staff Set up branches of the network by adding another branch on Remote Network IPv4 / s field Ie was as follows, In branch A, put the remote network 192.168.1.0/24 Matrix and more affiliate network 192.168.2.0/24 B Now when I am in the branch and request ping from B affiliate network until it reaches the address of the VPN tunnel on the side of the Matrix, and after that he can not forward, What configuration is missing in the matrix or at the branch? Or am I doing something wrong? Thank you!

If you made two servers, one for each WAN, ensure they have unique tunnel network settings but have the same certs/TLS keys/etc. It's easier to make one server, bind it to Localhost, and then port forward from each WAN to localhost. That way the same server can handle both WANs.

I have found the problem! When I use hmac OpenVPN stops/crashes. When I do not use it everything runs smooth. Also tried using hmac without hardware encryption but didn't work also. I'm a bit disappointed that OpenVPN crashes when using hmac :( Does anyone have an idea on how to solve this?

killing two birds with one stone? Smart…

Glad its working.

Don't know but you can contact with Astrill support team hope they can help you

Just realized how to fix this, when i saw the Proxy server's Interface list. i added another interface for openvpn changed openvpn's listening interface from WAN to any multiselect the interfaces in squid proxy server set to transparent mode changed HAVP server to transparent mode. Initially my VPN broke but that was due to the problem of incorrect listening interface. after changing the interface from wan to any in openvpn server it was ok. thanks

@cmb: "The Network Access Permission setting in the dial-in properties of the user account in Active Directory is set to Deny access to the user." That's your problem, fix your Windows account and/or NPS policy. NPS will only reply with essentially one of two things - auth failed, or auth successful. To get details as to why it fails when it does, you have to check the Windows side. @cmb: "The Network Access Permission setting in the dial-in properties of the user account in Active Directory is set to Deny access to the user." That's your problem, fix your Windows account and/or NPS policy. NPS will only reply with essentially one of two things - auth failed, or auth successful. To get details as to why it fails when it does, you have to check the Windows side. hi cmb i've checked this permission and was set ok, i even change it to the allow permission and it didn't works, this happens after the latest microsoft update probably they miss with the settings of the NPS, after i disabled the connection to other devices. voila everything start working ! i am really curious to understand what changes are happend. other customers are working fine and had the same update lately on their OS but the settings are still the same i am very curious to know the changes that happens.

Diag>nanobsd, mount rw, save file, mount back to ro.

I used this tutorial and it works quite nicely: https://forum.pfsense.org/index.php?topic=64439.0

Finally, I got the solution!!! https://forum.pfsense.org/index.php?topic=69826.msg381825#msg381825

That's the thing though, it wasn't working.  And it was because of the topology check box I selected.  However,  if I deselect that and add the following in the Advanced Configuration section, it is working now: verb 5 topology p2p route 192.168.10.0 255.255.255.0 vpn_gateway that is along with the client specific override adding the iroute.

good to know your issue is fixed, didn't know your MAC wasnt patched with the latest security patch ( SSL ). disabling IPV6 is really the solution, had the same issue before with my Mac users.

No I have 2 strongvpn accounts. For some devices I want to route it to account 1 but others I want account 2.

Are you behind a Domain controller ? is Pfsense your Forwarder or other server ? screenshot of your pfsense DNS setting please?

return the iphone 6…buy android, problem solved  ::) Jamerson advice is dead on. It works fine for me, 2.1.5 with a 4s

Nope - Your VPN will cut through your pfsense like a hot knife through butter.  Once you are using a machine inside the LAN running vpn client, the vpn server and any other clients connected to that server and anyone with access to the server or one of the clients or anyone who has hacked into the server or any of the clients on that server potentially have access to your LAN freely. So, like I said before, hope you trust your VPN server.