Can't access freepbx from openvpn remote host

chofo1979 · August 29, 2018, 9:19pm

Hello,

I am using pfsense to create a site to site openvpn tunnel for remote phones.

I have setup openvpn successfully and can connect from outside.

The problem is my FreePBX is inaccessible.

I have disabled the firewall and disabled iptables but I cannot acces the GUI or register an extension from an openvpn client.

I can access other hosts inside the FreePBX network (like phones and another server we have).

I found another similar old post here and they solved it by adding the remote network with the route command. I have done that but still no luck.

Thanks for the help.

arielgrin · August 29, 2018, 10:11pm

Can you describe your environment?

I have the same setup in regards to pfsense and openvpn and I can connect just fine from the outside.

chofo1979 · August 29, 2018, 10:38pm

Yes, as of right now it is this simple:

Pfsense 2.4 / only one LAN, no vlans. / only one WAN with a public IP
I have setup an openvpn tunnel on pfsense which is working correctly.
Rules on the firewall are set to allow all traffic from Lan to any as well as openvpn subnet to any

FreePBX 14
Have tried with firewall and iptables disabled and all enabled with the openvpn subnet as trusted traffic in the firewall

At the moment I am only connecting my laptop to the vpn and trying to register zoiper.

Cant access the GUI or register the softphone.

I can access other servers in the network.

arielgrin · August 29, 2018, 11:11pm

What is the LAN network and what is the VPN network? Are the other servers on the same network as the freepbx server?

chofo1979 · August 29, 2018, 11:14pm

LAN 192.168.2.0/24
VPN 192.168.10.0/24

The other servers are on the LAN, and it is the same network as the freepbx.

It has got to be something on freepbx.

arielgrin · August 29, 2018, 11:29pm

What does a traceroute show? Both from freepbx to remote laptop and vice-versa

chofo1979 · August 29, 2018, 11:43pm

I cannot run traceroute on freepbx at the moment but from my laptop to the pbx this is what I get:

To an IP phone:
$ traceroute 192.168.2.204
traceroute to 192.168.2.204 (192.168.2.204), 30 hops max, 60 byte packets
1 gateway (192.168.10.1) 287.314 ms 287.331 ms 287.330 ms
2 * 192.168.2.204 (192.168.2.204) 287.960 ms 287.977 ms

To the PBX:
$ traceroute 192.168.2.230
traceroute to 192.168.2.250 (192.168.2.230), 30 hops max, 60 byte packets
1 gateway (192.168.10.1) 78.990 ms 80.886 ms 85.126 ms
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
… This does not stop

arielgrin · August 30, 2018, 12:08am

What does traceroute show if you trace the LAN ip of pfsense?

chofo1979 · August 31, 2018, 9:16pm

Hello… here it is:

$ sudo traceroute 192.168.2.1
traceroute to 192.168.2.1 (192.168.2.1), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
And goes on like this until 30…

arielgrin · August 31, 2018, 9:26pm

I might say you have a routing problem…
Does a ping to that IP reply back?

chofo1979 · August 31, 2018, 9:27pm

But how can I access the http at that address and 192.168.2.204 too??

chofo1979 · August 31, 2018, 9:28pm

here:

$ ping 192.168.2.1
PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.
64 bytes from 192.168.2.1: icmp_seq=1 ttl=64 time=81.6 ms
64 bytes from 192.168.2.1: icmp_seq=2 ttl=64 time=81.4 ms
64 bytes from 192.168.2.1: icmp_seq=3 ttl=64 time=84.0 ms
64 bytes from 192.168.2.1: icmp_seq=4 ttl=64 time=90.7 ms
64 bytes from 192.168.2.1: icmp_seq=5 ttl=64 time=114 ms
^C
— 192.168.2.1 ping statistics —
5 packets transmitted, 5 received, 0% packet loss, time 4006ms
rtt min/avg/max/mdev = 81.406/90.379/114.084/12.329 ms

arielgrin · August 31, 2018, 9:42pm

How many network cards does your freepbx have?

system · August 31, 2019, 9:42pm

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.