Consider that there is also a static route for 192.168.32.0/24 needed on router A. However, the interface on B facing to router A a is a DHCP configured. It should have a static IP.

Just edit the subject of the thread and put in solved at the beginning {solved]

Okay guys, I updated to the latest 2.4.4. and now OpenVPN does not work. Nothing changed but the upgrade. After chasing my tail some, I thought I would see if anyone else is having the same issue. I could upgraded another unit and see if the problem follows, but it is an hour drive away and I really don't want to lose control of it. I thought I was onto something by testing in Diagnostics/Authentication, but apparently I've forgotten the proper way to test. So I have to go back to basics and step by step it. Hope someone figures this out.

Set the destination of the NAT translation to OVPN_VPN address. Be sure the rules passing the traffic do not match on the OpenVPN Group tab, but do match on the OVPN_VPN tab. The easiest way to be sure is to not have any rules on the OpenVPN tab. Care will have to be taken if you have other OpenVPN servers or clients defined. Be sure the default gateway of the 192.168.0.233 host is pfSense. Be sure the firewall on 192.168.0.233, if any, passes traffic from arbitrary sources. https://www.netgate.com/docs/pfsense/nat/port-forward-troubleshooting.html If you take more packet captures, please do them on the 192.168.0.0/24 interface the server is on. If you don't see any traffic there, check all of the above again.

Thank you very much, I configured the modem bridge and pfsense PPPoE and all is ok !!! Thanks

Hi DotDash, Thanks for your speedy reply. This is a shame, i must have missed that part during the googling sessions. I guess I'll look into getting a higher clocked speed AES-NI Intel Chip instead :) Cheers, AlienX

I talked with the cloud provider and we used their VPN solution (I think it's Fortinet based) and everything went ok in all cases, including tan IPSEC tunnel between another pfSense and the provider endpoint. Any idea on where to check?

@rico said in Improve OpenVPN throughput: @gsmornot I don't think GCM use multiple cores... With my SG-3100 the max in real world tests is around 83 MBit/s OpenVPN AES-256-GCM. But you can share your config if you want. :-) -Rico Nothing special in the config, just offering to reply with any detail asked for in my current settings. Looking, I thought it was multicore but I think what I want to say is capable of parallel processing. I am a bit more basic in my understanding. I tested the performance versus CBC and found it to be much better, maybe double, so I stuck with it. IPSec was much faster but I kept reading people say they would always pick OpenVPN first so I stuck with it. So far no issues. My main use is access through my firewall while mobile so I can make use of public wifi at times and even bigger for me block ad's with pfBlocker.

@chedxb Please try to isolate the issue and be more specific. And a net diagram of what you are trying to do would also help azure, ubuntu and containers are nice trendy technologies, but don't really add any usable information on the situation.

After upgrading the router and creating a new VPN server with the wizard all the needed settings were there. The VPN is now working and connecting correctly. Thanks very much for the help on this!

With IPsec, yes. With OpenVPN, no. OpenVPN shared key mode isn't compatible with GCM (IIRC it requires SSL/TLS)

Maybe describe exactly what you are trying to accomplish in detail.

Yeah new package available, 0.7_3 Now when you click you get the gui like you should.. Thanks jimp

ok thanks man, appreciate it.

You can check data usage per Firewall Rule. :-) -Rico