Finally i got it to work :D

I tried changing the DNS address to what you suggested but that didn't work. So i added a custom entry to Manual Outbound NAT rule generation (Advanced Outbound NAT (AON)) and that got it to work.

No one that has any idea to what bravo83 and I are doing wrong?

What you're say is only possible if you missconfigured or missmanipulated someting.
Please refer to the openVPN documentation on http://openVPN.net on how to set up a CA correctly and build the files.

I forgot to mention that when I make a PPTP VPN between the two networks it works both ways no problem to access the shared files!  ??? but ofcourse that's different

for thr OpenVPN
I'm pretty sure I have to add some route in the config file or in pfsense gui but I can't figure what exactly. i tried in windows: "route add 192.168.50.0 mask 255.255.255.252 192.168.10.5"        but still no access to \192.168.10.6

my openvpn ip is 192.168.10.6 (and my physical ethernet adapter uses 192.168.50.0) but i saw in the ovpn gui that it pushes the routes to 192.168.10.5 so i guess that is my gateway … or am i wrong? probably...

Cry Havoc , please i'm sure you know the solution. you're the man :)

cheers

AON works as expected, thanks again for your help.

Thanks ! I had solved the problem myself.

Regards,

CQ

Works!!!

Thanks for help.

@franklookyou:

You might also try browsing the OpenVPN users mailing-list (http://news.gmane.org/gmane.network.openvpn.user).  A quick look over the past month turned up a couple of people asking about similar-ish problems.

Ah.  Excellent.  I'll take a look there.  Thanks for the link.

http://forum.pfsense.org/index.php/topic,5282.0.html

okay - with these custom options i get this log

route 192.168.3.0 255.255.0.0;route 192.168.4.0 255.255.0.0;push "route 192.168.1.0 255.255.0.0";push "redirect-gateway def1";dev tap0;server-bridge 192.168.1.1 255.255.255.0 192.168.1.150 192.168.1.165

Feb 3 11:38:41 openvpn[49146]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008
Feb 3 11:38:41 openvpn[49146]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible
Feb 3 11:38:41 openvpn[49146]: WARNING: Since you are using –dev tap, the second argument to --ifconfig must be a netmask, for example something like 255.255.255.0. (silence this warning with --ifconfig-nowarn)
Feb 3 11:38:41 openvpn[49146]: gw 192.168.2.1
Feb 3 11:38:41 openvpn[49146]: OpenVPN ROUTE: OpenVPN needs a gateway parameter for a –route option and no default was specified by either --route-gateway or --ifconfig options
Feb 3 11:38:41 openvpn[49146]: OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.3.0
Feb 3 11:38:41 openvpn[49146]: OpenVPN ROUTE: OpenVPN needs a gateway parameter for a –route option and no default was specified by either --route-gateway or --ifconfig options
Feb 3 11:38:41 openvpn[49146]: OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.4.0
Feb 3 11:38:41 openvpn[49146]: TUN/TAP device /dev/tap0 opened
Feb 3 11:38:41 openvpn[49146]: /sbin/ifconfig tap0 192.168.5.1 netmask 192.168.5.2 mtu 1500 up
Feb 3 11:38:41 openvpn[49146]: /etc/rc.filter_configure tap0 1500 1573 192.168.5.1 192.168.5.2 init
Feb 3 11:38:41 openvpn[49160]: UDPv4 link local (bound): [undef]:1194
Feb 3 11:38:41 openvpn[49160]: UDPv4 link remote: [undef]
Feb 3 11:38:41 openvpn[49160]: Initialization Sequence Completed

if i remove all but dev tap0;server-bridge 192.168.1.1 255.255.255.0 192.168.1.150 192.168.1.165

i get this in the log

Feb 3 12:06:11 openvpn[52031]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008
Feb 3 12:06:11 openvpn[52031]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible
Feb 3 12:06:11 openvpn[52031]: WARNING: Since you are using –dev tap, the second argument to --ifconfig must be a netmask, for example something like 255.255.255.0. (silence this warning with --ifconfig-nowarn)
Feb 3 12:06:11 openvpn[52031]: TUN/TAP device /dev/tap0 opened
Feb 3 12:06:11 openvpn[52031]: /sbin/ifconfig tap0 192.168.5.1 netmask 192.168.5.2 mtu 1500 up
Feb 3 12:06:11 openvpn[52031]: /etc/rc.filter_configure tap0 1500 1573 192.168.5.1 192.168.5.2 init
Feb 3 12:06:12 openvpn[52044]: UDPv4 link local (bound): [undef]:1194
Feb 3 12:06:12 openvpn[52044]: UDPv4 link remote: [undef]
Feb 3 12:06:12 openvpn[52044]: Initialization Sequence Completed

this is the entry i'm referring too

Feb 3 12:06:11 openvpn[52031]: WARNING: Since you are using –dev tap, the second argument to --ifconfig must be a netmask, for example something like 255.255.255.0. (silence this warning with --ifconfig-nowarn)

i'm not sure how to go about it

Sorry about this.

I rebooted the box and all seems fine now. Log message are just what you'd expect to see.

Regards

Mark

Hey Franky

I tested this again on 1.2.2 over a wan link and it works just fine, so sorry about all this.
Your how-to is spot on, top class!
Cheers

Anyone? :(

I don't use port forwarding for this connection. I connect directly to the openVPN port which I added in the firewall rules.

okey..
thanks..
but..now problem is..

Mon Jan 19 15:01:02 2009 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct  1 2006
Mon Jan 19 15:01:02 2009 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Mon Jan 19 15:01:02 2009 Cannot load certificate file client1.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib
Mon Jan 19 15:01:02 2009 Exiting

why when i open openvpn gui to connect this log i have?