Your screen shot doesn't show the upper portion of the OpenVPN page, what mode is the OpenVPN server using (should be in the top line of the OpenVPN server config screen)? Can you post the upper two sections of the OpenVPN server config "General Information" and "Cryptographic Settings"? What's interesting is that I don't see any lines in your screenshot for the Local and/or Remote IPv4 networks in the config.  Which would make it difficult for the connection to route any traffic. Did you use the OpenVPN wizard to create the OpenVPN server?

You might try to turn off NAT reflection on the OpenVPN port forward rule. That should stop internal connections from reaching the external port. Normally I'm fighting this case in the reverse sense (trying to make external rules work for internal traffic)  ;)

OK I got it. Had to setup a simple vpn traffic rule and allow pap authentication on the radius server.

The problem did turn out to be the provider, just for the record.  2.1.4 is fine at least regarding this issue.

@lokeshjango: hie guys i have configured strong vpn in my pfsense using open vpn setting. i basically want to set up my pfsense machine as a gateway so that all intranet traffic should go through my newly setup vpn interface in pfsense. as of now in system log openvpn showing no error. but after configuring from my intranet/LAN machine i am not able to access internet. i am not finding any solutions. https://forum.pfsense.org/index.php?topic=29944.0 and https://forum.pfsense.org/index.php?topic=59589.0 please help me as i am stuck on this point .. one more doubts i have just come in mind , how will configure my lan machine after configuring vpn in pfsense, i mean gateway?

I think I may have solved this with help from Zack__ on IRC. I'll update this when confirmed.

Looks like your PF has difficulties to route from OVPN client to LAN. Check your FW rules ?

Check this thread for having a smoother GW failure handling for small Alix architecture : https://forum.pfsense.org/index.php?topic=73243.15 Try not to ping Google as the server could response from a far location and produce high pings. Pinging too far can transform a ISP routing failure into a false link failure (seen from PF). So try to ping something close to you (geographically and/or in terms or router hop), but not your ISP GW : some routers (like Cisco does) are known to drop some ICMP ping replies (even if not under heavy load) and thus produce false high response time or false loss.

Is the vpn gateway in the same subnet as the vpn tunnel? Your vpn address is 10.200.5.x, but in the route command you used 10.200.4.0/24. These would be different subnets. What is your OPT1 interface? You have used the LAN address in rules there, but this is the address on LAN interface and will have no effect in these rules.

Strange but I just happened to notice that the vmware router was configured to simulate a slow link. Changed it to unlimited and the copy started to work. Happy for that but it still doesn't explain the firewall logs though. Will have to try and figure that out separately. Thanks for the reply.

Found it!!! Obviously, the office doesn't route my home LAN addresses. So I have to use outbound NAT with the IP address assigned to me. Once I had created a NAT outbound rule for interface OpenVPN, that NATs all my LAN traffic over the "Interface address", things started working like a charm. Nice, happy camper! :) Cheers, Jan

Then you'll also have to provide info about your BGP config on each node. That's not a typical VPN configuration and should have been disclosed in the original post.