OpenVPN Bridge on pfsense: once LAN pings clients, connectivity breaks

Posted by Lucas Kauffman on Server Fault See other posts from Server Fault or by Lucas Kauffman
Published on 2013-11-04T15:35:46Z Indexed on 2013/11/04 15:56 UTC
Read the original article Hit count: 355

Filed under:

openvpn

|

pfsense

So I'm using a pfsense openvpn to bridge my LAN segment so VPN users can access the servers.

The problem I'm having now is that I can establish a connection, I can ping the LAN server from the VPN, but as soon as I ping the client from the LAN server, there is no connectivity anymore between both parties.

So:

connect from the VPN client to the LAN => works ping the LAN from the VPN client => works access server from the VPN (ssh, ftp,...) => works ping client from server => doesn't work ping LAN from the VPN client => doesn't work anymore My bridge has em1 and ovpns1 bridged. I noted with tcpdump that ICMP is reaching the bridge between LAN and the VPN segment. But it's not put onto the em1 interface for some reason.

My pfsense is running on an ESXi host with th vSwitch port enabled in promiscious mode. Firewall rules allow in and outbound traffic regardless origin or destination.

© Server Fault or respective owner

Related posts about openvpn

Encouter error "Linux ip -6 addr add failed" while setting up OpenVPN client

as seen on Server Fault - Search for 'Server Fault'
I am trying to set up my router to use OpenVPN and have gotten quite far (I think), but something seems to be missing and I am not sure what. Here is my configuration for the client: client dev tun proto udp remote ovpn.azirevpn.net 1194 remote-random resolv-retry infinite auth-user-pass /tmp/password… >>> More
OpenVpn: Setting Up Openvpn in Ubuntu 10.04

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I am trying to setup OpenVpn Server on Ubuntu 10.04. I am not good in network concepts so its hard to understand the IP address that are given in the setup tutorial.. I could find many sites to setup openvpn server but i have few doubts in it. 1.I am mainly setting up the server to make it work… >>> More
pfsense peer-to-peer OpenVPN not connecting

as seen on Server Fault - Search for 'Server Fault'
I'm trying to setup a peer-to-peer OpenVPN between two pfsense servers running 2.0.1-RELEASE, but the client keeps getting the connection dropped, with a status of "reconnecting; ping-restart" and nothing appears to be routing between them. Both these firewalls are also doing PPTP VPNs that are working… >>> More
OpenVPN not connecting

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
There have been a number of post similar to this, but none seem to satisfy my need. Plus I am a Ubuntu newbie. I followed this tutorial to completely set up OpenVPN on Ubuntu 12.04 server. Here is my server.conf file ################################################# # Sample OpenVPN 2.0 config file… >>> More
openVPN GUI does not run error about error opening registry for reading HKLM\SOFTWARE\OpenVPN

as seen on Super User - Search for 'Super User'
I'm trying to run OpenVPN as a portable application and to that effect i have installed it on a Windows 7 machine, copied the files to another windows 7 machine and manually restored the registry settings using a .reg file. Whenever i try to run open vpn GUI i get the following error error opening… >>> More

Related posts about pfsense

Using pfSense, OpenVPN Connects but Still Can't See the Network

as seen on Super User - Search for 'Super User'
I am having an OpenVPN issue. I have a pfSense box at home configured to allow traffic through a VPN tunnel. The client computer is Windows XP Home, behind a standard Comcast connection and a Netgear wireless router. I use OpenVPN to access my work network (from where I am trying to get out of… >>> More
Ierrs on Network Interface - Pfsense/Freebsd

as seen on Server Fault - Search for 'Server Fault'
Hello all, We're using PfSense as an internal router/firewall (no connection to WAN). Using the Web-GUI, under Status --- Interfaces, there's one particular interface where I have some errors: In/out errors 3513/0 I then SSHed to the firewall to validate the info provided by the WebGUI and… >>> More
pfSense Firewall or Linsys/Cisco router for small offices

as seen on Server Fault - Search for 'Server Fault'
I'm about to start switching some networks around for multiple small offices. Each office has about 10 to 15 users and 10 to 15 computers. Each office has a spread of generic routers and access points. The routers vary from being used as routers, to just being an access point for wireless. Nothing… >>> More
Per client DNS server assignment using Pfsense

as seen on Server Fault - Search for 'Server Fault'
I have a network where pfsense is the gateway. There are two sets of clients that I want. One where there will be some restrictions to the network (example, IM being blocked) and one network where there are no restrictions. One easy way I thought about doing this was assigning the different domains… >>> More
Route specific HTTP requests through pfSense OpenVPN

as seen on Server Fault - Search for 'Server Fault'
Hi, to start, I have very little knowledge on routes, iptables, etc. That said, here's what I'm trying to accomplish and where I think I'm stumped: Problem: We have an external website which we recently firewalled so it only accepts traffic from our office IP addresses. This works well at the office… >>> More