Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN does not work on bridged PFsense router

    Scheduled Pinned Locked Moved OpenVPN
    71 Posts 3 Posters 10.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      george1116 @JonathanLee
      last edited by george1116

      @JonathanLee

      Not at all, I am not using Tunnelblick as a server, also, I followed that exact blog/video you shared to set up my VPN.

      I downloaded the config from the VPN exporter and installed it correctly on both tunnelblick and viscosity, both output the same error.

      JonathanLeeJ 1 Reply Last reply Reply Quote 0
      • JonathanLeeJ
        JonathanLee @george1116
        last edited by JonathanLee

        @george1116 Can you connect to just the firewall without using Tunnelblick?

        Can you use just OpenVPN software

        Using
        openvpn.net/client/

        G 1 Reply Last reply Reply Quote 0
        • G
          george1116 @JonathanLee
          last edited by

          @JonathanLee said in OpenVPN does not work on bridged PFsense router:

          openvpn.net/client/

          Same thing here.

          Screenshot 2024-01-05 at 3.09.04 PM.png

          JonathanLeeJ 2 Replies Last reply Reply Quote 0
          • JonathanLeeJ
            JonathanLee @george1116
            last edited by

            @george1116 Just to confirm are you using the user profile you created in pfsense to log on?

            G 1 Reply Last reply Reply Quote 0
            • G
              george1116 @JonathanLee
              last edited by

              @JonathanLee

              Yes, I am. I am sure this issue has nothing to do with the credentials because it already works, I can verify it on another network.

              JonathanLeeJ 1 Reply Last reply Reply Quote 0
              • JonathanLeeJ
                JonathanLee @george1116
                last edited by

                @george1116 interesting, does the equipment in front of pfSense have any logs you can get to?

                G 1 Reply Last reply Reply Quote 0
                • G
                  george1116 @JonathanLee
                  last edited by george1116

                  @JonathanLee

                  No logs, the device comes from my ISP, and because I already set that device to bridge the LAN port it doesn't show any details about connected LAN devices either.

                  JonathanLeeJ 1 Reply Last reply Reply Quote 0
                  • JonathanLeeJ
                    JonathanLee @george1116
                    last edited by JonathanLee

                    @george1116

                    My set up works like this DSL modem has 4 ports, one port goes to my power over AC over to the other side of the house the second power over AC plugs into my firewall wan port modem is gives my firewall a wan address after I have my AP plugged into the lan of the firewall.

                    ISP dmark——>dsl modem——>firewall—->access point

                    I vpn onto the firewall with my static wan address, my IP address has not changed in years. I can see it connect into the firewall on the openVPN tab it shows states, after I have rules for what the vpn can access, it can only access my NAS.

                    Does yours do this? I think you said you have this,

                    ISP dmark——>modem——->router——->firewall bridged——>iMac you want to access

                    You’re gonna need to set a default route for that traffic on your router. Can you ping the iMac from the router?

                    1 Reply Last reply Reply Quote 0
                    • JonathanLeeJ
                      JonathanLee @george1116
                      last edited by JonathanLee

                      This post is deleted!
                      1 Reply Last reply Reply Quote 0
                      • JonathanLeeJ
                        JonathanLee
                        last edited by

                        @george1116 said in OpenVPN does not work on bridged PFsense router:

                        My pfsense router is installed behind my home router, the LAN port on my home router which pfsense is connected to is set in bridged mode, so my pfsense WAN side is getting a public IP in the 199.x.x.x.x range.

                        I then installed openVPN on my pfsense router, but when I am connected directly to my home router (the bridged router) openVPN is not able to connect, however, when I connect via tethering to my mobile device hotstpo OpenVPN connects successfully.

                        What is the error I am getting:
                        When connecting to openVPN I get the below error message after some time.

                        2024-01-03 08:30:08.123554 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
                        2024-01-03 08:30:08.123640 TLS Error: TLS handshake failed
                        

                        What have I checked:

                        • I checked my home router to see if port 1194 is blocked, and it isn't
                        • I verified that my pfsene router WAN side is indeed getting a public IP and it is.
                        • I ensured there is no double NATing, this is evident from the public IP on pfsense WAN
                        • I used Packet Capture to verify that indeed there was an outbound connection from my machine to pfsense router, and there was.
                        • I changed the Tunnel Network of OpenVPN, but it didn't help
                        • I used different authentication Modes, but it didn't work

                        I have been going on for 2 days now, has anyone experienced this or knows what the problem could be

                        I think the router in front of your firewall is causing the issues, is this a standard ISP issued router with a dmark or a modem?

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.