@Gertjan I figured out the php logging to syslog.

@eduardon said in Pfsense Openvpn com cliente Slackware: Pessoal alguém pode dar uma ajuda, estou começando a atuar no ramos de varejo e o meu contratante, usa PDV com o Slackware, temos um Pfsense com o openvpn tap e eu preciso fazer os pd's da loja 2 falarem com a loja 1, antes de eu entrar na empresa tudo era feito com redir de porta e tudo aberto na internt, só falta isso para acabar com os redirecionamentos. From Google Translate Guys, can someone help me, I'm starting to work in the retail business and my contractor uses POS with Slackware, we have a Pfsense with openvpn tap and I need to make the pd's of store 2 talk to store 1, before I entered the company, everything was done with a port redirect and everything was open at the internt, all that is needed is to end the redirects. What do you mean by "pd"? By port redirect, I assume you mean NAT (Network Address Translation). O que você quer dizer com "pd"? Por redirecionamento de porta, suponho que você quer dizer NAT (Network Address Translation).

@viragomann Thanks, that's the nudge I needed. I was able to figure the rest out and I'm good to go!

Thank you, Old 2.3.5 are Alix boxes leftovers from the past, but I would like to give them to WFH employees for site-to-site connections. I would like to know if there is a major incompatibility between 2.4.5 and 2.3.5 for site to site (either OpenVPN or IPSec). best regards

@M0L50N I suggested above to set the tunnel for A to 192.168.130.32/30 and for B to 192.168.130.36/30. Additional I would use a net /30 topology in the server settings. So each client gets its own /30 subnet with an IP for the server and one for the client.

Another way would be to just copy and paste it out of your ssh client after viewing it with cat. [image: 1605793271002-cat.png] Or you can just sftp to pfsense and download it that way if your having issues with the scp commands. Filezilla supports sftp [image: 1605794549085-sftp.png]

I was at an event where I ran into NineStar’s CEO and asked him, whether there was someone who could help me, because I had increased suspicion that it was an ISP issue. The following day I got a call from NineStar’s CTO who almost immediately knew what was up. He directed his staff to provide a solution, which is working great. See also my related post. Thank you very much to all of you for helping troubleshoot!

I'd be quite interested to hear if you got this working. I just purchased a dedicated IP through VPNArea and am trying to setup an OpenVPN client for it. Having some trouble. I am waiting to hear back from their tech support on my latest set of questions.

status can be acquired by changing 'restart' to 'status' [root@pfsense.lan]/root: pfSsh.php playback svc status openvpn client 1

Something to read: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg16128.html

In that screen the "client instances" are clients where pfSense is connecting to other servers. That has no relation to remote access servers on pfSense. If you have a remote access setup that would be up higher on the page

i have the same error [image: 1605472724651-cf241614-06f7-4c34-9592-f42158912c9f-image.png] Current Base System2.5.0.a.20201114.1250 Nov 15 19:39:29 radvd 37186 returning from radvd main Nov 15 19:39:29 radvd 37186 removing /var/run/radvd.pid Nov 15 19:39:29 radvd 37186 sending stop adverts Nov 15 19:39:29 radvd 37186 exiting, 1 sigterm(s) received Nov 15 19:38:52 radvd 36851 version 2.18 started

Problem solved. After I enabled NCP and added ncp-ciphers AES-256-GCM:AES-128-GCM:AES-128-CBC I forgot to create a new client certificate ... my mistake. Creating a new client certificate got me connected.

The issue was resolved by check option: Username as Commnon name. ![image: 1605401616552-whatsapp-image-2020-11-05-at-10.12.00.jpeg]

Please ignore my stupidity. For posterity, the "mystery" route was from an old IPSec config I forgot to disable.

@jimp thanks for your reply. May the documentation need to be corrected in order to reflect this scenario?

Well, I'm sitting here having a nice tall glass of Noob Cola. Very refreshing! Yes, it was a firewall issue in the end and face-palm. I had to turn on the rule to allow File and Printer Sharing (Echo Request - ICMPv4-In) in Windows 10 and modify the scope. Thank you for the reminder for the "is it plugged in" rule.

FYI, it works. I had to change to the GW which is made "automatically" so I guess there is no need to manually create it for openvpn local routing? There was also an issue with older cname client names, which had to be addressed. Now back to the original task, connect openvpn to ipsec network :)