Hmm, the username from openvpn should be in one of the environment vars it's checking. Open a bug report at https://redmine.pfsense.org/ and we'll take a look at it to see why it isn't getting the username as expected.

Or it could be Mac issue. I just tried Viscosity and it has the same issue.

@cmenning: LAN clients can access AWS assets via private IPs using the IPSec tunnel. So you will have set up an IPSec phase 2 between your LAN and the AWS LAN. The same thing is necessary for the OpenVPN tunnel network and the AWS LAN to get access to the remote devices from road-warrior clients. However, I'm not sure if multiple phase 2 are possible on AWS.

Yes, it was the firewall. After installing Kaspersky there was "another" firewall manager above the Windows firewall. There I had to add the subnet and add the connection to "Local LAN". Thanks a lot! -demux

OpenVPN itself doesn't support that. You can make a copy of the server and keep everything the same except for the tunnel network and protocol, adjust your WAN firewall rule, and then you can pick either protocol on the client.

It wasn't a pfSense problem but a FreeNAS one. I was run the OpenVPN client on a jail. Once I use the OpenVPN build in FreeNAS the problem has disappeared.

bump

No. I am getting same IP results with whatismyip.host and other  websites such as whatismyip.live I am using PureVPN and visited both websites. Here are the results: http://whatismyip.live  IP results: [image: Screen_Shot_04_19_18_at_03_27_PM.png] http://whatismyip.host results: [image: Screen_Shot_04_19_18_at_03_27_PM_001.png]

You need to: add all of the remote networks each site should be able to access to the Remote Networks at those sites be sure the OpenVPN firewall rules pass the necessary traffic into each firewall

U have show me that this setup must work and doesn't have any conflict, different instances. jimp I will jump into the setups, 1 site is not under our management only. I will go deep into the setup and let u know our progress. Thanks. :)

You can't use AirVPN gateway to monitor with dpinger. You need to use an external gateway. It used to work, but something has changed either from AirVPN side or from Pfsense since 2.3.x

Yeah I think I did it like that already but tried exactly like that and still doesn't work.

It's fixed on 2.4.4 snapshots. If you see that error, edit the firewall rule in question, pick the right protocol, then save/apply.

Sure , i will try that. Thanks a lot for your time..

@johnpoz: T-mobile went ipv6 only on their cells awhile back.. And there was a bit of a learning curve for their gateway from ipv6 to ipv4…  For a short time I had enabled a ipv6 instance of vpn so I could get in with my phone..  But they corrected their problem and I can now vpn in via ipv6 phone connection to my IPv4 IP on pfsense. Please can you elaborate what did you have to do on the pfsense side to get it working with tmobile ipv6. If I use my vpn server the phone shows my vpn ip for IPv4 but shows tmobile ipv6 address. Is it possible to change pfsense vpn server so that it offers ipv6 address too? What should be the ipv6 server address akin to 10.8.0.4 in IPv4?

Probably a host name. The provider needs to be free to change IP addresses without breaking everyone.

@viragomann: There's a bug in the wizard of the last stable version: https://redmine.pfsense.org/issues/8391 Edit the OpenVPN TardisHomeVPN rule on WAN and set the address family to IPv4 and select UDP protocol and save it. I edited the rule but same error. I just deleted it and made a new one from scratch. Now it works. Thanks