 10:09:37 am »
if I get you right, your VPN client shows conneted.
You can see the route to your remote network, but you can not ping it.
can you ping the Remote Ip address of the VPN tunnel interface
rgds
Logged
desartecsrl@gmail.com
Newbie
Posts: 10
Karma: 0
Re: Config OpenVpn Multiwan
«
Reply #4 on:
January 07, 2023, 05:11:25 pm »
If it's correct, I can only access the OPNSense web manager and it responds to PINGs (192.168.254.254). But the other computers (192.168.254.229), (192.168.254.230) and (192.168.254.231) on the LAN are turned off.
This is the block diagram
«
Last Edit: January 07, 2023, 05:13:48 pm by desartecsrl@gmail.com
»
Logged
FraLem
Jr. Member
Posts: 81
Karma: 2
Re: Config OpenVpn Multiwan
«
Reply #5 on:
January 08, 2023, 05:57:48 am »
Hi, On the firewall rule for the LAN interface, I guess you have selected the Gateway group, right?
Can you run a tcpdump/wireshark on any of the LAN devices and check if packets reach them?
Rgds
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Config OpenVpn Multiwan