New OpenVPN setup for road-warriors - connected but no routing
-
You don't need 2.1 to make it work… Problem is peer to peer. You don't want that.
-
This is a bit odd. The server is set to "Remote Access (SSL/TLS + User Auth)", but the client is now set to Peer-to-peer, and the only options available are the two "peer to peer" ones.
-
Recommendation - Delete the server and the client.
Use the wizard and set it up again using TUN from the very beginning.
It sounds big deal but should be a few minutes.
I'm sure 2.1 works fine but 2.3 isn't broken either.
You just got a bit twisted around. Thats all.
-
I'll try it again tomorrow - getting frazzled now :)
Just deleted both configs, used the wizard to setup the server bit (seemed to create a tun setup anyway) but a new client still only allows server mode Peer to Peer.
-
Did you try shooting it with a 12 gauge shotgun? (Teasing)
Thats odd. I've never seen anything like that before. It should allow you to configure remote access. Thats very basic.
I wonder… Do you have user accounts and certs set up on your pfsense other than Admin? Because you need too. It required.
If pfsense thinks there are no users and no user certs it might not present you remote access options.
I had assumed these road warriors of yours had limited user accounts installed on pfsense.
You can get away with creating just 1 user and one user cert and allowing multiple concurrent connections by that user, but its better to set up one user account per "road warrior". You just go into system > user manager and add users, passwords and user certs.
Then you might have much better luck.
-
I do have a user I set up that I've been using for testing, and that's the one I've been using in the OpenVPN client downloader
-
Hang on, do I even need the "client" tab on the OpenVPN config? Going to try a manual approach as per: http://forum.pfsense.org/index.php?topic=22115.0
-
Getting the shotgun ready now. Just recreated everything manually, and no difference. VPN client connects fine, lights go green, routes are created, but nothing is passed.
-
When you want to connect a windows machine to a pfsense for the purposes of tunneling, its a server client relationship. Not peer to peer. I think just a straight up simple TUN tunnel is the way and those are made with wizard.
-
TUN is what I've been trying :(
I'm going to try it on a different remote computer, in case it's something wonky installed on my PC. Hopefully that's it, although it'll be annoying :)
-
I don't think thats it. While you arwe doing that, I'm going to get some coffee and try to find why you are not getting anything other than "peer" as options. Because thats not right. Not on pfsense 2.03 for sure.
-
Gah, just installed the Android client on my phone and it seemed to work right off the bat. Going to try a different remote machine.
-
hahahahahahahahahahahahah…. DAMN WINDOWS!!!!!!!
(Still doesn't explain your limited tunnel options to me)
-
Okay, so works on my Android phone and an Ubuntu VM I just spun up, but not on either of my Windows 8 computers. Guess there's something with the OpenVPN client on Windows 8…
-
Windows 8 firewalls?
Was the install ran as admin?Beyond that, I cant even imagine what.
-
Well I'll be… Once I worked out it's a Windows 8 + OpenVPN problem, I had something to Google, and came upon this post by Luis Silva.
You have to start the Network Connections service, which is normally set to "Manual", and only runs when the "network connections" dialog is open. Start that service, and the VPN client works!!
-
Thank you for helping me with this problem. I have learned something useful…
(True statement - Although, wasn't it supposed to be the other way around!)
Windows 8myopenvpn....
-
I'd suggest a new thread on Windows 8myopenvpn…. actually.
-
You have to start the Network Connections service, which is normally set to "Manual", and only runs when the "network connections" dialog is open. Start that service, and the VPN client works!!
You know, having huge blinking tiles everywhere is so much more important than network connectivity…
-
I'd suggest a new thread on Windows 8myopenvpn…. actually.
You mean here? I'm happy to write a quick post specifically for Windows 8 to help people find this info :)