Hi @viragomann thanks for your support on this. I could get it working, I just removed Custom options push "dhcp-option DNS 192.168.3.1"; push "dhcp-option DOMAIN local.lan"; I saved changes and restarted the whole pfsense, it just started working after that restart, I mean the machines which are using OpenVPN can reach the machines which are in the LAN network by dns instead of IP addresses, my suspicion pfsense needed to be restarted and there was not any need by adding the Custom options, after that I wanted to double check this in other to have repeatable steps and what I could find out is that those enabled options in Dns Resolver such as DHCP Registration, Static DHCP, OpenVPN Clients as DNS Default Domain and Dns Server 1 in OpenVPN server settings are mandatory options in order to get it working, I know there could be a lot of ways to do this, I am just sharing with you how I could do it in this way

@hugoeyng [image: 1664334071284-7bbf42ad-b7b0-4f60-b77f-3abf915c57fb-image.png] [image: 1664334180453-4f7e418d-9e4e-4751-ba32-d1d20d8e1c26-image.png] [image: 1664334208255-23cc8ca3-714a-4c0d-91cb-980863fa2964-image.png] [image: 1664334235890-dc0ce8e6-9968-46db-9bb5-ec008302295f-image.png] [image: 1664334255431-83f9959c-8162-4eca-bb86-6e4338670481-image.png] [image: 1664334316343-de9ed4ff-d695-4451-95db-20688914109f-image.png] [image: 1664334349260-a14f4c94-0de3-4f53-8ac4-0d7344242003-image.png] [image: 1664334373555-35d6ebff-a693-42df-9466-096e4f55d11b-image.png] [image: 1664334412102-27c6c956-766d-4ebb-a113-ad0245145f32-image.png] Now OpenVPN setup is complete. Make some changes in the settings, for this click on the edit button and go to the "Tunnel Settings" Section And click on the checkbox as shown in the image. [image: 1664334504969-fc374501-daf3-4e65-9bf7-681b077cb714-image.png] Now Create a user to log in to OpenVPN System > User Manager > +Add. [image: 1664334937802-ef03d35a-7e57-4c27-a9aa-4144ad163a31-image.png] [image: 1664334955389-e8852f40-41b0-40a1-b7e3-105203b0cf30-image.png] Now go to the OpenVPN client Export and export the user file. Then install the setup file in the system login with username and password. [image: 1664335107570-89873547-2daf-4bef-b82b-7784f80e01d9-image.png] Have A Great Day!!

I am on 22.05. It seems the upgrade didn't complete correctly. I found this post and tried the solution of running pfSense-upgrade -d. That showed 1 package to be installed and 40 to be upgraded. After completing the upgrades and rebooting, the OpenVPN service started and I am able to connect again.

@dragonfixed00 Packet capture on LAN using TCP and port 2222 Do the SSH packets arrive on LAN ?

This is my client config dev tun persist-tun persist-key data-ciphers AES-128-GCM:AES-256-CBC data-ciphers-fallback AES-256-CBC auth SHA256 tls-client client resolv-retry infinite remote X.X.X.X 1194 udp4 nobind verify-x509-name "X.X.X.X" name auth-user-pass pkcs12 pfsense-UDP4-1194-khodorb.p12 tls-auth pfsense-UDP4-1194-khodorb-tls.key 1 remote-cert-tls server explicit-exit-notify verb 4

@madfuzker said in CE-2.6.0 - Unable to disable OpenVPN Server if Interface is assigned: @bob-dig I can confirm that in 22.05 this is NOT fixed. Definitely not fixed. But not a problem for me anymore, I only use WireGuard.

@markedo hi , did you have luck resolving this ?

Hey everyone, I found a very interesting Scenario. Just to recap: my home pfSense Box has 1 OpenVPN Server and 4 OpenVPN Clients configured. I needed to connect to my the pfSense at home via OpenVPN to check something and I noticed, that I was able to browse through the Internet. Which shocked me, and I thought well, maybe my reboot fixed it. Afteer a short investigation I noticed that my pfSense stopped the OpenVPN Client, so it wasn't connecting to the openVPN Servers which I configured. [image: 1663861261475-b0390a99-44bc-468e-be9c-fa3a40947149-grafik-resized.png] After starting the clients on my pfSense I connected to my pfSense via iPhpne: And then I wasn't able to browse the internet. Deactivating the clients helped: my iPhone had access to the internet. Can anybody explain to me what on earth is happening? Edit: Holy ... I fixed it! After defining in the catch all Rule of the OpenVPN Interface the default gateway every client can now acces the internet. [image: 1663861863909-87be3dd7-b8e1-4fd1-8126-5c4a24d90bee-grafik-resized.png]

@pourts said in OpenVPN Client working, but other ports & VLANs now offline: because "policy routing" isn't an option in any of the GUI menus. Sure it is ;) The gateway you want to send the traffic out of is policy routing ;) Glad you got it sorted. Hope you paid attention to the bypassing policy routing in that section, users always seem to fail to understand if you force traffic out say a vpn gateway, that it won't be able to get to your other vlans/networks that are local. So you have to have a rule above your policy route rule that allows for access you want locally.

@khodorb That's a Github commit on the source code. From what I can tell, they added a piece of code to show these errors(the ones we are seeing now on our setups). Since this piece of code wasn't there before, the errors weren't visible but now they are. In other words, we should have seen this errors before version 21.02 but we are only seeing them now. I found the same link on the pfsense's redmine dating from 7 months ago, where Jim Pingle states the same.

@viragomann Yes, I know net30 is being deprecated by OpenVPN, not pfSense. But otherwise thank you for clearing things up. I guess I'm stuck with net30 for now.

@khodorb said in Upgraded pfSense from 2.4.5 to 2.5.2 or 2.6.0 and OpenVPN no longer works: https://blog.nuvotex.de/pfsense-crl-has-expired/ Thanks. I tried that patch and it was unsuccessful in fixing the issue. This was my post.

@jdavis0221 said in Setting up OpenVPN to access two LANs: The 192.168.1.x network is just an internal network going back to the switch. The PLC network does not have internet access. Our WAN comes into the pf sense firewall, out to the 192.168.2.x LAN network which is also connected to the same switch that the 192.168.1.x LAN is on. Two different L2 networks on an L2 switch? What you wrote doesn't attest that the PLC uses a gateway. If not it cannot communicate with IPs outside of its own subnet. It's possible to access the hosts though from remote, but that needs an outbound NAT rule. Additionally pfSense needs to have an IP in that subnet.