Project

General

Profile

Actions

Bug #2684

closed

OpenVPN interfaces cannot be set as usable gateways

Added by Anonymous over 11 years ago. Updated over 8 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
OpenVPN
Target version:
-
Start date:
11/17/2012
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.1
Affected Architecture:

Description

I am trying to set a pfSense OpenVPN client instance as a gateway that LAN clients can use. I created an pfsense interface and assigned the OpenVPN instance (ovpnc2) to it (setting the IPv4/6 addresses to none). The gateway works and the other side is reachable, however it does not show up as a gateway option in the advanced firewall rules. This is because the "Gateway" still says dynamic since OpenVPN instance is the one negotiating the IP address. (see pfSense dynamic gateway 1.PNG)

When I set the pfSense interface as DHCP, the correct gateway IP shows up in the gateway list instead of "dynamic", and the gateway can then be selected in the firewall rules, but the other side is no longer reachable and the tunnel no longer works. The OpenVPN tunnel instance stays up. (see pfSense dynamic gateway 2.PNG)

I am using the current (Nov 17) 2.1 snapshot. The issue is also the same on the Nov 12 snapshot.


Files

pfSense dynamic gateway 1.PNG (4.96 KB) pfSense dynamic gateway 1.PNG interface IP set as "none", Gateway as "dynamic" , cannot be used in a firewall rule Anonymous, 11/17/2012 03:20 PM
pfSense dynamic gateway 2.PNG (4.92 KB) pfSense dynamic gateway 2.PNG interface IP set as "dhcp", Gateway has IP, can be used in a firewall rule Anonymous, 11/17/2012 03:20 PM
pfSense System-Gateways.PNG (33.2 KB) pfSense System-Gateways.PNG Status: Gateways page with the interface IP set to "none" Anonymous, 11/18/2012 10:47 PM
Actions #1

Updated by Chris Buechler over 11 years ago

  • Status changed from New to Rejected

assigned OpenVPN interfaces, when correctly set as type "none", are automatically filled in correctly on every version including the latest snapshot. Setting them to anything other than "none" is not correct.

Actions #2

Updated by Anonymous over 11 years ago

I am aware of that. The issue is when pfSense interface IP is set to "none", the gateway doesn't pop up in the firewall rules list, because the gateway IP is simply listed as "dynamic" under the gateway column on the "Status: Gateways" page, instead of listing an IP address. The bug is pfSense is not filling out the gateways column with a valid IP address using OpenVPN. When the pfSense interface IP is set to "none", I can see it getting a valid IP and GW on the Status: Interfaces page, just not on "Status: Gateways"

When the pfSense interface IP is set to "DHCP or Static", an IP shows up in the gateway column, and the gateway can then be selected in the firewall rules, even though it won't work because the OpenVPN instance is not the one getting the IP address.

Actions #3

Updated by Chris Buechler over 8 years ago

  • Target version deleted (2.1)
Actions

Also available in: Atom PDF