Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Re: OpenVPN on pfSense - Installation guide for (Windows) Dummies :-) (road-warrior)

    Scheduled Pinned Locked Moved OpenVPN
    8 Posts 3 Posters 3.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      trix
      last edited by

      I am going crazy. I see a successful firewall log stating that my client was not blocked, but the VPN doesn't work.

      I am pretty sure I followed the guide 100%. Not sure what is going on here…

      Sun Jul 12 00:51:16 2009 Restart pause, 2 second(s)
      Sun Jul 12 00:51:18 2009 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
      Sun Jul 12 00:51:18 2009 Re-using SSL/TLS context
      Sun Jul 12 00:51:18 2009 LZO compression initialized
      Sun Jul 12 00:51:18 2009 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
      Sun Jul 12 00:51:18 2009 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
      Sun Jul 12 00:51:18 2009 Local Options hash (VER=V4): '41690919'
      Sun Jul 12 00:51:18 2009 Expected Remote Options hash (VER=V4): '530fdded'
      Sun Jul 12 00:51:18 2009 Socket Buffers: R=[8192->8192] S=[8192->8192]
      Sun Jul 12 00:51:18 2009 UDPv4 link local: [undef]
      Sun Jul 12 00:51:18 2009 UDPv4 link remote: xxx.xxx.xxx.xxx:1194
      [12:52:16 AM] joekonkus: Sun Jul 12 00:52:19 2009 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
      Sun Jul 12 00:52:19 2009 TLS Error: TLS handshake failed
      Sun Jul 12 00:52:19 2009 TCP/UDP: Closing socket
      Sun Jul 12 00:52:19 2009 SIGUSR1[soft,tls-error] received, process restarting

      Any ideas?

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        About the same happened to me once as well. The workaround that fixed it for me was: set as protocol the other (if you're on UDP set TCP and vice versa), save the config and change it back. I'm Not sure why this is happening. I suspect a problem with the underlying version of OpenVPN.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • T
          trix
          last edited by

          Thanks for the suggestion. I tried it, it didn't work :(

          1 Reply Last reply Reply Quote 0
          • GruensFroeschliG
            GruensFroeschli
            last edited by

            The log you posted is from the client or the server?
            If from the client: What does the server log show?

            We do what we must, because we can.

            Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

            1 Reply Last reply Reply Quote 0
            • T
              trix
              last edited by

              The server shows nothing. Just these two entries.

              Jul 12 21:41:45 openvpn[37390]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008
              Jul 12 21:41:14 openvpn[37058]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008

              However,I do see port 1194 show up as "pass" in the firewall log.

              I did not think to check my system log. I see this.

              Jul 13 20:17:11 kernel: pid 35465 (openvpn), uid 0: exited on signal 10 (core dumped)

              1 Reply Last reply Reply Quote 0
              • GruensFroeschliG
                GruensFroeschli
                last edited by

                Seems like your OpenVPN instance crashed.

                Could it be that you missconfigured something and thus the instance cannot start correctly?

                Can you post your config of OpenVPN?

                We do what we must, because we can.

                Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                1 Reply Last reply Reply Quote 0
                • T
                  trix
                  last edited by

                  Would you like a screenshot? It looks exactly how the guide instructed, but who knows, maybe not.

                  I blanked out the certs.

                  1 Reply Last reply Reply Quote 0
                  • T
                    tekoholic
                    last edited by

                    I'm getting the same error, and so far as I've read and understand, all is config'd properly…  This is with internal CA, until I can get the import of cacert.org's keys to succeed...

                    Running 2.0-ALPHA, updated almost daily on
                    Athlon 1.4Ghz, 768MB PC100, 3 NIC's (2x10/100, 1xGB), 20G HDD,
                    Currently Dual-WAN (1 cable 6M/512K, 1 DSL 7M/768K), Single LAN
                    Working on adding 1 WiFi WAN and 2 cellular (when we're home with our phones)

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.