Funny thing is that I had this same error and solved it by switching from UDP to TCP.

Is there a method of turning my Lan Port to bridge mode to become apart of my neighboring subnet?
Then potentially VPN connect through Wan to the Bridged network on the LAN side?
thanks

Follow this howto:
http://doc.pfsense.org/index.php/Using_OpenVPN_With_FreeRADIUS

(except replace the RADIUS server on pfSense with your own RADIUS server)

@GruensFroeschli:

Are you sure about this?

Yes i am sure.
Your setup is the classic stumbling block if you're not really familiar with routing.

I just tried the manual nat as well, but it didnt change anything Sad

Please describe a little more detailed what you did.
Can you show a screenshot of your AoN rules?

Hi there, i just got it to work :) The NAT rule i added yesterday had the subnets configured. Now  just tried adding a new NAT rule for the vpn interface and any subnet, now everything works :)

thanks for your support :)

It's up and running.  I scrapped what I had correlated my subnets to the ones in the sticky you mentioned and followed it step by step.

Thank you so much for your help!

To be blunt, I think you need to bring in somebody with more experience than you have.  If DNS didn't work then you wouldn't be able to map the share.  From what you've said it all sounds like an authentication problem.  When you map the share across the VPN:

a) Is the remote device on the domain?
b) Are you providing a username and password?

you could maybe, but not worth it, i don't think.  if you have a pfsense at the other site, have it do dhcp and have a different subnet over there.  there is nothing at all that requires PXE booting to be on the same subnet - you just need (IIRC) for the dhcp client options for site2 to point at the tftp server on site1 - once it has an IP everything should just work :)

@mhab12:

This worked for me some time ago on 1.2.2  I would suspect it's still a valid starting point.  Can't comment on your voip needs though…
http://forum.pfsense.org/index.php?topic=7840.msg45969

Thanks for the lead, I'll check it out.

@xerovis:

After we paid for support and asked for the config file we were told it would only work on a pre-release version of pfsense, which we could not download.

(resolved this long ago with xerovis privately but wanted to follow up here) That's not true, it only works with 1.2.3-RC versions, which are on all the mirrors.

The process is described here:
http://doc.pfsense.org/index.php/OpenVPN_Bridging

there are some issues with that, but it does work (with caveats). I'm working on updating that right now for an ideal configuration.

I have tried with Client-to-client enabled and disabled.  The PCs are getting the proper IPs and related settings.

yea give it a try set net bios to brodcast

ok… now this is embarresing.

After I posted this post, I was just checking again on all my configs, like Windows Settings, Openvpn and so on.

Then I thought: "ok let's do something stupid and switch the machine I try to log into SITE B from..." so I took another client and tried to access a PC of SITE B... and there it GOES!!! All working fine... After that I tried to access SITE B from the Windows Server again and it was working...

I can't explain why this works JUST NOW out of the blue but it does... so please ignore this stupid it guy and get on with the day  ::)

I've made some progress. The problem above still exists, but when I tried on a Windows machine I got a IP address via DHCP. However I can only connect to machines in the VPN Server network, on their public IP addresses. The client gets IP address 10.0.1.6/30 and default gateway is set to 10.0.1.5. Seems fine. The openVPN client is all green, and no error messages in the log file either on the server or client.

I cannot:

Ping my gateway, 10.0.1.5 Connect to any machine on internet except the ones in the VPN server network (public IPs)

I can:

connect to pfsense machine via HTTPS connect to another webserver in the same public network as the pfsense server make DNS req to the DNS server, also in the same network as the pfsense server

I have Outbound NAT (AON) for 10.0.1.0/28 to WAN interface address.

Yes this should be possible.

Yes you can configure everything in the GUI.
What doesn't work if you configure it as client?

I disabled compression on the server and client. This appears to have resolved the issue with the VPN bouncing.  I wish I knew why compression was causing the problem…it would be nice to have.

I also lengthened the keepalive to 'keepalive 10 120' on the server.

Elektro21

Edit:
Thought I had this fixed...but it is doing the same thing as before.  Down every 2 minutes (hence the 120sec timeout).  Still yet to determine why the link will not stay up...even with traffic across it.

Thanks!

GruensFroeschli,

Thanks so much for the advice – I've added this routing to both pfSenses and the gateway, and it now appears to work!  It still didn't cooperate until I remembered I had the firewall enabled on a linux box that was hosting the pfSense server on a VM -- needed to allow the remote network rather than just the LAN and WAN IP addresses of the pfSense box.  But the real sticking point was the routing, thanks again for your help.

-Ned

Well guess I will continue to use the external SNMP server.