Re: [pfSense Support] open vpn
Am 20.07.2011 08:35, schrieb A Mohan Rao: i tried help from you tube video help then do configure same. http://www.youtube.com/watch?v=odjviG-KDq8 On Wed, Jul 20, 2011 at 11:56 AM, George Neill geor...@neillnet.com mailto:geor...@neillnet.com wrote: Mohan, Not an expert here, just sharing my experience. I used the wizard and had just the one issue. I suspect you'll need to provide more details on your configuration before an expert could help. Later, George On 7/20/11, A Mohan Rao mohanra...@gmail.com mailto:mohanra...@gmail.com wrote: yes but still not working i think it is bug because when i try nat or port forwarding also does not work... its only working captive portal acl or dhcp. On Wed, Jul 20, 2011 at 11:06 AM, George Neill geor...@neillnet.com mailto:geor...@neillnet.com wrote: Mohan, I suspect your using windows clients? I believe I ran in to the same issue. Make sure you 'Run as Administrator' the OpenVPN GUI. If you don't do this the route table on the client doesn't get updated. You can see errors in the log to confirm. HTH, George On 7/20/11, A Mohan Rao mohanra...@gmail.com mailto:mohanra...@gmail.com wrote: Dear all pfsense experts, i m tried open vpn on pfsense 2.0 its successfully configured but when user's r try to connect from client end its connected but not access our lan network i have to create a rule for that. but still its not working i had tried googled. kindly give any tips or help. Thanks Mohan Rao - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org hi, you have to watch the output of ovpn when the error occurs. I know i had to tune some stuff in the config file i imported to windows vista/7 i think you have to add route-method exe route-delay 2 to your config file. cheers. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] open vpn
Mohan, Not an expert here, just sharing my experience. I used the wizard and had just the one issue. I suspect you'll need to provide more details on your configuration before an expert could help. Later, George On 7/20/11, A Mohan Rao mohanra...@gmail.com wrote: yes but still not working i think it is bug because when i try nat or port forwarding also does not work... its only working captive portal acl or dhcp. On Wed, Jul 20, 2011 at 11:06 AM, George Neill geor...@neillnet.com wrote: Mohan, I suspect your using windows clients? I believe I ran in to the same issue. Make sure you 'Run as Administrator' the OpenVPN GUI. If you don't do this the route table on the client doesn't get updated. You can see errors in the log to confirm. HTH, George On 7/20/11, A Mohan Rao mohanra...@gmail.com wrote: Dear all pfsense experts, i m tried open vpn on pfsense 2.0 its successfully configured but when user's r try to connect from client end its connected but not access our lan network i have to create a rule for that. but still its not working i had tried googled. kindly give any tips or help. Thanks Mohan Rao - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] open vpn
i tried help from you tube video help then do configure same. http://www.youtube.com/watch?v=odjviG-KDq8 On Wed, Jul 20, 2011 at 11:56 AM, George Neill geor...@neillnet.com wrote: Mohan, Not an expert here, just sharing my experience. I used the wizard and had just the one issue. I suspect you'll need to provide more details on your configuration before an expert could help. Later, George On 7/20/11, A Mohan Rao mohanra...@gmail.com wrote: yes but still not working i think it is bug because when i try nat or port forwarding also does not work... its only working captive portal acl or dhcp. On Wed, Jul 20, 2011 at 11:06 AM, George Neill geor...@neillnet.com wrote: Mohan, I suspect your using windows clients? I believe I ran in to the same issue. Make sure you 'Run as Administrator' the OpenVPN GUI. If you don't do this the route table on the client doesn't get updated. You can see errors in the log to confirm. HTH, George On 7/20/11, A Mohan Rao mohanra...@gmail.com wrote: Dear all pfsense experts, i m tried open vpn on pfsense 2.0 its successfully configured but when user's r try to connect from client end its connected but not access our lan network i have to create a rule for that. but still its not working i had tried googled. kindly give any tips or help. Thanks Mohan Rao - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] open vpn
Dear all pfsense experts, i m tried open vpn on pfsense 2.0 its successfully configured but when user's r try to connect from client end its connected but not access our lan network i have to create a rule for that. but still its not working i had tried googled. kindly give any tips or help. Thanks Mohan Rao
Re: [pfSense Support] open vpn
Mohan, I suspect your using windows clients? I believe I ran in to the same issue. Make sure you 'Run as Administrator' the OpenVPN GUI. If you don't do this the route table on the client doesn't get updated. You can see errors in the log to confirm. HTH, George On 7/20/11, A Mohan Rao mohanra...@gmail.com wrote: Dear all pfsense experts, i m tried open vpn on pfsense 2.0 its successfully configured but when user's r try to connect from client end its connected but not access our lan network i have to create a rule for that. but still its not working i had tried googled. kindly give any tips or help. Thanks Mohan Rao - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] open vpn
yes but still not working i think it is bug because when i try nat or port forwarding also does not work... its only working captive portal acl or dhcp. On Wed, Jul 20, 2011 at 11:06 AM, George Neill geor...@neillnet.com wrote: Mohan, I suspect your using windows clients? I believe I ran in to the same issue. Make sure you 'Run as Administrator' the OpenVPN GUI. If you don't do this the route table on the client doesn't get updated. You can see errors in the log to confirm. HTH, George On 7/20/11, A Mohan Rao mohanra...@gmail.com wrote: Dear all pfsense experts, i m tried open vpn on pfsense 2.0 its successfully configured but when user's r try to connect from client end its connected but not access our lan network i have to create a rule for that. but still its not working i had tried googled. kindly give any tips or help. Thanks Mohan Rao - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Open VPN setup
On 2/26/10 11:38 AM, Abdulrehman wrote: I need to setup an OpenVPN scenario with pfsense. I want to connect to a remote network and also want to use the gateway of that remote network. Means if i am connected to VPN then all my internet traffic will go out through gateway of that network. Is it possibleplease help Add to the Custom options of your configuration: push redirect-gateway def1 that's it. Regards, Roy -- Roy Kaldung - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Open VPN setup
I need to setup an OpenVPN scenario with pfsense. I want to connect to a remote network and also want to use the gateway of that remote network. Means if i am connected to VPN then all my internet traffic will go out through gateway of that network. Is it possibleplease help Regards Abdulrehman
Re: [pfSense Support] Open VPN setup
On 26/02/10 10:38, Abdulrehman wrote: I need to setup an OpenVPN scenario with pfsense. I want to connect to a remote network and also want to use the gateway of that remote network. Means if i am connected to VPN then all my internet traffic will go out through gateway of that network. Is it possibleplease help yes, first hit on google ( http://www.google.co.uk/search?q=openvpn+route+all+traffic ) http://www.wains.be/index.php/2008/07/18/openvpn-routing-all-traffic-through-the-vpn-tunnel/ - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Open VPN setup
Try this link http://openvpn.net/index.php/open-source/documentation/howto.html#examples, reference Routing all client traffic (including web-traffic) through the VPN On Fri, Feb 26, 2010 at 10:38 AM, Abdulrehman arvagabo...@gmail.com wrote: I need to setup an OpenVPN scenario with pfsense. I want to connect to a remote network and also want to use the gateway of that remote network. Means if i am connected to VPN then all my internet traffic will go out through gateway of that network. Is it possibleplease help Regards Abdulrehman -- -- Este e-mail e quaisquer ficheiros a ele anexados são confidenciais e destinados, exclusivamente, à pessoa ou entidade a quem foi endereçado. Se recebeu este e-mail por erro, por favor, contacte-nos. Obrigado. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify us. Antes de imprimir este e-mail pense se necessita mesmo de o fazer
Re: [pfSense Support] open vpn ruleset?
Chris Buechler wrote: Paul M wrote: I'd still like to know how to set up rules to control the vpn client access. You can't yet (it's on the improvements wish list hopefully for the 1.3 release). ah, so if I did want some sort of access control, I'd have to use a separate pfsense box on a DMZ off the main firewall. thanks for your help, much appreciated. Paul - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] open vpn ruleset?
Hi, thanks for reading this I've been able to establish an open vpn tunnel between a pfsense 10.2-rc1 machine at work and my linux box at home (which uses an ADSL modem/bridge and has a static IP). 10.0.0.0/24--lan--PFSENSE ~~~ LINUX--lan--192.168.0.0/24 the openvpn server settings on pfsense are to have a On pfsense I see this interface: tun0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1500 inet6 fe80::21b:21ff:fe01:245a%tun0 prefixlen 64 scopeid 0x16 inet 10.50.102.1 -- 10.50.102.2 netmask 0x Opened by PID 11694 and this route: 192.168.29 10.50.102.2UGS 06 tun0 but when I try and ping the local tunnel I get an error... # ping 10.50.102.1 PING 10.50.102.1 (10.50.102.1): 56 data bytes ping: sendto: No buffer space available - On linux box I see this: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.50.102.2 P-t-P:10.50.102.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:38 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 b) TX bytes:3192 (3.1 Kb) and I see this route in my table: 10.0.0.010.50.102.1 255.255.255.0 UG0 00 tun0 - If I run tcpdump -i tun0 at each end and ping the other, I can see the icmp packets leave but nothing coming back; I have made sure my linux box. If on my linux box I ping a node at work LAN I see the ping going into tun0, no reply, and likewise if on the pfsense box I ping the LAN address on my machine at home it too goes down the tunnel. My questions are this. 1/ how can I find out why the tunnel isn't passing traffic 2/ how do I define firewalling rules on the pfsense box to determine what the openvpn clients can access? Although I can add a rule and specify the interface as WAN,LAN,PPTP,PPOE,IPSEC or my sync and DMZ interfaces, there doesn't appear to be an option for openvpn clients; if I do create a rule for ipsec it disappears, as there's no tab for that interface. thanks very much Paul - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] open vpn ruleset?
Paul M wrote: I've been able to establish an open vpn tunnel between a pfsense 10.2-rc1 machine at work and my linux box at home (which uses an ADSL modem/bridge and has a static IP). 10.0.0.0/24--lan--PFSENSE ~~~ LINUX--lan--192.168.0.0/24 ... If I run tcpdump -i tun0 at each end and ping the other, I can see the icmp packets leave but nothing coming back; I have made sure my linux (snipped lots of previous commentary). I rebooted pfsense because I'd been doing a lot of hacking about, and tried again.. no better luck but now when I ping on linux box I get this appearing from tcpdump on pfsense: 13:23:40.596976 IP15 bad-len 0 13:23:41.751325 IP15 [|ip] 13:23:51.400179 IP15 [|ip] At one point I did have at least ping working, but couldn't pass traffic, and then I changed it because my network settings weren't right for the environment. Paul - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] open vpn ruleset?
Paul M wrote: I'd still like to know how to set up rules to control the vpn client access. You can't yet (it's on the improvements wish list hopefully for the 1.3 release). - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Open VPN question
Yeah, it still trashes the optional interfaces from what I can tell. It would be really nice if it didn't do that. Scott On 11/3/05, Bill Marquette [EMAIL PROTECTED] wrote: FWIW, I seem to recall it screwed around with OPT interfaces in a rather nasty way. I thought there was a fix for m0n0 that we sync'd in, but it hasn't had satisfactory testing.If you do test it, patches, not support questions (unless those questions are developer type questions), would be greatly appreciated. --Bill On 11/2/05, Scott Ullrich [EMAIL PROTECTED] wrote: There are no plans to release OpenVPN enabled on 1.0. We will continue to sync changes but the OpenVPN menu item will have to be enabled with the developer/ tag which basically means your on your own in terms of support. Maybe for 1.1 we can have it stable enough to include. Scott On 11/2/05, alan walters [EMAIL PROTECTED] wrote: There seems to be a few issues with it both client and server side. I have been playing with monowal 1.2 openvpn and seem to see similar but not as detailed problems. I would guess that when it is re released in mono we would problerly get it. But I am sure the core team would give you more information Regards Alan walters Ps the most recent version from mono 1.2-opvn2 seems to work ok, but there is a couple of small bugs in firewall rules still. -Original Message- From: J B [mailto:[EMAIL PROTECTED] Sent: 02 November 2005 15:57 To: support@pfsense.com Subject: [pfSense Support] Open VPN question Will OpenVPN be part of the final release? Is anyone working on it? What is broken - maybe someone on the list can figure out how to fix it... JB - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Open VPN question
Will OpenVPN be part of the final release? Is anyone working on it? What is broken - maybe someone on the list can figure out how to fix it... JB - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Open VPN question
There seems to be a few issues with it both client and server side. I have been playing with monowal 1.2 openvpn and seem to see similar but not as detailed problems. I would guess that when it is re released in mono we would problerly get it. But I am sure the core team would give you more information Regards Alan walters Ps the most recent version from mono 1.2-opvn2 seems to work ok, but there is a couple of small bugs in firewall rules still. -Original Message- From: J B [mailto:[EMAIL PROTECTED] Sent: 02 November 2005 15:57 To: support@pfsense.com Subject: [pfSense Support] Open VPN question Will OpenVPN be part of the final release? Is anyone working on it? What is broken - maybe someone on the list can figure out how to fix it... JB - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
