OpenVPN Setup but can only access gateway

Hi, I set up a VPN using How To Setup OpenVPN For Remote Access On pfsense, but it does not work correctly.

My set up:
Server side - pfSense 2.4.5
WAN - public IP with a NoIP DDNS setup
LAN - 192.168.101.0/24 and Default GW of 192.168.101.1 which is my pfSense
VPN remote network - 192.168.104.1/24

Client side - BT Hub (standard ISP router)
WAN - public IP
LAN - 192.168.1.0/24 and Default GW of 192.168.1.1

Other than these chances the setup is the same as in the video.

The VPN connects and route print in cmd looks fine, but when trying to ping from remote PC (win10) to my LAN PC (also win10) or from LAN PC to remote PC I get response timed out, but here is the funny thing I can ping pfSense. I have no firewall rules setup other than pfblocker’s.

Can anyone tell me what is going on as I have spent the last few days looking at ever OpenVPN setup guide and help forum post that even remotely looks similar to my problem.

Haven’t watched the vid but my OpenVPN server is running ok on pfsense for me.

Just quickly looking at my rules on Firewall>Rules>OpenVPN Server I have added

  • NAT Forwarder rule
  • rule to pass IP4 traffic

On the Firewall>NAT>Port forward I’ve added a DNS forwarder rule

On the Firewall>NAT>Outbound (Manual) I’ve added a mapping on the WAN for the OpenVPN server.

Try these.

It looks like you’re trying to connect two houses you’d be better off setting a site-to-site VPN, that way the other household doesn’t have to do anything. If you won’t to avoid the expense of a pfsense box, I’d recommend an Asus router with Merlin firmware (I used it in the past) as it has both an OpenVPN Server and Client. Then you just connect the two houses, I had just a setup running for a while until I went full pfsense :slight_smile: A raspberry pi 4 can do the same thing for cheap but I’ve found they can just freeze from time to time.

Thanks for the suggestion neogrid, but I don’t believe a site to site would be the best for my situation.
I shall explain what I am looking in case there is a better way I am not seeing.

What I am trying to achieve is my LAN net, behind the pfSense box, will be a control network with a server running FTP and SMTP etc. (all the back end of a project I am working on), the problem is that I need a way to access the back end securely and SSH in to the client for fault finding and maintenance tasks with out needing to mess around with port forwarding and DDNS.

“Enter OpenVPN” I thought.

I was thinking that a remote access VPN would be the simplest as I only need to SSH access to the client and not the whole network behind the router.

Could you provide a screen shot of your working set up as I believe this was one of the steps I have already tried from another post.

Ah ok, you basically just need to set up your OpenVPN server then access it via an openVPN client. That should be possible.

On the WAN I have a rule for incoming to an OpenVPN Server :

On the OpenVPN server I have these rules:

My outbound NAT

That’s basically the rules I have for an OpenVPN server on one of my vlans.

Just checked and all of these rules are in place and look to of been auto generated by the set up wizard, which I followed click by click bar the IP changes.

Everything I read/watch says that it should just work straight from the wizard but its not.

I am tempted at this point default pfSense and start fresh, keeping a back up of the config naturally :sweat_smile:.

Not sure about the wizard, I set up my router a year ago and kept terrible notes! Just setup another OpenVPN server instance manually, you’ll probably find you’ve made a config error, then just cross check with the previous instance.
I do everything manually, I’ve got several OpenVPN servers running and don’t use the default, perhaps there is a difference between the two.

Hi, so I have been playing with this VPN over the past few days and I’ve made it worse.
The last I programmed manually failed with a “TLS handshake was not performed within 60 seconds” error and any of the “wizards” setups ping in either direction except from and to the pfSence box. I’ve even tried a default and reset up the pfSense.

Which leaves me with questions.
Is the “wizard” broken in 2.4.5? - Which just sounds impractical and there is no bug reports.
Is it my ISP blocking it in some way? - Which I didn’t think is possible, as this is the the main reason for using VPNs so only your network can see what is happing.
Or is there something wrong with my setup? - Probable most likely, I just cant find it.

Again any suggestions are greatly appreciated.

It should be pretty straight forward to setup an OpenVPN server manually, just do that, export the certificates using the wizard, then install that on your phone, then you can test while connected on the same network.

Admittedly I’ve setup on previous versions rather than the latest.

I’d suspect you have a config error somewhere.