Can't connect
-
I have pfsense working on a PC.
I have a 2wire modem (3801hgv). It's in bridge mode. It's assigning a public IP to pfsense.
I configured OpenVPN and exported a windows key, but I think I have something wrong in the configuration. When I try to connect from outside, the connection doesn't happen. In the status window nothing is going on.
The logs page for both OpenVPN and Firewall report "no logs to display". There is a green check on the OpenVPN status.
I'm worried that maybe the modem is blocking the traffic. Now that it's in bridge mode I can't figure how to log into it.
-
Maybe I just figured out my problem. In Firewall Rules OpenVPN I haven't made any entries. The text says it will drop everything until I add a pass rule. Would the absence of any rule cause the OpenVPN connection to fail as described?
-
You should have something in the logs of the openvpn server you created, even if its just showing itself starting, etc. As to the traffic getting to pfsense - simple enough just to sniff the wan interface when your trying to connect from the outside.. Do you see the traffic come in?
-
I've made some progress. After setting up a WAN rule to allow the OpenVPN traffic through I can connect from a remote machine. I get assigned a tunnel IP address. A port scan shows only the remote machine and the PFsense (as 192.168.4.1 and .2). I can get the pfSense login screen.
A further clue is that going to whatismyip.com shows the same IP after connecting as before. Normally the IP changes to the server's address.
There are still no logs of any kind on my pfSense.
Here are the OpenVPN status results:
Fri Sep 22 09:38:20 2017 OpenVPN 2.4.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jul 14 2017
Fri Sep 22 09:38:20 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Fri Sep 22 09:38:20 2017 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Fri Sep 22 09:38:22 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]108.x.x.x:1194
Fri Sep 22 09:38:22 2017 UDP link local (bound): [AF_INET][undef]:0
Fri Sep 22 09:38:22 2017 UDP link remote: [AF_INET]108.x.x.x:1194
Fri Sep 22 09:38:23 2017 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
Fri Sep 22 09:38:23 2017 [xxxxx.com] Peer Connection Initiated with [AF_INET]108.x.x.x:1194
Fri Sep 22 09:38:24 2017 open_tun
Fri Sep 22 09:38:24 2017 TAP-WIN32 device [Ethernet] opened: \.\Global{2973B109-31F9-4ADE-ABA1-36655037C429}.tap
Fri Sep 22 09:38:24 2017 Set TAP-Windows TUN subnet mode network/local/netmask = 192.168.4.0/192.168.4.2/255.255.255.0 [SUCCEEDED]
Fri Sep 22 09:38:24 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.4.2/255.255.255.0 on interface {2973B109-31F9-4ADE-ABA1-36655037C429} [DHCP-serv: 192.168.4.254, lease-time: 31536000]
Fri Sep 22 09:38:24 2017 Successful ARP Flush on interface [4] {2973B109-31F9-4ADE-ABA1-36655037C429}
Fri Sep 22 09:38:24 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Sep 22 09:38:29 2017 Initialization Sequence Completed -
"There are still no logs of any kind on my pfSense."
Nonsense the vpn log would show the client connecting.
I do not see where the client got any routes or set default route, etc. If you want the client to go down the tunnel to get to your network you have to put that in the config - this would be the local network in the gui setup. If you want the client to use the vpn to get to the internet you have to tell the client to use this connection as default. Again right in the gui and part of running the wizard.
-
Thanks! Attached is a screenshot of the logs page.
Do I need to do something to turn them on? I can't find any settings. It seems really odd that there are no logs of anything.
The client seems to have gone down the tunnel and found the network, because it received the 192.168.4.x address, and the pfsense is there too. But the rest of the transaction isn't happening.
I have a laptop that successfully connects through OpenVPN and PfSense to a different network. The configuration files seem pretty much alike.
