No idea ?

For more discussion on the "management ports" issue of having multiple OpenVPN client configs in OpenVPN manager, and the user selecting one to start, but OpenVPN Manager getting confused and starting a different one, see: https://github.com/jochenwierum/openvpn-manager/issues/17

Pretty simple deal, just have to make sure your LAN segments do not overlap, but we need more info.  10.x is not enough information, we need all the octets and the network mask.

I did a little mod on the /var/etc/openvpn/server1.conf

and the config is changed like i wish but  it is not finished (diffrent between tun/tap)  but maybe someone can do this job better than i.

in my config it add's now (no: server 192.168.4.0 255.255.255.0 any more:-)

mode server
ifconfig 192.168.4.1 192.168.4.2
route 192.168.4.0 255.255.255.0
ifconfig-pool 192.168.4.4 192.168.4.251
push "route 192.168.4.1"

openvpn.inc.txt

Interesting - I suspect with the recent NSA revelations there may be more interest in this.  Did you get it working?

I'm thinking about doing the same thing myself and, like you, haven't played with VPN's before - but I think it's time to try this out with pfSense.

anybody??

The VPN server often push something called "redirect-gateway def1" to the client upon connect. This adds a "default gateway" that overrides your existing default gateway, and is probably what you experience. You have to block this behaviour in the OpenVPN client config under advanced by using "route-nopull" or "route-noexec", but they you must create your own routing to make sure whatever traffic should go out the VPNs do.

(or use Other if not matching pfS hostname).

I actually found the problem I had ticked off Enable authentication of TLS packets. After I unchecked this, it worked.

Now my problem is a have an ipsec connection to the datacenter at work.  I route 10.X.X.X and 172.X.X.X to that network (for certain ip addresses on my home LAN) and the rest of the traffic to the outside WAN.    When I connect to the open vpn, it disrupts this.  I have not figured out how to route the traffic properly.  I did try to create a new interface and create a LAN rule, but that didn't work.

You got a Multi GW setup for this ?

If so, simply use a firewall rule to do this… like this here:

Set the GW as required

Ok, I figured it was something like that,  I've read somewhere about a bug causing this.  but being torn from project to project to work and project, and kids, and project.  hunger, sleep.  I forget what i read or did 5 mins ago.  I even forgot what I was trying to say in this post.

In the advanced options box you need to have a ; between statements (newlines in the box aren't guaranteed to be preserved)

so it should really be:

push "route 192.168.0.0 255.255.255.0"; push "route 192.168.1.0 255.255.255.0"; push "route 192.168.2.0 255.255.255.0"; push "route 192.168.4.0 255.255.255.0";

or

push "route 192.168.0.0 255.255.255.0";push "route 192.168.1.0 255.255.255.0";push "route 192.168.2.0 255.255.255.0";push "route 192.168.4.0 255.255.255.0"

You also need route statements for the network so that the OS on the server side knows it reaches those networks via the VPN also

So ultimately, you'd end up with:

push "route 192.168.0.0 255.255.255.0";push "route 192.168.1.0 255.255.255.0";push "route 192.168.2.0 255.255.255.0";push "route 192.168.4.0 255.255.255.0";route 192.168.1.0 255.255.255.0;route 192.168.2.0 255.255.255.0;route 192.168.4.0 255.255.255.0;

The pushes ensure that each of the remote sites receive routes to the other remote sites as well as your server. The plain route statements handle the routing for your server side to reach the remote sites.

Check your console, see what is making the boot process stop before it gets to the point where it beeps.

my primary has no issue only when restoring or setting up OpenVPN manually on my backup unit.

Doing factory reset now and will connect the backup unit to the internet and try restoring again.

Can only find this error in all the log file

php: /vpn_openvpn_server.php: The command '/bin/rm /var/etc/openvpn/server1.*' returned exit code '1', the output was 'rm: /var/etc/openvpn/server1.sock: No such file or directory'

There are alot of people who are pretty expert at site-to-site vpn with pfsense, but you will probably have to post your VPN setup page to get help.  So far I only know your firewall rules.  If its simple 1 WAN pfsense should not be difficult.