Maybe a link in the tutorial to http://www.openvpn.se/mycert/ would be nice too.

Ok…
Thanks... thought so...

then I'll test a little more  :P

cheers,

i will add all solutions & fallbacks to the tutorial
so we can prevent further problems like these.

will be online next week.

kind regards
dairaen

ok scratch that. its fixed

ifconfig tunX destroy

Maybe you could add a "Beware of your gateway" line in the section where you're supposed to test your new VPN tunnel?

done ;)

Your not going to like to hear this but I went with IPSEC vpn's instead.  The interface is much more reliable and pfsense's implementation will allow you to configure the server as a remote client portal.  All the pfsense clients connect as if they were a site to site and it takes care of all routes beautifully.  It doesnt matter if they are dynamic or static ip's with this conifig also.  I will keep checking with OVPN and hopefully they will have all the kinks worked out soon.

After the openvpn tunnel comes up, openvpn launches our script that reloads the filter rules, then it notices tun0 and sets everything up.

Update to the latest 1.0-RCe… Upload a, b,c,d,e.

We changed how OpenVPN is launched now.

Thanks, now its works

Neither on IPSEC in 1.0 if that is the next question.

Do NOT assign tun interfaces to pfSense interfaces, under ANY circunstance. If you're getting timeouts, you're missing a pass rule on WAN on your firewall rules or something like that. Again, I can't stress enough, DO NOT ASSIGN TUN INTERFACES!

I am having the same issue and have recently upgraded to R3 with no help.  I also tried downloading the latest snapshot but the images arent available from the link.  Any ideas?

Yeah, that only works when bridging, and well, you can see the novella being created by my efforts to get that working. :P

Ah didn't figure that out - must be missing the "both" keyword in the "ports" keyword description. Thanks for pointing out. Yeah, right, the tunnel is supposed to be established between the two devices on the same port on both ends, as that makes maintaining the firewall ports easier and more transparent.

That howto needs some additional work. Seems there are some things not completely correct. You won't open up your network to the whole internet, only to authenticated clients that then have an encrypted connection to your site.

OpenVPN should work, as long as its standard UDP Port (1194) ist properly redirected to the pfSense box behind the Cisco. The other pfsense on the ADSL (I assume) line should work just fine. Anything further depends on the ip/netmasks used on either side and the mode used for openvpn. But at a first glance I can't see anything that should spoil the fun here - as long as the cisco is fowarding the openvpn-udp packets adressed for the public ip to the pfsense on its transfer-net (wan)

This is going to sound dumb, but just reload.  Seriously.

I've had this bug occur on firefox on various platforms depending on what extensions I have installed.  Reload, disable NoScript, whitelist the site in Adblock, do whatever you have to do to make sure javascript executes, etc etc etc.

It'll come back.  If not, try leaving some cat food out on the front porch.  Maybe it'll find it's way home then.  ;D

there are also route-up and route-down, plus just plain route statments that can be placed into your server config.  ;D

Please look more carefully at the examples.  You'll be amazed at how customized openvpn can get.

For users portuguese and brazilian

http://www.dicas-l.com.br/dicas-l/20060316.php

Article in portuguese about Openvpn and create keys

I solved this problme with custom option of push "redirect-gateway".

Thank you.