Thank you! ;D Not so good with all that code… It created 3 files test.crt test.csr test.key All normal? What is the csr for anyway? I will try it later and let you know Thank you very mutch

No, I don't have that option in the client configuration, today I've changed again the configuration this time using UDP as protocol with LZO compression and some specified ports besides 1194 and voila, it's working  ;D I can see that the client used port 1194 instead of any random port, weird, right? Anyways it's working and that is what matters!  ;D

Hi err….address pool.... :P cheers,

With so little information, I doubt it. Can you provide a simple network diagram, showing the networks and the IP ranges.

Thank You sir!  :)

@GruensFroeschli: Also please provide the config-files of the server and the client. http://forum.pfsense.org/index.php/topic,7001.0.html Mostly the file of the client since you seem to have missconfigured something there.

Hello I had the same problem as you, change port from UDP 1194 to TCP 1194 for both client and server and it worked. try it. Edward

How would you connect to the pfSense? Does each client install OpenVPN or do you have another firewall solution?

they all had different certificate but the common name was the same in the certificate. I hate myself sometimes! ::)

[image: beztytuugq3.th.jpg] I'm checking settings trying to connect from Net2 to Net1 - of course the only way is to route this through Net0 using both VPNS. Now it should be easier to understand. The main VPN server in Net0 is pfSense

Well that explains it heh - havent messed arround much with VPN at all - Anyway it worked with \ip number – I will also try messing arround with the WINS server. Thanx alot for all the help - /DaK

OK, the plugin started working when I added OpenVPN from package.

Thanks GruensFroeschli ! I will see what I can do.

So you only want to access services FROM the roadwarriors withing your existing network and not TO your roadwarriors. I Think you can just enable advanced outbound NAT and NAT from the roadwarrior-subnet to your existing network. For servers in your existing network it would seem as if the connections come from the IP of the pfSense-machine: http://forum.pfsense.org/index.php/topic,7001.0.html

1: I cannot speak from experience, but a few users reported that if you want to use it in a multiWAN enviroment you should use TCP and not UDP as carrier protocol. 2: The firewall rule is only there to allow your client to access the server itself. The connections you tunnel over this connection will not be firewalled. 3: Create a key/certificate pair for each client.

Can you ping by IP?  For the name resolution you might need to implement WINS.

Thank you very much ! I've been searching into the forum but i've not found the answer. Thanks again, Nahuel