@viragomann thank you sir

Damn that’s encouraging

No, the static route is applied to the OpenVPN traffic as well. But the providers router may not have a route for the OpenVPN tunnel network. So I guess, its default route is not passing pfSense? If that's the case, you either have to add a route for the tunnel network to it, pointing to pfSense or do NAT on pfSense for traffic the the network behind the router. Another reason may be that access from the VPN tunnel is blocked. This can also be circumvented by NAT.

Thank you all for your contribution. I finally solved the "overvpn not using pfblockerng filter" by simply adding pfsense IP address (192.168.2.1) in to the OpenVPN server setting-->Advanced Clients Setting-->DNS server enabled-->DNS Server 1. No need to regenerate/export client ovpn file.

@johnpoz thanks mate, i worked it out and its now working 100% to my needs.

Yeah, I decided to just use the following instead and its working. push dhcp-option Domain "domainname"

Gertjan, Thank you, I changed it to 192.168.9.0/24 and now things appear to be working!! I'd tried that at one point but when I did the OpenVPN service wouldn't start for some reason, the log said something about a subnet mismatch (don't have log anymore) and I couldn't connect at all, when I brought it in to 192.168.0.0 the service would run. Not sure what the problem was before but it's working now. Thanks again!

So that is a site-to-site configuration? And you can reach the servers LAN from the clients LAN? Have you added a firewall rule on the client OPT3 to permit access from the other site?

@techjunky said in OPENVPN and IPERF not working: Enabled AES-NI cpu on the Netgate 3100 and now I am getting 10Mbit compared to 6Mbit. So it did help a little. That is interesting since, as the SG-3100 is an ARM device, it does not have AES-NI.

@robertko huh! I'm not sure that dhcp mode is the reason itself (my pf wan interfaces based on dhcp both) But slow dhcp lease process could affect restoring process. It is great that you solved it! Congrats!)

Glad you got it working.

I did have this same issue with Nord. I believe it is something to with their config. When I would setup Nord to run on my 7gen intel pfsense box, i would get 120md down before i routed my traffic to it. When I routed my traffic to my nord connection I would lose approx 75 to 80% of my bandwidth. I was told by Nord that it was an openvpn issue. So I decided to test it with ExpressVPN. I did not experience any bandwidth loss with ExpressVPN. Take it for what it's worth.

Yes sure, why do you think this could be a problem? -Rico

@EFP-TechTeam said in pfSense OpenVPN site-to-site client dies every day or two.: The logs don't give a lot of clues. What do they say?

@bcruze Thanks for the reply. Lesson to myself. Don't add IP's to an alias list when it's late at night and you are tired.. 192.158.0.10 will not work for the desktop with the IP address 192.168.0.10 for some strange unknown reason...:)