Unable to get Openvpn 2.4.6 to work on pfsense 2.4.4

adwsail

I recently upgraded my old pfsense to 2.4.4. All seemed well but despite following an OpenVPN set up tutorial repeatedly it simply will not work. The VPN connects, asks for and accepts my user name and pw, and just sits there. I can ping 8.8.8.8 but not www.yahoo.com. There are NO new routes added nor are any rules added to allow the vpn in pfsense despite checking both firewall rule boxes in the wizard. I am also seeing the notorious HMAC failure. Despite 3 days of trying and years of using openvpn I am stumped. Is there a tutorial for setting up openvpn 2.4.6 in pfsense 2.4.4 that actually works AND shows sample rule sets??? Thank any and all for any assistance or reference.

JKnott

If you can ping 8.8.8.8, but not www.yahoo.com, it's a DNS issue, rather than routing. Ensure DNS is configured properly. As an experiement, you can use 8.8.8.8 as the DNS server for the remote devices.

adwsail

@jknott that’s what I have concluded as well. But I don’t know enough to know how to fix it. There was no place in the setup that even mentioned setting up a dns server or the vpn gateway. My internal net is 192.168.64.0, my internal vpn net is 10.100.10.0. I have 75.75.75.75, 8.8.8.8 and 4.2.2.1 set in System-General Setup as my dns servers. Gateway for internal local is 192.168.64.1. External ip x.x.x.4. Ifconfig shows a 10.100.10.2 connection on eth0 and 192.168.64.28 on WiFi.

There is no vpn gateway showing, HMAC fails, and dns still is not working. Where do you set the vpn dns servers and where do you set the vpn gateway? What should the ip of the vpn gateway look like? A local address? External address? Vpn address?

johnpoz

What tutorial did you use? Setting up openvpn road warrior is really as simple as running through the wizard.. Are you trying to setup pfsense as a client to some vpn service? If so which one..

adwsail

This is the main tutorial I initially used: https://chrislazari.com/pfsense-setting-up-openvpn-on-pfsense-2-4/

Thanks Johnpoz, all I am wanting to do is connect to my own vpn server from wherever I am with my laptop, iphone or ipad. Mainly I want to dodge iffy public wifi. While I dont use public wifi very often I am taking a backpacking trip and will need to access maps on my home computer from unknown wifi hot spots and I need that connection to be secured.

JKnott

@adwsail said in Unable to get Openvpn 2.4.6 to work on pfsense 2.4.4:

@jknott that’s what I have concluded as well. But I don’t know enough to know how to fix it. There was no place in the setup that even mentioned setting up a dns server or the vpn gateway.

You don't set up DNS on the VPN. You do it on the client or DHCP server config.

JKnott

@jknott said in Unable to get Openvpn 2.4.6 to work on pfsense 2.4.4:

You don't set up DNS on the VPN. You do it on the client or DHCP server config.

My mistake, there is a setting on the server config, under Advanced Client Settings.