• 0 Votes
    8 Posts
    414 Views
    H

    For clarity, I reset the client pfsense box to factory defaults.

  • Openvpn server configuration for mac os

    1
    0 Votes
    1 Posts
    87 Views
    No one has replied
  • pfsense answering on wan instead of openvpn

    10
    0 Votes
    10 Posts
    580 Views
    T

    @chpalmer That got me fixed up, thanks.

  • 1 Votes
    17 Posts
    1k Views
    R

    Hi to all

    so, little RECAP

    SITE A:
    Operator Router-> SWITCH -> ESXi with PFsense
    Public IP -> Internal Lan 192.168.1.0/24 -> PFSENSE wan 192.168.1.240 with GTW 192.168.1.1 and virtual Interface ovpn peer2peer

    SITE B:
    Operator Router-> Mikrotik -> Internal LAN
    Public IP -> wan 192.168.8.1 - LAN 192.168.88.1 -> Internal Lan 192.168.88.1/24

    Peer to Peer tunnel 10.10.11.0/28 ( site A 10.10.11.1 / site B 10.10.11.2)
    Connection OK between site
    ping - other service from B to A -> OK
    ping - other service from A to B -> KO

    PFSENSE CONFIG:
    29216526-883e-4dcf-be61-40e878d39ca4-image.png
    7512a6dc-e92b-4e3e-b89e-7c34e5d06f27-image.png
    6c54caac-b910-4b03-ad33-d67d0fddbc9f-image.png
    e4dd2f8a-3d7c-423c-bb16-400bbe6aae84-image.png
    0d34858e-90ff-4c9a-80c5-82a955a1864f-image.png
    a38cbe88-9c96-4f29-9d8d-863c109cc347-image.png

    With and Without CSO tested, but nothing change.

    NAT
    925d14c9-775d-4135-99b7-05c7910ba1a2-image.png

    Rules
    b0188b3d-c32f-4b06-96c4-c3e98b48c821-image.png

    2e40e12b-3fc8-441c-8e79-1dcf651b606d-image.png

    ROUTING
    69cb7bb0-c088-4e88-a8c3-619c3f95dce1-image.png
    bbda0e24-58d8-484c-b538-dc7b43ad78ae-image.png

    SITE B: MIKROTIK

    5d692e75-0ebe-4a90-a297-6944770da4e3-image.png
    7bb9e00c-ba65-4c21-9bc2-48d1c9d75a53-image.png

    Sorry for all the photos, but, it's to understand how the 2 devices were configured.
    Any help is welcome, I don't know what else to check or other configurations to try.
    Esxi has no rules on the internal switch.

    **thank you so much for all the advice already writed, and have a nice new week.

    ANDDD sorry for my English XD.**

    REGARDS

  • 0 Votes
    4 Posts
    701 Views
    N

    @peterzy thank you for your reply.

    In my case all the Mikrotik client devices are in the rural area, so maybe I can make the current VPN to work using UDP (this is the current config) and once I get access to the device I can change the config to TCP. If the device could get connected for a couple of hours for me that's enough.
    In this regards, could you please share the details about changing the PING settings so maybe I can get them connected temporaly.

    Thank you!

  • 0 Votes
    12 Posts
    674 Views
    V

    @PlanetToysUtah
    Is the CSO applied??
    Please show the log.

  • Do netgate pfsense plus support Message-Authenticator?

    1
    0 Votes
    1 Posts
    211 Views
    No one has replied
  • openvpn DCO mode Failed to open tun/tap interface

    6
    0 Votes
    6 Posts
    634 Views
    yon 0Y

    I don't think I have misconfigured it, because the same configuration works fine on Ubuntu. So it should be a problem with pfsense. Does anyone have successful experience using DCO on pfsense?

  • OpenVPN HA , too much wait before client gets shifts over to second

    1
    0 Votes
    1 Posts
    146 Views
    No one has replied
  • Server port

    3
    0 Votes
    3 Posts
    331 Views
    A

    @viragomann thanks buddy

  • restrict user to only reach one subnet

    5
    0 Votes
    5 Posts
    433 Views
    U

    @The-Party-of-Hell-No I tested its OK :-) thanks you!!!

  • 0 Votes
    23 Posts
    4k Views
    JonathanLeeJ

    @kprovost The speed difference is substantial with only having one enabled so much so I would say this would need a Redmine to only allow one to be selected at a time. Anyone else agree?

  • Openvpn Logs are getting erased on every new conenction

    11
    0 Votes
    11 Posts
    831 Views
    GertjanG

    @rajukarthik

    So it's a question about the OpenVPN client app called "Tunnelblick " running on a device that not pfSense.

    Ask Tunnelblick ?!
    Or use the OpenVPN app, also available for MAC ?!

  • invalid peer ID returned by kernel

    15
    0 Votes
    15 Posts
    753 Views
    JonathanLeeJ

    @kprovost thanks for your help I went from 18kbs-200 up to 580kbs that was significant with mss clamping max enabled

  • Certificate Renewal??

    6
    0 Votes
    6 Posts
    407 Views
    B

    @Gertjan
    The page links to an OpenVPN config files page which has no mention of pfsense.
    The CA,crt files look very odd in that they contain 2 lots of certificate data.
    I could not get either to work. The CA file sent to me by a tech support guy worked fine.
    Thanks again for your assistance

  • Azure Multi-Factor Authentication Server with OpenVPN brief How-To

    17
    1 Votes
    17 Posts
    15k Views
    D

    It is probably related to the NPS Extension for Azure MFA version, of which we have the latest 1.2.2216.1. My guess is that the prior successful posts were all written when using earlier versions of NPS Extension for Azure MFA.

  • OpenVPN suddenly broken!

    3
    0 Votes
    3 Posts
    318 Views
    A

    @Antibiotic Now remove everything regarding OpenVPN and adjust Wireguard from the same provider and traffic anyway not going over VPN. What the hell is going on with this BETA?

  • openvpn ED cert

    11
    0 Votes
    11 Posts
    1k Views
    I2e4perI

    Hello,

    i ran into this issue quite a while ago. Last time i tried to use ec25519 certs i went to the official doku pages.
    They are referencing to a list of compatible / accepted algorithm but unfortunately forget to put a link to this list into the dokumentation.
    Certificate Properties -> curve name.

    Does somebody know were to find this reference?

    Thank you very much.

  • OpenVPN dns

    1
    0 Votes
    1 Posts
    87 Views
    No one has replied
  • Site to site OpenVPN slow performance (2.7.2 CE)

    14
    0 Votes
    14 Posts
    1k Views
    M

    @snewby review the following from documentation
    Short of changing MSS, Options to scale ovpn are quite limited

    https://docs.netgate.com/pfsense/en/latest/vpn/performance.html#scaling-openvpn

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.