RDP wont work on FullTAP?
-
First off, thanks for your tips @Milkwyrm !
Second, I tried allowing remote desktop through group policy, AND turning windows firewall off - both gave me no luck. Turns out I cant RDP into a windows 10 computer either, which makes me think that this might be a OpenVPN issue?
I don't know if this means anything but I do get this log error when connecting into OpenVPN:
TLS Error: local/remote TLS keys are out of sync: my ip
TLS Error: local/remote TLS keys are out of sync: my ip
TLS Error: local/remote TLS keys are out of sync: my ip -
Looks like you are not connecting and have no routing at all.
Not really an RDP issue -
-
seems to be a fairly common issue.
https://forum.netgate.com/topic/113174/tls-error-local-remote-tls-keys-are-out-of-synchttps://www.google.com/search?q=TLS+Error%3A+local%2Fremote+TLS+keys+are+out+of+sync&ie=utf-8&oe=utf-8&client=firefox-b
You might want to start over. I always try to find at least 3 articles/how-to's for any setup I'm not experienced with and cheery pick the parts that are common between them to figure it out. My primary PFsense unit runs 13 IPSEC site-to-site tunnels and 2 Ovpn client/server instances and one Ovpn site-to-site without issue from day one, so it's definitely a rock solid solution once you figure it out.
-
@milkwyrm reconfigured my server, created new users and that TLS thing is gone, and I connect to the network with no problems now, I can browse the internet and sign into pfsense gui.
However, still cannot ping anything on the network
-
@profit i want to mention im not on a different subnet either, im actually bridged onto the LAN. Is this the moment where i post my config file in here?
-
Is there a particular reason you have for using a bridged network? I'm guessing from the first post this is a road warrior vpn rather than a static site to site connection.
Are you using local Auth, or AD for your users.
can you post the config for both ends (minus any sensitive info). -
@Milkwyrm No particular reason. Am using local auth.
verb 1 dev-type tap dev-node /dev/tap1 writepid /var/run/openvpn_server1.pid #user nobody #group nobody script-security 3 daemon keepalive 10 60 ping-timer-rem persist-tun persist-key proto udp4 cipher AES-128-CBC auth SHA1 up /usr/local/sbin/ovpn-linkup down /usr/local/sbin/ovpn-linkdown client-connect /usr/local/sbin/openvpn.attributes.sh client-disconnect /usr/local/sbin/openvpn.attributes.sh local x.x.x.x engine rdrand tls-server mode server push "route-gateway 10.0.1.1" username-as-common-name auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user TG9jYWwgRGF0YWJhc2U= false server1 1194" via-env tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'ServerCert' 1" lport 1194 management /var/etc/openvpn/server1.sock unix push "redirect-gateway def1" client-to-client ca /var/etc/openvpn/server1.ca cert /var/etc/openvpn/server1.cert key /var/etc/openvpn/server1.key dh /etc/dh-parameters.2048 tls-auth /var/etc/openvpn/server1.tls-auth 0 ncp-ciphers AES-256-GCM:AES-128-GCM fast-iojava< -
Forget RDP not working, I'm having trouble connected to a mapped network drive at the office...
-
Have you set up your routing?
It is possible to have an openvpn connection but no routing. -
I've got a really stupid question but have you rebooted your pfSense box (on both ends if it's site-to-site). I had some trouble last week getting an OpenVPN connection set up. I've done it so many times I can't remember. I even wrote myself a step by step tutorial a few months ago just in case. But no matter how many times I reset everything and started over I couldn't ping the other side. Even tried resetting the firewall states after re-configuring.
I rebooted the pfSense boxes on both ends and BAM! It worked fine.
Last thought, you've got the firewall rules in pfSense, right?
