Thanks ! I had solved the problem myself.

Regards,

CQ

Works!!!

Thanks for help.

@franklookyou:

You might also try browsing the OpenVPN users mailing-list (http://news.gmane.org/gmane.network.openvpn.user).  A quick look over the past month turned up a couple of people asking about similar-ish problems.

Ah.  Excellent.  I'll take a look there.  Thanks for the link.

http://forum.pfsense.org/index.php/topic,5282.0.html

okay - with these custom options i get this log

route 192.168.3.0 255.255.0.0;route 192.168.4.0 255.255.0.0;push "route 192.168.1.0 255.255.0.0";push "redirect-gateway def1";dev tap0;server-bridge 192.168.1.1 255.255.255.0 192.168.1.150 192.168.1.165

Feb 3 11:38:41 openvpn[49146]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008
Feb 3 11:38:41 openvpn[49146]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible
Feb 3 11:38:41 openvpn[49146]: WARNING: Since you are using –dev tap, the second argument to --ifconfig must be a netmask, for example something like 255.255.255.0. (silence this warning with --ifconfig-nowarn)
Feb 3 11:38:41 openvpn[49146]: gw 192.168.2.1
Feb 3 11:38:41 openvpn[49146]: OpenVPN ROUTE: OpenVPN needs a gateway parameter for a –route option and no default was specified by either --route-gateway or --ifconfig options
Feb 3 11:38:41 openvpn[49146]: OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.3.0
Feb 3 11:38:41 openvpn[49146]: OpenVPN ROUTE: OpenVPN needs a gateway parameter for a –route option and no default was specified by either --route-gateway or --ifconfig options
Feb 3 11:38:41 openvpn[49146]: OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.4.0
Feb 3 11:38:41 openvpn[49146]: TUN/TAP device /dev/tap0 opened
Feb 3 11:38:41 openvpn[49146]: /sbin/ifconfig tap0 192.168.5.1 netmask 192.168.5.2 mtu 1500 up
Feb 3 11:38:41 openvpn[49146]: /etc/rc.filter_configure tap0 1500 1573 192.168.5.1 192.168.5.2 init
Feb 3 11:38:41 openvpn[49160]: UDPv4 link local (bound): [undef]:1194
Feb 3 11:38:41 openvpn[49160]: UDPv4 link remote: [undef]
Feb 3 11:38:41 openvpn[49160]: Initialization Sequence Completed

if i remove all but dev tap0;server-bridge 192.168.1.1 255.255.255.0 192.168.1.150 192.168.1.165

i get this in the log

Feb 3 12:06:11 openvpn[52031]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008
Feb 3 12:06:11 openvpn[52031]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible
Feb 3 12:06:11 openvpn[52031]: WARNING: Since you are using –dev tap, the second argument to --ifconfig must be a netmask, for example something like 255.255.255.0. (silence this warning with --ifconfig-nowarn)
Feb 3 12:06:11 openvpn[52031]: TUN/TAP device /dev/tap0 opened
Feb 3 12:06:11 openvpn[52031]: /sbin/ifconfig tap0 192.168.5.1 netmask 192.168.5.2 mtu 1500 up
Feb 3 12:06:11 openvpn[52031]: /etc/rc.filter_configure tap0 1500 1573 192.168.5.1 192.168.5.2 init
Feb 3 12:06:12 openvpn[52044]: UDPv4 link local (bound): [undef]:1194
Feb 3 12:06:12 openvpn[52044]: UDPv4 link remote: [undef]
Feb 3 12:06:12 openvpn[52044]: Initialization Sequence Completed

this is the entry i'm referring too

Feb 3 12:06:11 openvpn[52031]: WARNING: Since you are using –dev tap, the second argument to --ifconfig must be a netmask, for example something like 255.255.255.0. (silence this warning with --ifconfig-nowarn)

i'm not sure how to go about it

Sorry about this.

I rebooted the box and all seems fine now. Log message are just what you'd expect to see.

Regards

Mark

Hey Franky

I tested this again on 1.2.2 over a wan link and it works just fine, so sorry about all this.
Your how-to is spot on, top class!
Cheers

Anyone? :(

I don't use port forwarding for this connection. I connect directly to the openVPN port which I added in the firewall rules.

okey..
thanks..
but..now problem is..

Mon Jan 19 15:01:02 2009 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct  1 2006
Mon Jan 19 15:01:02 2009 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Mon Jan 19 15:01:02 2009 Cannot load certificate file client1.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib
Mon Jan 19 15:01:02 2009 Exiting

why when i open openvpn gui to connect this log i have?

Hi,
I have just implemented a solution where I connected the OpenVPN server to my Radius server (Internet Authentication Service - Microsoft).
I did this with the plugin openvpn-auth-pam. After a lot of problems it finally works ok. Te plugin you may revceive from the openvpn installation kit.
There is also a plugin named openvpn-auth-ldap on the net. Look in the forum there some pointers to it.
Good luck.

Ariel

Can you be more specific what's not working?
Also a "bit" more information would be welcome.

Perfect it runs!!!!!!!  :)

I woudn't have got it working without your guide.  :)

I've tried as well by filling in the remote network and not using the custom options or the other way around by the custom options and not the remote network.

The routing table seems the same, but the traffic still doesn't flow :-(