OpenVPN no Local Access

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
manjotsc
OpenVpn Newbie
Posts: 8
Joined: Sun Oct 21, 2018 4:16 am

OpenVPN no Local Access

Post by manjotsc » Sat Jan 02, 2021 7:39 pm

Hi,

I have a two openvpn servers running on pfsense, UDP and TCP, both servers connect successfully to client. But I am not access local network or local ip address on UDP Server. On TCP server it's all working fine. Help Needed

Note : In the logs it says client disconnect, but on client side connection get shows as still connected.

Thanks,

Config

dev ovpns3
verb 3
dev-type tun
dev-node /dev/tun3
writepid /var/run/openvpn_server3.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp4
cipher AES-128-CBC
auth SHA256
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
client-connect /usr/local/sbin/openvpn.attributes.sh
client-disconnect /usr/local/sbin/openvpn.attributes.sh
local 66.131.200.13
tls-server
server 172.16.20.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc/server3
verify-client-cert none
username-as-common-name
plugin /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so /usr/local/sbin/ovpn_auth_verify_async user TERBUFMtQUNUSVZFLExvY2FsIERhdGFiYXNl false server3 40010
tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'firewall.manjot.net' 1"
lport 40010
management /var/etc/openvpn/server3.sock unix

Code: Select all

Jan 2 14:49:57	openvpn	54774	me/45.74.75.24:59671 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Jan 2 14:49:57	openvpn	54774	me/45.74.75.24:59671 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Jan 2 14:49:57	openvpn	54774	me/45.74.75.24:59671 Data Channel: using negotiated cipher 'AES-128-GCM'
Jan 2 14:49:57	openvpn	54774	me/45.74.75.24:59671 SENT CONTROL [me]: 'PUSH_REPLY,route 192.168.40.0 255.255.255.0,route 192.168.80.0 255.255.255.0,route 192.168.39.0 255.255.255.0,route 192.168.75.0 255.255.255.0,route 192.168.20.0 255.255.255.0,dhcp-option DOMAIN manjot.net,dhcp-option DNS 192.168.40.4,dhcp-option DNS 192.168.40.1,dhcp-option DNS 1.1.1.1,dhcp-option DNS 8.8.8.8,route-gateway 172.16.20.1,topology subnet,ping 10,ping-restart 60,ifconfig 172.16.20.2 255.255.255.0,peer-id 0,cipher AES-128-GCM' (status=1)
Jan 2 14:49:57	openvpn	54774	me/45.74.75.24:59671 PUSH: Received control message: 'PUSH_REQUEST'
Jan 2 14:49:57	openvpn	54774	me/45.74.75.24:59671 MULTI: primary virtual IP for me/45.74.75.24:59671: 172.16.20.2
Jan 2 14:49:57	openvpn	54774	me/45.74.75.24:59671 MULTI: Learn: 172.16.20.2 -> me/45.74.75.24:59671
Jan 2 14:49:57	openvpn	54774	me/45.74.75.24:59671 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_603c0cc0da0e82762242fd9667155385.tmp
Jan 2 14:49:57	openvpn	54774	me/45.74.75.24:59671 MULTI_sva: pool returned IPv4=172.16.20.2, IPv6=(Not enabled)
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 [me] Peer Connection Initiated with [AF_INET]45.74.75.24:59671
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384
Jan 2 14:49:57	openvpn		user 'me' authenticated
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1553'
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 TLS: Username/Password authentication deferred for username 'me' [CN SET]
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 PLUGIN_CALL: POST /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 peer info: IV_BS64DL=1
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 peer info: IV_SSO=openurl
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.4-5891
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 peer info: IV_IPv6=0
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 peer info: IV_PROTO=2
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 peer info: IV_TCPNL=1
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 peer info: IV_NCP=2
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 peer info: IV_PLAT=android
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 peer info: IV_VER=3.git:released:662eae9a:Release
Jan 2 14:49:57	openvpn	54774	45.74.75.24:59671 TLS: Initial packet from [AF_INET]45.74.75.24:59671, sid=f2781aee 7f125235
Last edited by Pippin on Sat Jan 02, 2021 7:50 pm, edited 1 time in total.
Reason: Formatting

manjotsc
OpenVpn Newbie
Posts: 8
Joined: Sun Oct 21, 2018 4:16 am

Re: OpenVPN no Local Access

Post by manjotsc » Wed Jan 06, 2021 12:08 pm

Solved : I change the IPV4 Tunnel Network CIDR to 172.16.40.0/24 and everything is working again.

Post Reply