If it doesn't it is because it actually reconnects. I have never seen ssh do that.

So I fired up a VM of pfsense.. running 2.4.1 I created a client connection, big bang zoom connected.. I then created a server connection.. Running just fine.. This took all of 5 minutes to setup.. Your going to have to give us some details if you want us to help you other than saying its not working.. Like the openvpn log of client connetion.. The log of the server starting, etc.. Attached you can client connected and server running.. [image: workingjustfine.png] [image: workingjustfine.png_thumb]

Try this NAT outbound rule: Interface: NordVPN Client Protocol: Any Source: Network (OpenVPN Server Subnet) Destination: Any

Gotcha - I figured as much. We run rds connections via wyse thin clients through our broker and 1-2 drops disconnects their session. CSR's complain but it doesnt kill them as a simple click back in, but production may not be at their machine. We run live monitoring on our plant machines and this is where the issue comes into play as if they do not reconnect quickly, the RPM data is lost. Anywho thats an issue in itself so with that being said, I will test this package and see how it goes. Thanks!

Sounds like what people reported in this thread, see what, if any, of these things apply: https://forum.pfsense.org/index.php?topic=138608.msg764734#msg764734

Narrowed down the issue to PFBlockerNG, disable that service and I can access the internal LAN via OpenVPN Server…Will need to read up on PFBlockerNG.

Thank you for the quick reaction, Jim

@Murrayd222: Greetings, I'm curious if it is possible to run an OpenVPN server to permit remote connections to my network, via iPad and scuh, while also taking advantage of the benefits offered by Private Internet Access.  I finally got my OpenVPN server up and running and remote connects now work flawlessly.  However, when I installed PIA as instructed in the PIA pfsense router setup, the status shows as "down."  The only step I skipped was deleting the various certificates required to make the OpenVPN server work. I'd like the benefits of remote access to my network as well as the benefits provided by PIA.  Any suggestions or guides that I've missed.  My experience with pfSense consists of about a month, with MANY failures trying to get the OpenVPN server up and running. EDIT: Ok, after more tweaking, factory resetting, and more tweaking…I have everything working except one thing.  I can connect to my network via the OpenVPN server, I have the PIA VPN Client pushed to the network IP addresses I want going through the VPN.  I can remotely access both Plex and my Blue iris surveillance server.  However, there is one thing I cannot get figure out and I'm sure it has to do Firewall Rules or NAT Outbound rules.  When remotely connecting to my OpenVPN server, I want those connections to be able to access the Internet as well.  Currently, any remotely connected client to my OpenVPN server can access network IPs only and any attempts to connect to the Internet are being blocked.  The OpenVPN Server is assigned its own openvpn interface and the PIA Client is assigned its own unique PIA Interface.  If I disable the PIA client, then my OpenVPN Server connections are able to access the Internet.  Once I restart the PIA client, the Internet access of the OpenVPN Server connected clients stops.  Anyone have a suggestion or guide on how to setup the needed rules? EDIT 2:  Well, the recently changed NAT Outbound (posted below) granted my OpenVPN Server remotely connected clients to access the Internet, but it broke their ability to access LAN clients.  How can I get both Internet and LAN access for clients remotely connected to the OpenVPN Server? EDIT 3: Never mind, all is working correctly, but for some reason the remote desktop cliet on my iPad isn't connecting this morning where as the RD app on my iphone is. Current NAT Outbound Rules: [image: y4mEXk7KoQU4B6sPRulJ_3SN2BOScjfJynnv8r4UlVNvOxBcscO3eIZrI4cg39LE1QJHkYVcJRHesBtzdJy9YpkBIvgAfmQEyUXF0HzPY-tQvEGfVGMT8ASmZNu3vtbX_qsT1GVVagx9fzJTUBvkDl4pw3T9nC_ZGQAVKtt6-ymNDlFKnz-uZeb_olGAoKDIvPpjWS8vVK-RhlFUg45izcphg?width=1153&height=681&cropmode=none] Current Firewall Rules for WAN: [image: y4mySYudi7gkWW8wEFYd_G1W890iw462qh1MsshjdxO1-fGHQZqHwDQszktCJ2WcdIG5zV5VYNNEzbofY1wXUvEqx4JxzmpLmU3d5Er9QcSb9ARWxe8HAMYgZnS753dpHfGBzQtRTjLWtD1tM3LC0V-p5q1cLvVUVOMHNv8t3s6iy3KwXCZd1-qKRy_NzUl-cxkTXJs9khUZCIutISxj-Z0Nw?width=1151&height=401&cropmode=none] Current Firewall Rules for LAN: [image: y4mrTSc2Ovy84OczAWnfQoe0StvXA3q0zTRXuopL8cSTC6L4OYTBZbtKXdcCrDHgjI-BbIsQRl3XWxreywm08I12hgOh98twt297-sKOFcNulD4g-AFnbE3jD7np9LhRdXx4ozY3YutyPmDw438yNhhgeTItJ5v20wTJ2UiWsVpJVfPL0133FVTt_4KGHYHHZlq7wtq2ZD76mqe3wcWiErDTA?width=1151&height=541&cropmode=none] Are these above your working settings? Can you please please share your current working settings? I can't get them to work together no matter what I tried. I've spent the better part of the past 3 days epxerimenting with all possible combinations. I did factory resets, installed the server first and then the client and vice versa. Played with all the possible rules I could think of. Duplicated the existing outbound NAT with values both for OpenVPN and PIAVPN. I would be greatful if you could share the server's and client's config as well as the rules in WAN, LAN (or anywhere else) and also your NAT/outbound tab. I have created separate interfaces for the PIA Client and the OpenVPN server while the ''don't pull routes'' option suggested by  @viragomann disables completely the PIA client and then magically the OpenVPN server will accept the connection from my Android client. I have already asked in several topics but failed to draw any attention so I'm hoping you could help me out. Otherwise I'll have to open a new thread. I just did not want to do as there are many like us who had the same issue and the forum is full of similar threads…

@pfsensory: What I decided to do was revert my pfSense box to a backup (before I started messing around with this), and redo everything again.  Now everything is working great. One question though - I am using a tun connection, which is working fine for my purposes except for one issue.  I use Syncthing, and I would like to be able to have it sync files when I am connected to the network via VPN.  However, because Syncthing accesses devices by IP addresses, and the VPN client device now shows up under a different subnet (10. for the VPN client, 192.168. for the main LAN), the syncing devices do not see each other.  Is there some way I can get these to connect? And one more question - this time when I set things up (using the VPN wizard), no interfaces got assigned to ovpns1 or ovpns2, and there are no corresponding tabs under the Firewall rules (although rules were set up for me at the end of the wizard), unlike when I did everything manually last time. Everything seems to be working fine, but should there be something there? Hello. We have a similar setup running both OpenvPn Server and a PIA client and I was hoping you could share your settings as I can't get them to work together…. That would be greatly appreciated as it seems I'm not getting any support from anywhere for such a common thing.

Hi, my Site to Site is now running and i have setup according recommendation, it means that i have no static routes. The final solution was to reset the states and take a /30 tunnel network. Thx and Bye

At least on 2.4.2, I can't find any problems. No CRL = Connects Empty CRL = Connects Cert in CRL = Doesn't connect (and it shouldn't) Using a different cert not in the CRL = Still connects. Maybe it got fixed along the way with something else, but it doesn't seem to be an issue on 2.4.2.

If you haven't set the default route manually in NetworkManager it must be pushed by the server. So please post the server configuration and the clients routing table.

Same with me or like i did. Deleting it solved ALL the problems there were with the gateways, the ifconfig problems and everything else. In a second :(

Thanks, this was a really helpful hint as I had exactly the same problem with openSUSE Tumbleweed!

@dad311: Ive successfully setup OpenVPN remote access and PIA OpenVPN client.  Both work, but both dont work at the same time. If I have the PIA cleint enable, remote OpenVPN clients will not connect.  I believe the issue is remote access traffice is coming in the WAN interface and going out the PIA interface. Anyone know how to force my Openvpn server to use the only WAN interface?? thx Have you by any chance found any solution? I suspect there is a Firewall rule conflicting between the 2 interfaces/instances of OpenVPN - the PIA side (client) and the OpenVPN server which we inetnd to use to connect to our home network form a remote address.