Struggling to get OpenVPN working
-
I don't think that shows a connection attempt.
You exported the config for viscosity using the client export package right?
-
I don't see anything connecting either
ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
Looks to be a problem..
-
Yes, I installed the client export package, created the ovpn files and installed them into OpenVPN client on my Mac and on an iPhone
I don't believe that Verizon FIOS blocks port 1194. So that's why I don't understand why I'm not seeing anything
-
your not seeing anything because its never trying to connect because it says
Device busy: Device busy (errno=16)
-
So then the questions is why? I have Viscosity on a Mac, and the Mac is connected to a hotspot that is outside my LAN (I've checked that with such tools as whatismyip.com, etc)
-
dude your openvpn interface is most likely hung.. disable and then enable the interface or reboot ;)
-
It's not down –- already tried restarting.
Here are the logs from the remote Viscosity client. The last line of that log is the correct IP address of the WAN interface on my firewall so it would seem to have managed to connect through the Verizon router with no problem.
It just doesn't go any further.Jan 19 10:31:16: Viscosity Mac 1.5.11 (1314)
Jan 19 10:31:16: Viscosity OpenVPN Engine Started
Jan 19 10:31:16: Running on Mac OS X 10.11.4
Jan 19 10:31:16: ---------
Jan 19 10:31:16: Checking reachability status of connection...
Jan 19 10:31:16: Connection is reachable. Starting connection attempt.
Jan 19 10:31:16: OpenVPN 2.3.8 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Sep 23 2015
Jan 19 10:31:16: library versions: OpenSSL 1.0.2d 9 Jul 2015, LZO 2.09
Jan 19 10:31:23: Control Channel Authentication: using '/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/connection.NGQTco/ta.key' as a OpenVPN static key file
Jan 19 10:31:23: UDPv4 link local (bound): [undef]
Jan 19 10:31:23: UDPv4 link remote: [AF_INET]192.168.1.3:1194 -
Where is your initial packet? So for example I just connected..
Tue Jan 19 09:41:23 2016 TCPv4_CLIENT link local (bound): [undef]
Tue Jan 19 09:41:23 2016 TCPv4_CLIENT link remote: [AF_INET]10.56.226.130:8080
Tue Jan 19 09:41:23 2016 MANAGEMENT: >STATE:1453218083,WAIT,,,
Tue Jan 19 09:41:23 2016 MANAGEMENT: >STATE:1453218083,AUTH,,,
Tue Jan 19 09:41:23 2016 TLS: Initial packet from [AF_INET]10.56.226.130:8080, sid=bd72773b 9ed9bb88I bounce off a proxy here, which is why you see the rfc1918 address and port 8080.. But you should see something sim, do you see the packet leave your machine?? If so then its not getting to your pfsense server.. What is the next few lines in the log say?
What is your logging level? Bump it up to say 4 or so.. In your config its the verb statement on the client.
-
That's the thing –- the connection seems to be hanging at that point, there are no new lines in the Viscosity log after
Jan 19 10:31:23: UDPv4 link remote: [AF_INET]192.168.1.3:1194
By the way, I really appreciate the help and feedback from you guys.
D
-
I figured everything out –- the problem was with the OVPN export part. I needed to change the hostname resolution part because it was defaulting to the WAN IP address but because there is a Verizon Router in front of my pfSense box, that WAN IP address is still an internal subnet address. After I changed the host name resolution to use a name, everything worked fine.
Hope this helps anyone else who runs a pfSense behind a Verizon router
