• OpenVPN Tap

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • OpenVPN Troubleshooting

    3
    0 Votes
    3 Posts
    1k Views
    jimpJ

    Try to get the log off the phone, odds are it will tell you why.

    Usual suspects: Clock on the phone is wrong/not set, or you're using a cert/key format that the phone does not understand (e.g. you need SHA1 not SHA256)

  • OpenVPN / Cert Backup - Restore issue BUG!

    6
    0 Votes
    6 Posts
    3k Views
    P

    You really just need to type the 3 letters "pen" in the middle of "ovpn"to make "openvpn".
    I can only guess that you have accidentally deleted or added some syntax character when making the edit.
    This change is simple enough that I would just do it from Diagnostics->Edit, Load, type the 3 chars in the right place and press "Save". No need to mess with command line.

  • Openvpn client with .p12, how (file included)?

    2
    0 Votes
    2 Posts
    4k Views
    jimpJ

    Bag Attributes
        friendlyName: ipcolo CA

    That's the CA certificate

    Bag Attributes
        friendlyName: home

    That's your certificate

    And the key is your key.

    Create a new CA, set to import, copy/paste from –---BEGIN CERTIFICATE----- to end of the CA cert, save. Then import your certificate on the Cert Manager tab using the user cert and key from the p12.

  • OpenVPN bridge site-to-site and DD-WRT

    1
    0 Votes
    1 Posts
    673 Views
    No one has replied
  • Generic questions on locking down Open VPN

    3
    0 Votes
    3 Posts
    916 Views
    M

    That may be the case.  VPN is a door inside my network, so I wanted to make sure that if it was compromised, as little as possible would be available.

    Thanks for the sanity check.

  • Perf issues on OpenVPN(and IPsec) with Site to Site

    1
    0 Votes
    1 Posts
    600 Views
    No one has replied
  • 0 Votes
    10 Posts
    2k Views
    M

    This thread can be considered closed.  believe it or not, I had not cabled to tie the LAN segment to the switch with the other devices I was attempting to connect to.  Everything is connecting as expected.
    :-[

  • PfSense can't ping VPN Client on TUN network

    4
    0 Votes
    4 Posts
    2k Views
    M

    Thank you, i can see that.

    Another pfsense is working without problems and I can ping the ovpns-Interface ip-address of the tunnel network from the pfsense itself. So it must be a problem with the pfSense-installation I'm testing right now. I will backup the setup and reinstall it this evening.

  • OpenVPN iOS VPN on demand

    5
    0 Votes
    5 Posts
    4k Views
    A

    I've put up an article on this topic that I hope will help others:

    see Setting Up an iOS 7 On-Demand VPN

  • Client connects, but no access to LAN. Take a peek at my configs? :)

    7
    0 Votes
    7 Posts
    6k Views
    R

    Well, that was it.  After switching the OVPN subnet to an arbitrary 192.168.xxx.0/24 subnet the traffic is flowing properly.  Thank you so much for your help.

  • Internett traffic questions.

    2
    0 Votes
    2 Posts
    828 Views
    D

  • OPENVPN on MAC

    3
    0 Votes
    3 Posts
    870 Views
    J

    thanks man,
    i fixed the issue.

  • 2.1 hifn driver doesn't work with AES 256 CBC

    16
    0 Votes
    16 Posts
    4k Views
    ?

    http://www.freebsdonline.com/content/view/589/506/

    Seems like the kind of thing we should try internally, however.

  • [HELP] Cannot Connect to OpenVPN

    3
    0 Votes
    3 Posts
    2k Views
    V

    Thanks for your reply phil.

    I'm getting the same error messages using my mobile hotspot. And yes, I already created a WAN rule to allow traffic to port 20212.

    I created a WAN rule to allow ICMP on pfSense server and starting to troubleshoot the issue. Can't ping the server from the internet though.

    Will post back for updates.

  • 0 Votes
    1 Posts
    683 Views
    No one has replied
  • OpenVPN log

    2
    0 Votes
    2 Posts
    904 Views
    jimpJ

    Status > System Logs, OpenVPN tab. It isn't there for long, but they are logged there. If you forward those logs to a remote syslog server they could be retained longer.

  • OpenVPN to Network Shares..Question…

    6
    0 Votes
    6 Posts
    1k Views
    P

    Now I remember my reason for not wanting some shares to work across the VPN. We have a backup share where laptops automatically do backup at lunchtime (if they are turned on and on the LAN). The backup share is accessed by an automatic job on the client laptop. There are also other shares on the server that the ordinary user uses.
    When they go to another office, they need to use the user shares remotely across the VPN. But when the backup job starts up at lunchtime, I don't want it to succeed - and saturate the VPN with a backup to their home site.
    I don't think there is going to be a way to fix this with firewall rules or Windows server settings. Might have to think some more about making an DNS alias name for the server, making that alias only resolve at the home site, and making the backup job use that alias. Then it should fail when the laptop is away from its "home site".
    Anyway - not a pfSense issue, but may be doable with a DNS Forwarder Host Override (extra name) at the home site.

  • OPENVPN SSL site to Site not working

    7
    0 Votes
    7 Posts
    2k Views
    A

    It's working now.  Seems it was a combination of things.

    I needed the iroutes on the server, and I also had the VPN server configuration set to "Remote Access SSL/TLS" since I was initially using this for Road Warriors, but later wanted to add a site-to-site.  Changing it to Peer to Peer gave me an option for Remote Networks on the server side that I didn't see before and once I entered the branch network in there things started working.

    Thanks for your help, hope the OP gets it going as well.

  • Pfsense 2.1-release OpenVPN, can't see LAN and weird packet loss

    5
    0 Votes
    5 Posts
    1k Views
    P

    @marvosa:

    It appears you have routed setup, so why are you using Device Mode "Tap"?  You should be using "Tun".

    Yeah, that was a derp on my part. tap is actually correct - I was trying to get to a server bridged configuration (so I could get broadcasts working across the VPN). It was just figuring out how to do that in the "pfSense way." I could have copied my old config out of DD-WRT and the script I had written to bring everything online, but then I wouldn't have learned anything.

    @phil.davis:

    OpenVPN has its own protocol for keeping track of and retransmitting lost packets, and that has timers etc.

    Wow, TIL! It makes sense now that I know that.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.