Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Conncetion with OpenVPN 2.1 client problem

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 2 Posters 10.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      nkr1ptd
      last edited by

      I have setup OpenVPN several times the in the past but never with the 2.1 client.  The client tells me that my PFSense box is not an Access Server.  Is there a different client I need to be installing?  I got the one off of OpenVPN.net

      Thanks

      1 Reply Last reply Reply Quote 0
      • N Offline
        nkr1ptd
        last edited by

        Ok note to self "there are actually two clients now" one OS client and one Access client.  The Access Client does not work :)

        The exchange seems to happen but it stops at :

        Wed Aug 11 09:48:07 2010 us=281000 LZO compression initialized
        Wed Aug 11 09:48:07 2010 us=281000 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
        Wed Aug 11 09:48:07 2010 us=281000 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
        Wed Aug 11 09:48:07 2010 us=281000 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
        Wed Aug 11 09:48:07 2010 us=281000 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
        Wed Aug 11 09:48:07 2010 us=281000 Local Options hash (VER=V4): '69109d17'
        Wed Aug 11 09:48:07 2010 us=281000 Expected Remote Options hash (VER=V4): 'c0103fa8'
        Wed Aug 11 09:48:07 2010 us=281000 Attempting to establish TCP connection with PFSense-Firewall-IP:443

        Wed Aug 11 09:48:28 2010 us=234000 TCP: connect to PFSense-Firewall-IP:443 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT)

        1 Reply Last reply Reply Quote 0
        • jimpJ Offline
          jimp Rebel Alliance Developer Netgate
          last edited by

          Yes, be sure you download the client from under "Community Software" :-)

          http://openvpn.net/index.php/open-source/downloads.html

          Why is it trying to connect on TCP port 443? It should be udp/1194 unless you changed your OpenVPN server settings to listen on the other port.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • N Offline
            nkr1ptd
            last edited by

            I found the Open Source version.  Thanks.  I setup the firewall to run on port 443 rather than 1194.  It makes it easier if you are on a network that restricts outbound traffic because almost everyone allows HTTPS.

            Thanks,

            -brandon

            1 Reply Last reply Reply Quote 0
            • jimpJ Offline
              jimp Rebel Alliance Developer Netgate
              last edited by

              Then double check that you also set TCP instead of UDP. The log seems to indicate it isn't making a connection at all.

              You probably need a firewall rule on WAN to allow that traffic in as well.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.