Sunday, 2021 June 06
After getting dynamic DNS working yesterday, I decided to tackle the next major piece of functionality: allowing remote access to my house.
pfSense supports three VPN solutions out of the box; I quickly settled on OpenVPN because it seemed to best suit my use case - simple, secure access to my house network from "the outside".
There are also a number of detailed tutorials online. I followed the first one I found that looked reasonable and, within an hour, had everything set up. As a test I installed the semi-official OpenVPN client for Android on my phone, turned off my phone's wifi, and attempted to connect. Nothing.
At this point I should have stepped back and taken a more cautious approach, but instead I tore down the configuration I had created in pfSense, found a different tutorial, and tried again. And obtained the same result.
Here I went into angry-debug mode. First blaming Comcast for blocking the VPN port (they were not), then tearing everything down and following yet another tutorial, then randomly searching for any marginally-related keywords that came to mind. Nothing worked.
Finally, lacking any other ideas, I decided to be methodical. I quickly realized that the problem was on my end. A bit of poking around and I found the issue. I have a cable modem (an Arris SURFBoard SBG8300, highly recommended) operating in bridge mode, with the pfSense appliance directly behind it. I had assumed, incorrectly, that since the Arris was in bridge mode it would forward all ports through. It does not; I had to explicitly forward my VPN port. As soon as I did that I was able to successfully connect from my phone. Performance does not seem great, but that's a problem for me to tackle at a later date.
Saturday, 2021 June 05 Monday, 2021 June 07