@viragomann They definitely are....up until it disconnects because it's working just fine other than the disconnect.

@amirat said in Ip forward with openvpn: so how can i do routing? and i also need to use vpn for my phone , how you say that it is irrelevant? Many people seem to think a VPN is somehow different from any other IP connection. All the VPN does is set up a secure connection between two points. Years ago, that might have been done with frame relay. As for routing, you have to let the various devises know how to reach some other device. With a VPN, you at least have a route to the VPN server and from there out to the Internet. If you want to go anywhere else, then you have to ensure there's a route configured to that point. It also doesn't matter what the client is. Whether a computer or a phone, it still works the same way. What you have to do is determine what you want to reach and where it is, relative to your OpenVPN server. Then you have to decide whether you have to add routes. For example, pfSense knows about directly connected networks, so you don't need to specify a route to them. Beyond that, you have to.

Hi @viragomann thanks for your support on this. I could get it working, I just removed Custom options push "dhcp-option DNS 192.168.3.1"; push "dhcp-option DOMAIN local.lan"; I saved changes and restarted the whole pfsense, it just started working after that restart, I mean the machines which are using OpenVPN can reach the machines which are in the LAN network by dns instead of IP addresses, my suspicion pfsense needed to be restarted and there was not any need by adding the Custom options, after that I wanted to double check this in other to have repeatable steps and what I could find out is that those enabled options in Dns Resolver such as DHCP Registration, Static DHCP, OpenVPN Clients as DNS Default Domain and Dns Server 1 in OpenVPN server settings are mandatory options in order to get it working, I know there could be a lot of ways to do this, I am just sharing with you how I could do it in this way

@hugoeyng [image: 1664334071284-7bbf42ad-b7b0-4f60-b77f-3abf915c57fb-image.png] [image: 1664334180453-4f7e418d-9e4e-4751-ba32-d1d20d8e1c26-image.png] [image: 1664334208255-23cc8ca3-714a-4c0d-91cb-980863fa2964-image.png] [image: 1664334235890-dc0ce8e6-9968-46db-9bb5-ec008302295f-image.png] [image: 1664334255431-83f9959c-8162-4eca-bb86-6e4338670481-image.png] [image: 1664334316343-de9ed4ff-d695-4451-95db-20688914109f-image.png] [image: 1664334349260-a14f4c94-0de3-4f53-8ac4-0d7344242003-image.png] [image: 1664334373555-35d6ebff-a693-42df-9466-096e4f55d11b-image.png] [image: 1664334412102-27c6c956-766d-4ebb-a113-ad0245145f32-image.png] Now OpenVPN setup is complete. Make some changes in the settings, for this click on the edit button and go to the "Tunnel Settings" Section And click on the checkbox as shown in the image. [image: 1664334504969-fc374501-daf3-4e65-9bf7-681b077cb714-image.png] Now Create a user to log in to OpenVPN System > User Manager > +Add. [image: 1664334937802-ef03d35a-7e57-4c27-a9aa-4144ad163a31-image.png] [image: 1664334955389-e8852f40-41b0-40a1-b7e3-105203b0cf30-image.png] Now go to the OpenVPN client Export and export the user file. Then install the setup file in the system login with username and password. [image: 1664335107570-89873547-2daf-4bef-b82b-7784f80e01d9-image.png] Have A Great Day!!

I am on 22.05. It seems the upgrade didn't complete correctly. I found this post and tried the solution of running pfSense-upgrade -d. That showed 1 package to be installed and 40 to be upgraded. After completing the upgrades and rebooting, the OpenVPN service started and I am able to connect again.

@dragonfixed00 Packet capture on LAN using TCP and port 2222 Do the SSH packets arrive on LAN ?

This is my client config dev tun persist-tun persist-key data-ciphers AES-128-GCM:AES-256-CBC data-ciphers-fallback AES-256-CBC auth SHA256 tls-client client resolv-retry infinite remote X.X.X.X 1194 udp4 nobind verify-x509-name "X.X.X.X" name auth-user-pass pkcs12 pfsense-UDP4-1194-khodorb.p12 tls-auth pfsense-UDP4-1194-khodorb-tls.key 1 remote-cert-tls server explicit-exit-notify verb 4

@madfuzker said in CE-2.6.0 - Unable to disable OpenVPN Server if Interface is assigned: @bob-dig I can confirm that in 22.05 this is NOT fixed. Definitely not fixed. But not a problem for me anymore, I only use WireGuard.

@markedo hi , did you have luck resolving this ?

Hey everyone, I found a very interesting Scenario. Just to recap: my home pfSense Box has 1 OpenVPN Server and 4 OpenVPN Clients configured. I needed to connect to my the pfSense at home via OpenVPN to check something and I noticed, that I was able to browse through the Internet. Which shocked me, and I thought well, maybe my reboot fixed it. Afteer a short investigation I noticed that my pfSense stopped the OpenVPN Client, so it wasn't connecting to the openVPN Servers which I configured. [image: 1663861261475-b0390a99-44bc-468e-be9c-fa3a40947149-grafik-resized.png] After starting the clients on my pfSense I connected to my pfSense via iPhpne: And then I wasn't able to browse the internet. Deactivating the clients helped: my iPhone had access to the internet. Can anybody explain to me what on earth is happening? Edit: Holy ... I fixed it! After defining in the catch all Rule of the OpenVPN Interface the default gateway every client can now acces the internet. [image: 1663861863909-87be3dd7-b8e1-4fd1-8126-5c4a24d90bee-grafik-resized.png]

@pourts said in OpenVPN Client working, but other ports & VLANs now offline: because "policy routing" isn't an option in any of the GUI menus. Sure it is ;) The gateway you want to send the traffic out of is policy routing ;) Glad you got it sorted. Hope you paid attention to the bypassing policy routing in that section, users always seem to fail to understand if you force traffic out say a vpn gateway, that it won't be able to get to your other vlans/networks that are local. So you have to have a rule above your policy route rule that allows for access you want locally.

@khodorb That's a Github commit on the source code. From what I can tell, they added a piece of code to show these errors(the ones we are seeing now on our setups). Since this piece of code wasn't there before, the errors weren't visible but now they are. In other words, we should have seen this errors before version 21.02 but we are only seeing them now. I found the same link on the pfsense's redmine dating from 7 months ago, where Jim Pingle states the same.