I forgot to mention that when I make a PPTP VPN between the two networks it works both ways no problem to access the shared files!  ??? but ofcourse that's different for thr OpenVPN I'm pretty sure I have to add some route in the config file or in pfsense gui but I can't figure what exactly. i tried in windows: "route add 192.168.50.0 mask 255.255.255.252 192.168.10.5"        but still no access to \192.168.10.6 my openvpn ip is 192.168.10.6 (and my physical ethernet adapter uses 192.168.50.0) but i saw in the ovpn gui that it pushes the routes to 192.168.10.5 so i guess that is my gateway … or am i wrong? probably... Cry Havoc , please i'm sure you know the solution. you're the man :) cheers

AON works as expected, thanks again for your help.

Thanks ! I had solved the problem myself. Regards, CQ

Works!!! Thanks for help.

@franklookyou: You might also try browsing the OpenVPN users mailing-list (http://news.gmane.org/gmane.network.openvpn.user).  A quick look over the past month turned up a couple of people asking about similar-ish problems. Ah.  Excellent.  I'll take a look there.  Thanks for the link.

http://forum.pfsense.org/index.php/topic,5282.0.html

okay - with these custom options i get this log route 192.168.3.0 255.255.0.0;route 192.168.4.0 255.255.0.0;push "route 192.168.1.0 255.255.0.0";push "redirect-gateway def1";dev tap0;server-bridge 192.168.1.1 255.255.255.0 192.168.1.150 192.168.1.165 Feb 3 11:38:41 openvpn[49146]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008 Feb 3 11:38:41 openvpn[49146]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible Feb 3 11:38:41 openvpn[49146]: WARNING: Since you are using –dev tap, the second argument to --ifconfig must be a netmask, for example something like 255.255.255.0. (silence this warning with --ifconfig-nowarn) Feb 3 11:38:41 openvpn[49146]: gw 192.168.2.1 Feb 3 11:38:41 openvpn[49146]: OpenVPN ROUTE: OpenVPN needs a gateway parameter for a –route option and no default was specified by either --route-gateway or --ifconfig options Feb 3 11:38:41 openvpn[49146]: OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.3.0 Feb 3 11:38:41 openvpn[49146]: OpenVPN ROUTE: OpenVPN needs a gateway parameter for a –route option and no default was specified by either --route-gateway or --ifconfig options Feb 3 11:38:41 openvpn[49146]: OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.4.0 Feb 3 11:38:41 openvpn[49146]: TUN/TAP device /dev/tap0 opened Feb 3 11:38:41 openvpn[49146]: /sbin/ifconfig tap0 192.168.5.1 netmask 192.168.5.2 mtu 1500 up Feb 3 11:38:41 openvpn[49146]: /etc/rc.filter_configure tap0 1500 1573 192.168.5.1 192.168.5.2 init Feb 3 11:38:41 openvpn[49160]: UDPv4 link local (bound): [undef]:1194 Feb 3 11:38:41 openvpn[49160]: UDPv4 link remote: [undef] Feb 3 11:38:41 openvpn[49160]: Initialization Sequence Completed if i remove all but dev tap0;server-bridge 192.168.1.1 255.255.255.0 192.168.1.150 192.168.1.165 i get this in the log Feb 3 12:06:11 openvpn[52031]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008 Feb 3 12:06:11 openvpn[52031]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible Feb 3 12:06:11 openvpn[52031]: WARNING: Since you are using –dev tap, the second argument to --ifconfig must be a netmask, for example something like 255.255.255.0. (silence this warning with --ifconfig-nowarn) Feb 3 12:06:11 openvpn[52031]: TUN/TAP device /dev/tap0 opened Feb 3 12:06:11 openvpn[52031]: /sbin/ifconfig tap0 192.168.5.1 netmask 192.168.5.2 mtu 1500 up Feb 3 12:06:11 openvpn[52031]: /etc/rc.filter_configure tap0 1500 1573 192.168.5.1 192.168.5.2 init Feb 3 12:06:12 openvpn[52044]: UDPv4 link local (bound): [undef]:1194 Feb 3 12:06:12 openvpn[52044]: UDPv4 link remote: [undef] Feb 3 12:06:12 openvpn[52044]: Initialization Sequence Completed this is the entry i'm referring too Feb 3 12:06:11 openvpn[52031]: WARNING: Since you are using –dev tap, the second argument to --ifconfig must be a netmask, for example something like 255.255.255.0. (silence this warning with --ifconfig-nowarn) i'm not sure how to go about it

Sorry about this. I rebooted the box and all seems fine now. Log message are just what you'd expect to see. Regards Mark

Hey Franky I tested this again on 1.2.2 over a wan link and it works just fine, so sorry about all this. Your how-to is spot on, top class! Cheers

Anyone? :(

I don't use port forwarding for this connection. I connect directly to the openVPN port which I added in the firewall rules.

okey.. thanks.. but..now problem is.. Mon Jan 19 15:01:02 2009 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct  1 2006 Mon Jan 19 15:01:02 2009 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Mon Jan 19 15:01:02 2009 Cannot load certificate file client1.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib Mon Jan 19 15:01:02 2009 Exiting why when i open openvpn gui to connect this log i have?

Hi, I have just implemented a solution where I connected the OpenVPN server to my Radius server (Internet Authentication Service - Microsoft). I did this with the plugin openvpn-auth-pam. After a lot of problems it finally works ok. Te plugin you may revceive from the openvpn installation kit. There is also a plugin named openvpn-auth-ldap on the net. Look in the forum there some pointers to it. Good luck. Ariel

Can you be more specific what's not working? Also a "bit" more information would be welcome.

Perfect it runs!!!!!!!  :)