Well yeah its going to be embedded in a lot of links as of late.. That news is all over the net.. And yet people still hand over money to these services thinking they are getting something other than slow internet and problems accessing their other services they pay for.. So that their isp doesn't know they went to xyz.com -- makes zero sense to me ;)

Why do you use a /24 net for a site-2-site. A /30 will be the better choice here. @Cricco95 said in OpenVPN site2site not working: Trying to ping VPN server interface on 10.8.0.1: You did the ping from WAN IP. Don't know what your WAN is, but you may miss the route. What it you do a ping from LAN? If it works, try a ping from LAN to the remote LAN IP of the server.

This has come up before. You need to push a route for the remote LAN subnet to your OpenVPN clients and also configure a phase 2 for the OpenVPN tunnel network on each side of the IPsec tunnel.

@bthoven no prob

I guess, you are missing the route to your network on the server side. However, if the VPN connection is for your own purposes, I assume you can also do a workaround with NAT.

Made another test to see if pfsense behaves different. Downloaded a testfile on a machine with additional 250ms delay configured. All machines on a local LAN with Gigabit switches in-between: Downloading on a Linux machine gives around 12Mbyte per second: $ curl http://172.16.34.206/testfile.img --output testfile.img % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 4 3320M 4 155M 0 0 9.8M 0 0:05:36 0:00:15 0:05:21 12.0M^C Download on the pfsense machine, gives only around 6.5Mbyte per second: : curl http://172.16.34.206/testfile.img --output testfile.img % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 3 3320M 3 118M 0 0 6125k 0 0:09:15 0:00:19 0:08:56 6578k^C However, it's not that the pfsense machine is generally slower, when removing the artificial latency, the download on the pfsense reaches the expected >100Mbyte/s on a gigabit network: : curl http://172.16.34.206/testfile.img --output testfile.img % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 9 3320M 9 318M 0 0 111M 0 0:00:29 0:00:02 0:00:27 111M^C

When you connect to a VPN server it gives you a gateway address. If you connect to servers that give you the same gateway you will have the problems you are seeing because you can't have two interfaces with the same subnet/gateway on them. Choosing different access points from the same provider, or different providers, should solve it.

@fulail It should work fine. I do it. You should assign the DDNS address to the public IP. Can you ping the DDNS host by name? The line in your config file should be remote yourDDNSname yourport yourprotocol

[image: 1571140985899-port_forwards_pfsense_openvpn_clients.jpg] [image: 1571141153637-port_forwards_pfsense_openvpn_clients_wanewe.jpg] Hi Viragomann, thats already done. See screenshot. Port Forward was created for every singline wan interface.

@Derelict If you could also answer my other (new) question here: https://forum.netgate.com/topic/147323/openvpn-the-clash-of-gateways Thank you very much,

Thanks

Thanks again. I did it like that. No clue if it works as I cannot drop a line currently (off-site), but I see packets going to the server quite happily. So, the last rule in client's OpenVPN set is a pass rule that uses the gateway group (which has both ovpn IFs). On the server side I will reduce to one OpenVPN server only, bind this one to the localhost and create one NAT on WAN 1 and another on WAN 2 both pointing to the localhost:ovpn-port. I will do the same for road warriors and on the clients I will add the "remote ..." line.

Oct 14 10:01:52 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/182176] Oct 14 10:01:52 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:52 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:52 openvpn 30979 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Oct 14 10:01:52 openvpn 30979 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=a971a731 2b3e83cf, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Oct 14 10:01:52 openvpn 30979 TLS: tls_process: timeout set to 29 Oct 14 10:01:52 openvpn 30979 ACK reliable_send_timeout 32 [1] 0 Oct 14 10:01:52 openvpn 30979 ACK reliable_can_send active=1 current=0 : [1] 0 Oct 14 10:01:52 openvpn 30979 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800 Oct 14 10:01:52 openvpn 30979 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=c6a2969e 7023d331, stored-sid=00000000 00000000, stored-ip=[AF_INET]172.94.7.2:53 Oct 14 10:01:52 openvpn 30979 UDPv4 write returned 42 pid=0 DATA Oct 14 10:01:52 openvpn 30979 I/O WAIT status=0x0002 Oct 14 10:01:52 openvpn 30979 event_wait returned 1 Oct 14 10:01:52 openvpn 30979 PO_WAIT[0,0] fd=5 rev=0x00000004 rwflags=0x0002 arg=0x006a2710 Oct 14 10:01:52 openvpn 30979 I/O WAIT T?|T?|SR|SW [1/182176] Oct 14 10:01:52 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:52 openvpn 30979 PO_CTL rwflags=0x0003 ev=5 arg=0x006a2710 Oct 14 10:01:52 openvpn 30979 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Oct 14 10:01:52 openvpn 30979 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=a971a731 2b3e83cf, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Oct 14 10:01:52 openvpn 30979 TLS: tls_process: timeout set to 29 Oct 14 10:01:52 openvpn 30979 ACK reliable_send_timeout 32 [1] 0 Oct 14 10:01:52 openvpn 30979 Reliable -> TCP/UDP Oct 14 10:01:52 openvpn 30979 ENCRYPT TO: 278fa682 9edc8f08 026fc28e 4882d4aa c26a90da 00000005 5da47fb1 38c6a29[more...] Oct 14 10:01:52 openvpn 30979 ENCRYPT HMAC: 278fa682 9edc8f08 026fc28e 4882d4aa c26a90da Oct 14 10:01:52 openvpn 30979 ACK reliable_send ID 0 (size=4 to=32) Oct 14 10:01:52 openvpn 30979 ACK reliable_can_send active=1 current=1 : [1] 0 Oct 14 10:01:52 openvpn 30979 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800 Oct 14 10:01:52 openvpn 30979 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=c6a2969e 7023d331, stored-sid=00000000 00000000, stored-ip=[AF_INET]172.94.7.2:53 Oct 14 10:01:52 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:52 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:52 openvpn 30979 event_wait returned 0 Oct 14 10:01:51 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/182176] Oct 14 10:01:51 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:51 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:51 openvpn 30979 RANDOM USEC=182176 Oct 14 10:01:51 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:51 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:51 openvpn 30979 event_wait returned 0 Oct 14 10:01:50 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/54866] Oct 14 10:01:50 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:50 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:50 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:50 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:50 openvpn 30979 event_wait returned 0 Oct 14 10:01:49 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/54866] Oct 14 10:01:49 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:49 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:49 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:49 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:49 openvpn 30979 event_wait returned 0 Oct 14 10:01:48 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/54866] Oct 14 10:01:48 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:48 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:48 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:48 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:48 openvpn 30979 event_wait returned 0 Oct 14 10:01:47 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/54866] Oct 14 10:01:47 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:47 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:47 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:47 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:47 openvpn 30979 event_wait returned 0 Oct 14 10:01:46 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/54866] Oct 14 10:01:46 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:46 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:46 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:46 openvpn 30979 SENT PING Oct 14 10:01:46 openvpn 30979 TLS Warning: no data channel send key available: [key#0 state=S_PRE_START id=0 sid=00000000 00000000] [key#1 state=S_UNDEF id=0 sid=00000000 00000000] [key#2 state=S_UNDEF id=0 sid=00000000 00000000] Oct 14 10:01:46 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:46 openvpn 30979 event_wait returned 0 Oct 14 10:01:44 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/54866] Oct 14 10:01:44 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:44 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:44 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:44 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:44 openvpn 30979 event_wait returned 0 Oct 14 10:01:43 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/54866] Oct 14 10:01:43 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:43 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:43 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:43 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:43 openvpn 30979 event_wait returned 0 Oct 14 10:01:42 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/54866] Oct 14 10:01:42 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:42 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:42 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:42 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:42 openvpn 30979 event_wait returned 0 Oct 14 10:01:41 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/54866] Oct 14 10:01:41 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:41 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:41 openvpn 30979 RANDOM USEC=54866 Oct 14 10:01:41 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:41 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:41 openvpn 30979 event_wait returned 0 Oct 14 10:01:40 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/44554] Oct 14 10:01:40 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:40 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:40 openvpn 30979 MANAGEMENT: Client disconnected Oct 14 10:01:40 openvpn 30979 I/O WAIT status=0x0040 Oct 14 10:01:40 openvpn 30979 event_wait returned 1 Oct 14 10:01:40 openvpn 30979 PO_WAIT[1,0] fd=6 rev=0x00000011 rwflags=0x0001 arg=0x006a1578 Oct 14 10:01:40 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/44554] Oct 14 10:01:40 openvpn 30979 PO_CTL rwflags=0x0001 ev=6 arg=0x006a1578 Oct 14 10:01:40 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:40 openvpn 30979 MANAGEMENT: CMD 'state 1' Oct 14 10:01:40 openvpn 30979 I/O WAIT status=0x0040 Oct 14 10:01:40 openvpn 30979 event_wait returned 1 Oct 14 10:01:40 openvpn 30979 PO_WAIT[1,0] fd=6 rev=0x00000001 rwflags=0x0001 arg=0x006a1578 Oct 14 10:01:40 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/44554] Oct 14 10:01:40 openvpn 30979 PO_CTL rwflags=0x0001 ev=6 arg=0x006a1578 Oct 14 10:01:40 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:40 openvpn 30979 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock Oct 14 10:01:40 openvpn 30979 I/O WAIT status=0x0040 Oct 14 10:01:40 openvpn 30979 event_wait returned 1 Oct 14 10:01:40 openvpn 30979 PO_WAIT[1,0] fd=4 rev=0x00000001 rwflags=0x0001 arg=0x006a1578 Oct 14 10:01:40 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/44554] Oct 14 10:01:40 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:40 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:40 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:40 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:40 openvpn 30979 event_wait returned 0 Oct 14 10:01:39 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/44554] Oct 14 10:01:39 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:39 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:39 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:39 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:39 openvpn 30979 event_wait returned 0 Oct 14 10:01:38 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/44554] Oct 14 10:01:38 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:38 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:38 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:38 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:38 openvpn 30979 event_wait returned 0 Oct 14 10:01:37 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/44554] Oct 14 10:01:37 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:37 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:37 openvpn 30979 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Oct 14 10:01:37 openvpn 30979 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=a971a731 2b3e83cf, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Oct 14 10:01:37 openvpn 30979 TLS: tls_process: timeout set to 15 Oct 14 10:01:37 openvpn 30979 ACK reliable_send_timeout 15 [1] 0 Oct 14 10:01:37 openvpn 30979 ACK reliable_can_send active=1 current=0 : [1] 0 Oct 14 10:01:37 openvpn 30979 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800 Oct 14 10:01:37 openvpn 30979 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=c6a2969e 7023d331, stored-sid=00000000 00000000, stored-ip=[AF_INET]172.94.7.2:53 Oct 14 10:01:37 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:37 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:37 openvpn 30979 event_wait returned 0 Oct 14 10:01:36 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/44554] Oct 14 10:01:36 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:36 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:36 openvpn 30979 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Oct 14 10:01:36 openvpn 30979 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=a971a731 2b3e83cf, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Oct 14 10:01:36 openvpn 30979 TLS: tls_process: timeout set to 16 Oct 14 10:01:36 openvpn 30979 ACK reliable_send_timeout 16 [1] 0 Oct 14 10:01:36 openvpn 30979 ACK reliable_can_send active=1 current=0 : [1] 0 Oct 14 10:01:36 openvpn 30979 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800 Oct 14 10:01:36 openvpn 30979 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=c6a2969e 7023d331, stored-sid=00000000 00000000, stored-ip=[AF_INET]172.94.7.2:53 Oct 14 10:01:36 openvpn 30979 UDPv4 write returned 42 pid=0 DATA Oct 14 10:01:36 openvpn 30979 I/O WAIT status=0x0002 Oct 14 10:01:36 openvpn 30979 event_wait returned 1 Oct 14 10:01:36 openvpn 30979 PO_WAIT[0,0] fd=5 rev=0x00000004 rwflags=0x0002 arg=0x006a2710 Oct 14 10:01:36 openvpn 30979 I/O WAIT T?|T?|SR|SW [1/44554] Oct 14 10:01:36 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:36 openvpn 30979 PO_CTL rwflags=0x0003 ev=5 arg=0x006a2710 Oct 14 10:01:36 openvpn 30979 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Oct 14 10:01:36 openvpn 30979 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=a971a731 2b3e83cf, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Oct 14 10:01:36 openvpn 30979 TLS: tls_process: timeout set to 16 Oct 14 10:01:36 openvpn 30979 ACK reliable_send_timeout 16 [1] 0 Oct 14 10:01:36 openvpn 30979 Reliable -> TCP/UDP Oct 14 10:01:36 openvpn 30979 ENCRYPT TO: 11167a31 f2051088 ad09eca3 67be345f 8a5759f6 00000004 5da47fb1 38c6a29[more...] Oct 14 10:01:36 openvpn 30979 ENCRYPT HMAC: 11167a31 f2051088 ad09eca3 67be345f 8a5759f6 Oct 14 10:01:36 openvpn 30979 ACK reliable_send ID 0 (size=4 to=16) Oct 14 10:01:36 openvpn 30979 ACK reliable_can_send active=1 current=1 : [1] 0 Oct 14 10:01:36 openvpn 30979 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800 Oct 14 10:01:36 openvpn 30979 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=c6a2969e 7023d331, stored-sid=00000000 00000000, stored-ip=[AF_INET]172.94.7.2:53 Oct 14 10:01:36 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:36 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:36 openvpn 30979 event_wait returned 0 Oct 14 10:01:35 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/44554] Oct 14 10:01:35 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:35 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:35 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:35 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:35 openvpn 30979 event_wait returned 0 Oct 14 10:01:33 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/44554] Oct 14 10:01:33 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:33 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:33 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:33 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:33 openvpn 30979 event_wait returned 0 Oct 14 10:01:32 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/44554] Oct 14 10:01:32 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578 Oct 14 10:01:32 openvpn 30979 PO_CTL rwflags=0x0001 ev=5 arg=0x006a2710 Oct 14 10:01:32 openvpn 30979 TIMER: coarse timer wakeup 1 seconds Oct 14 10:01:32 openvpn 30979 I/O WAIT status=0x0020 Oct 14 10:01:32 openvpn 30979 event_wait returned 0 Oct 14 10:01:31 openvpn 30979 I/O WAIT T?|T?|SR|Sw [1/44554] Oct 14 10:01:31 openvpn 30979 PO_CTL rwflags=0x0001 ev=4 arg=0x006a1578

Thank you! That definitely pushes me in the right direction. I'm going to rebuild today!

Dear pfSense friends, Unfortunately I found this https://github.com/davidemyers/algo-pfsense saying "pfSense does not officially support the ECDSA certs created by Algo, but they do work when you choose Mutual RSA when creating the Phase 1. You may not be able to install ECDSA certs on pfSense versions older than 2.4." which relates to IKEv2, but not to OpenVPN. I read controversial stuff ECDSA vs RSA about security and speed. Shall I stay with RSA ? If yes, why is ECDHE anyway used whatever I enter in the DH parameter ? Many thanks ! and cheers chulio.

@viragomann got it and now my issue is resolved thanks.

I can push routes and other config parameters via the server, frustrating that this isn't one of them;/ My remote user base is about 40, if I had 100's I'd be very unpopular.

@johnpoz Yeah, I noticed. Originally I didn't save it directly on the forum because of the 2MB limit. But I tell you, I fixed it on the server adding a white background and flattening the PNG. Maybe you weren't getting it because Cloudflare caches things requested frequently--or maybe the browser, Chromium-based browsers in my case are always seem to be ignoring stuff, for instance: I cannot log in with smart cards to vCenter because it wouldn't kill the session while other browsers do. It would've eventually updated itself. I was already getting it with the white background. Thanks anyway, I won't post transparencies again, lesson learned.