• PfSense routing internet traffic to tap0 after setting up bridged OpenVPN

    Locked
    2
    0 Votes
    2 Posts
    3k Views
    K

    Well I fixed the routing issue on pfSense by adding "ifconfig 10.0.0.5 255.255.255.0" to the custom options for the VPN.  But now my Windows client isn't routing my 10.0.0.0/24 traffic to the VPN.  I had it working originally but I don't even think it was working before I added the ifconfig to the VPN.

    EDIT: Added "route 10.0.0.0 255.255.255.0" to the client config and all seems to be well.

  • Port forward to openVPN clients

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    Cry HavokC

    Your diagram doesn't show where OpenVPN fits it, which makes it hard to answer.

    The short version is - it is just networking, forward ports as you would normally.  Remember that the end point needs to have a fixed IP address.

  • How to start the bridge in pfsense 1.2

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    A

    i just had to typethe word edit at the end of the ipaddress for example 192.168.1.15/edit.php

  • Openvpn users to access second site LAN

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    P

    Thanks neo.matrix_23, solution works in my end too. Best regards.

  • LAN computers can't reach computers behind OpenVPN Server

    Locked
    20
    0 Votes
    20 Posts
    20k Views
    E

    Okay, Reply #13 was very helpful. I added tun0 as OPT1 and then added an outbound NAT entry and now LAN traffic is able to go out the OpenVPN client.

    Thanks GruensFroeschli for that tip.

  • Pfsense as an openvpn client of endian?

    Locked
    2
    0 Votes
    2 Posts
    3k Views
    Cry HavokC

    OpenVPN works with public/private key pairs.  You need to issue a certificate to the client for it to connect.

  • Dropped packets on WAN interface when uploading from VPN

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • 1.2.3 RC1: OpenVPN Filtering

    Locked
    13
    0 Votes
    13 Posts
    7k Views
    jimpJ

    @ndelong:

    Go to Interfaces > OPTx (you just created) and assign an IP. I typically use the IP address that OpenVPN defaults to when you first create your VPN (x.x.x.1). I've used both /24 and /32 as the subnet with success. I agree with jimp that you could probably put anything in here.

    You should actually set this to "none" here instead. It's a shortcut that will just not assign an IP, instead of using an invalid one.

  • Openvpn settings

    Locked
    8
    0 Votes
    8 Posts
    4k Views
    Cry HavokC

    That's your problem then - if you search the forum you'll find how to make the disk writeable while you configure OpenVPN.  I don't remember the details myself.

  • Has anyone done RSA SecureID key fobs?

    Locked
    2
    0 Votes
    2 Posts
    4k Views
    R

    I haven't done it with pfSense but I have setup SecurID with ASA/PIX numerours times. The SecurID Server has it's own RADIUS server. Then use the sticky post in this forum for configuring PAM to use RADIUS with OpenVPN and point to the RSA RADIUS server. Can't see why it won't work.

  • Internet access via OpenVPN

    Locked
    9
    0 Votes
    9 Posts
    4k Views
    Cry HavokC

    Can I strongly suggest you:

    a) Read the documentation for OpenVPN, as found on the OpenVPN site
    b) Stop making random assumptions based on nothing but guesswork

    You add that setting (push redirect-gateway def1) to your OpenVPN server configuration (which is what you asked about).  That will then cause the default route for traffic to be through the VPN.  Assuming you've configured the rest of your network accordingly you can then browse the Internet.

  • OVPN client can't reach some LAN clients.

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    A

    can you vnc to 192.168.0.206 ? and ping back to 192.168.0.205, also what about windows firewall is it diabled on both computers , are the computers on the same switch or different switches

  • Openvpn on pfsense treats valid certificates as REVOKED

    Locked
    3
    0 Votes
    3 Posts
    4k Views
    T

    solved, :) I had to be more attentive to my index.txt and ca.crt content..

    my old ca.crt has serial 00 (not sure why - historical) and .. of course it was treated as revoked by crl as far as there was client certificate with the same serial number, wich was revoked ages ago and ..there were no any crl checks (historical again)
    unfortunatelly I have just two ways.. rebuild all certificates or make client certificate with serial 00 valid ( first is better )

  • 0 Votes
    28 Posts
    62k Views
    N

    @caigeliu:

    Hi uz, I'm having a problem exactly as yours:

    –-------------- your log -------------------------
    Jul 29 14:26:00 gw openvpn[471]: XXX.XXX.XXX.XXX:55929 TLS Error: Auth Username/Password was not provided by peer
    Jul 29 14:26:00 gw openvpn[471]: XXX.XXX.XXX.XXX:55929 TLS Error: TLS handshake failed
    Jul 29 14:26:00 gw openvpn[471]: XXX.XXX.XXX.XXX:55929 Fatal TLS error (check_tls_errors_co), restarting
    –----------------------------------------

    Would you please let me know how you solve it. Thanks.

    Also hope any one can give me some hint to solve it. Thanks.

    Add this parameter in your client config file (client.ovpn): auth-user-pass
    TIPS: The file /etc/radius.conf need to have an empty line after the 2 lines acct and auth

    Hope it helps

  • Transparent Firewall with Openvpn

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    Cry HavokC

    In theory you'll find the routing configured on the OpenVPN server will handle that.

  • Use remote DNS servers when connected via OpenVPN

    Locked
    3
    0 Votes
    3 Posts
    5k Views
    X

    No, this is a regular client to server VPN. I've set up DNS server manually and all worked. Now I wonder how do I set up a default gateway for VPN connection…

  • Openvpn Lan connection from client

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    B

    @kmichal:

    I have the same exact problem on TWO pfSense boxes, and I'm getting desperate.

    The information is from three different setups. Anyway, the routes are all messed up and it will never work like that.

    He had to delete the following directive to get it to work.

    push "route-gateway 10.12.0.1"
  • Allow a single IP on my LAN clients who connect with OpenVPN

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    Z

    ok thanks you

    @Briantist:

    I'm not 100% clear on what you mean, but I think you're asking about filtering an OpenVPN interface. If so, this can only be done on 1.2.3 and it's kind of buggy. There have been several posts about it. If you want to try it, you need to disable auto created VPN rules in advanced options, and then add the openvpn interface as an opt. If you have other existing VPNs setup (of any kind) be careful here and don't forget to recreate rules for them.

  • 0 Votes
    5 Posts
    3k Views
    Cry HavokC

    You need to create the rule on the LAN interface - all pfSense rules apply to the interface the traffic arrives on, not the interface it leaves on.

  • Windows 7 64 open vpn client

    Locked
    3
    0 Votes
    3 Posts
    3k Views
    Cry HavokC

    I can confirm that it works fine with the 64bit Windows 7.

    Note that questions about OpenVPN clients are probably best asked on the OpenVPN list ;)

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.