Archive > 17.7 Legacy Series

IPSec VPN - can access network but not internet (Road Warrior)

(1/2) > >>

Nick:
Hi guys,

OPNsense noob, former Watchguard user here. I have followed the directions (https://docs.opnsense.org/manual/how-tos/ipsec-road.html) to setup an IPSec VPN to the T, and it works fine to connect to internal devices, but when doing so I cannot access the internet otherwise when connected from my iPhone. Ideally I would like to send all traffic over the VPN, but cannot access the internet when connected to the VPN either via the OPNsense router or my phone connection, it simply prevents any external access.

I've also tried the differences in this guide with no luck either: https://www.thegeekpub.com/5855/pfsense-road-warrior-ipsec-config-works/

I would appreciate some advise please. I'm not sure what I need to post to aid assistance at this point either to be perfectly honest. The firewall setup is identical to that in the first guide, with otherwise nothing else fancy going on.

Edit: I've added Google's DNS with no luck.

bartjsmit:
Hi Nick,

If you are agnostic about the VPN technology, you may find OpenVPN a bit easier to install. This guide has never failed me: https://www.kirkg.us/posts/building-an-openvpn-server-with-opnsense/

Since you can run it on TCP 443, OpenVPN is also a bit more firewall friendly on the client side.

Bart...

wiyadi:
@Nick,

Your ref site: https://www.thegeekpub.com/5855/pfsense-road-warrior-ipsec-config-works/ is working with opnsense before version 18.x.x in the last ver 17.x it working but after upgrading to 18.1 it broken the vpn.
I try using pfsense 2.4.3-RELEASE-p1 (amd64) it also working fine.
I've tried reinstall my router with opnsens 18.1.6 twice but no luck.
Maybe developer have to know that roadwarrior IPsec still broken in ver 18.1.6 until upgrade last version on date June 12 2018.
I'm switching to pfsense and will be back opnsense if this problem solved!

franco:
There's no road warrior issue we know of in 18.1.x.

There was one thing but it turned out the user wanted a site-to-site config and misconfigured for mobile which stopped working after a consistency fix.


Cheers,
Franco

sedace:
Sorry to bump an old thread, I'm on 18.1.9 and followed the mobile https://wiki.opnsense.org/manual/how-tos/ipsec-road.html guide and finally got to where I can connect to my LAN and access local IP's but I can't access any external sites from the mobile device.  Been messing with firewall rules and the log isn't showing any deny activity... are there any known issues the documentation doesn't cover to assist?

Navigation

[0] Message Index

[#] Next page

Go to full version