I am using GL-Mifi as an OpenVPN “road warrior” client to my pfSense-based OpenVPN server. It runs the latest “lede-mifi-2.271.bin” firmware. It recognized OpenVPN configuration exported by pfSense instantly. It is set to automatically connect the OpenVPN after boot.
The only issue I have that while I can connect from behind GL-Mifi to any network device behind the pfSense OpenVPN server network in the office, I can only connect from the office to the GL-Mifi and not the devices behind it.
To fix this, I have to modify GL-Mifi’s firewall settings every time it is powered on, by adding “option input ACCEPT” and “option forward ACCEPT” to the VPN_client interface; also to add forward rules between LAN and VPN_client interface.
This makes it work, but the problem is that the firewall rule is lost after re-connect, reboot or power-off.
I need to always re-enter the rules manually.
Is there a way to make the rule survive reboots? Maybe alter the auto-generated rule when OpenVPN connects to automatically contain the forwarding options needed?