Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Trying to setup pfsense as client to PIA VPN service…..need help

    OpenVPN
    3
    4
    1.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      noremacyug
      last edited by

      So I have a Private Internet Access account and can use the client on OSX to connect without issue.  I'm wanting to have my pfsense box make the connection and cover everything thats on my network.  So, I've tried the direction that were listed on PIA's website and then another tutorial located here http://www.komodosteve.com/archives/232 .  The latter one seems more detailed and has helped more, but I still can't get it to connect to PIA.

      Here's what the status shows

      Here's the log

      Any ideas on what I need to do?

      1 Reply Last reply Reply Quote 0
      • N
        Nadar
        last edited by

        There are several threads in this forum dealing with PIA connections in particular. I don't use PIA, so I don't know the specifics but as far as I can understand PIA gives an extra challenge in that it assigns a random incoming port when you connect, that you somehow have to script both portforwarding rules and client program in accordance with. If you don't need port forwarding in your tunnel however, it should be pretty straight forward.

        Here are some threads dealing with the challenges after you get the VPN tunnel itself up and running:

        http://forum.pfsense.org/index.php/topic,57527.0.html
        http://forum.pfsense.org/index.php/topic,59158.0.html
        http://forum.pfsense.org/index.php/topic,65094.0.html

        From your screenshot however, it seems like you've stranded at an earlier stage. The AUTH_FAILED message pretty much speaks for itself. I'm assuming that PIA doesn't use PSK but uses certificate authentication, so you should probably go back to the tutorials and doublecheck you CA and Certificate (under System -> Cert Manager) and make sure that you assigned them correctly in the OpenVPN client configuration.

        1 Reply Last reply Reply Quote 0
        • N
          noremacyug
          last edited by

          thanks for the assistance.  i'm currently installing a compact vm install of xp and think i'll just set it up as a gateway to feed pfsense.

          1 Reply Last reply Reply Quote 0
          • V
            vacantsouls
            last edited by

            I was having the same issue and opened a ticket with PIA on it.  I was basing my config off what was provided in the client support site and their instructuctions for pfsense https://www.privateinternetaccess.com/pages/client-support/#pfsense_openvpn and the openvpn config files.  What I learned was to ignore their instructions – i told them they should update them after we realized they were wrong.

            ===

            The first major issue I notice is that we don't use TLS auth, and LZO compression appears to be disabled, could you go ahead and correct these two things and try again? You should also only need to Auth-User-Pass line, everything else under advanced can be removed, as it's handled purely in the main configuration window.

            Thank you,
            Alexander B

            Tier II Technical Support/CSM

            Private Internet Access™
            https://www.privateinternetaccess.com/

            =======

            Attached is a copy of my config that is working.

            config.txt

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.