• IPv6 over OpenVPN

    18
    0 Votes
    18 Posts
    3k Views
    GertjanG

    See image here https://forum.netgate.com/topic/156544/ipv6-over-openvpn?_=1599304505033

  • Multiple domain search for Windows clients

    7
    0 Votes
    7 Posts
    10k Views
    I

    thanks for your update. OpenVPN 2.5 will allow to pass a domain search list to Windows clients, see

    https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst (search "Support setting DHCP search domain")
    https://community.openvpn.net/openvpn/ticket/1209

  • 0 Votes
    4 Posts
    424 Views
    RicoR

    Glad you have it working now.

    -Rico

  • Firewall Rules for OpenVPN Tab versus Interface Rules

    11
    0 Votes
    11 Posts
    1k Views
    P

    @Rico Thanks for the link! I don't know why I didn't go there first.

  • Help!! When I connect to l2tp server i don't have access to internet

    35
    0 Votes
    35 Posts
    4k Views
    G

    @johnpoz netgear C300. yes when i configured my netgear as a brigde my laptop grabbed an IP public, but when i tried to configure wan interface trough dhcp, it shows as 0.0.0.0.

  • Site to Site OpenVPN, RDP times out after 20-30 seconds

    7
    0 Votes
    7 Posts
    759 Views
    RicoR

    Glad you have it working now.

    -Rico

  • Same CA for OpenVPN and Squid man in the middle?

    1
    0 Votes
    1 Posts
    117 Views
    No one has replied
  • 0 Votes
    4 Posts
    552 Views
    V

    @techsovereignty
    The remote devices need to use pfSense as default gateway to access them from the VPN client.
    If there is no option to set a gateway you have to nat the packets to these devices to the pfSense local IP.

    You're only talking about the router and the switch. I think, there will be other devices, which you're capable to access?

  • 0 Votes
    4 Posts
    1k Views
    viktor_gV

    @sceptre357 try to make a packet capture of the RADIUS response and check it for the network mask value

  • Cyberghost VPN disconnected today

    3
    0 Votes
    3 Posts
    490 Views
    M

    OK, the problem got fixed on the Cyberghost side. This can be closed.

  • VPN over LTE works but not over WLAN Hotspot

    5
    0 Votes
    5 Posts
    882 Views
    V

    @MrGlasspoole
    Yes, I guess it is blocked in these networks.

    You may setup your OpenVPN server to listen on port 443 TCP to avoid blocking.
    However, TCP has a worse performance than UDP. So you may also run two servers as I do. One is listening on 1194 UDP, the other is listening on 587 TCP, thinking port 587 is mostly allowed, since it is used on some mail servers.

    Then you can configure your client to connect to the second server if the primary isn't reachable.

  • No response to outgoing packets through VPN

    8
    0 Votes
    8 Posts
    727 Views
    S

    @sbuchanan Thank you so much. That was an exceptionally frustrating 2 days I just spent on this. It's almost more upsetting that it was just a single checkbox for an optional feature.

  • Firefox v80.0.1 breaks .opvn file download

    2
    2 Votes
    2 Posts
    429 Views
    johnpozJ

    Im using FF 80.0.1 and not seeing this..

    Just tested with multiple config for multiple openvpn instances running.

    The downloaded files are 6kb in size and look normal..

    BTW - I snipped out that IP you posted, you prob didn't want that posted.

  • Change default port from 1194

    3
    0 Votes
    3 Posts
    543 Views
    A

    @viragomann Thank you. We solved the issue by not using port 1194

  • OpenVPN Rules and Routing Problem

    4
    0 Votes
    4 Posts
    413 Views
    V

    There is no need to hide private IPs.

    @powerextreme said in OpenVPN Rules and Routing Problem:

    I don't know why if I specify the gateway the access to local IP's go away.

    Cause that rule allow only traffic to the specified gateway. You will need an additional rule on the top of the rule set to allow access to internal subnets.

    What do get on the client, when you try to access an internet resource?

    Check if you can access the web by using an IP instead of a host name to rule out a DNS issue.

  • 0 Votes
    2 Posts
    312 Views
    V

    @aimalkay said in OpenVPN Remote Connection unable to complete connection after update. Details/Screenshots attached:

    Packet Capture Output:
    02:13:59.922186 IP 52.202.215.126.49740 > [MYPUBLICIP].1194: tcp 0
    02:14:00.919181 IP 52.202.215.126.49740 > [MYPUBLICIP].1194: tcp 0
    02:14:02.923256 IP 52.202.215.126.49740 > [MYPUBLICIP].1194: tcp 0

    That packet capture shows TCP attempts while your server is on UDP.

  • Duo authproxy for pfSense

    1
    1 Votes
    1 Posts
    197 Views
    No one has replied
  • Cannot create VPN client

    5
    0 Votes
    5 Posts
    602 Views
    T

    I see the:

    WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.

    From your logs. Just to confirm, the guide you followed is this one, right?
    https://www.expressvpn.com/support/vpn-setup/pfsense-with-expressvpn-openvpn/

    It specifies, among other steps, providing the following custom options that include remote-cert-tls:

    fast-io;persist-key;persist-tun;remote-random;pull;comp-lzo;tls-client;verify-x509-name Server name-prefix;remote-cert-tls server;key-direction 1;route-method exe;route-delay 2;tun-mtu 1500;fragment 1300;mssfix 1450;verb 3;sndbuf 524288;rcvbuf 524288

    Do you have those custom options, and everything else specified in the guide? I'm not an expert on VPN client config, although I have run with Nord clients for a long time without issue. You may also want to post screen shots of your entire client configuration.

  • Super Slow OpenVPN

    2
    0 Votes
    2 Posts
    399 Views
    G

    I wonder if it has something to do with encryption. When I first implemented OPENVPN on our PFSense router [using the software on an old PC] i was having issues with speed. After doing some research I discovered that the CPU of the PC did not have any of the hardware crypto supported in PFSense. I then bought a cheap but 'newer' PC with an Intel I5 CPU and speed was never an issue again. Here is what I have now:
    CPU Type Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
    Current: 3400 MHz, Max: 3401 MHz
    4 CPUs: 1 package(s) x 4 core(s)
    AES-NI CPU Crypto: Yes (active)
    Hardware crypto AES-CBC,AES-XTS,AES-GCM,AES-ICM

  • Issue with OpenVPN access back to client

    6
    0 Votes
    6 Posts
    591 Views
    K

    OK, this has happened several times. What does "Type-of-Service" do? I have had this happen where everything is working just fine, and then all communication drops between the two networks. I go in and toggle off the "Type-Of-Service" on both firewalls and communication is restored.
    I have the TOS on (I'm thinking) so that my VOIP phone on the 2.0 network can utilize traffic shaping on the server on the 0.0 network with higher quality.
    I have not changed anything over the last few days, but just all of a sudden, this was blocked.
    I'm on 2.4.5-RELEASE-p1 on both machines.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.