file xxxxx.ovpn

trazom

my pfSense computer is connected to my LAN at address 192.168.0.1 and connected to my WAN ADSL box at 192.168.1.30
this box is connected to internet at 82.xxx.xxx.xxx

stephenw10

Ok so do you have port 1194 forwarded through the ADSL router to pfSense?

Without that the ADSL router will just block all the traffic from your OpenVPN client.

Steve

trazom

i have set up redirection but i have always the error at connection :

openvpn --config xxxxxxx.ovpn
Mon Mar 11 16:55:02 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]82.240.100.49:1194
Mon Mar 11 16:55:02 2019 UDP link local (bound): [AF_INET][undef]:1194
Mon Mar 11 16:55:02 2019 UDP link remote: [AF_INET]82.240.100.49:1194
Mon Mar 11 16:56:02 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Mar 11 16:56:02 2019 TLS Error: TLS handshake failed
Mon Mar 11 16:56:02 2019 SIGUSR1[soft,tls-error] received, process restarting

Rico

Packet Capture pfSense WAN to check if the OpenVPN traffic hit pfSense or not: https://forum.netgate.com/topic/140842/openvpn-without-wan-vpn-provider/4

-Rico

stephenw10

Yes, your client is just showing the connection times out. It never sees and reply from the server.

Most likely that traffic is never reaching the server.

Steve

trazom

here is my connexion:

[root@dell-centos pfSense]# openvpn --config pfSense-UDP4-1194-UserVPN-config.ovpn
Tue Mar 12 11:31:45 2019 OpenVPN 2.4.6 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 26 2018
Tue Mar 12 11:31:45 2019 library versions: OpenSSL 1.0.2k-fips 26 Jan 2017, LZO 2.06
Tue Mar 12 11:31:45 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]82.240.100.49:1194
Tue Mar 12 11:31:45 2019 UDP link local (bound): [AF_INET][undef]:1194
Tue Mar 12 11:31:45 2019 UDP link remote: [AF_INET]82.240.100.49:1194
Tue Mar 12 11:31:46 2019 [Server-Certificate] Peer Connection Initiated with [AF_INET]82.240.100.49:1194
Tue Mar 12 11:31:47 2019 TUN/TAP device tun0 opened
Tue Mar 12 11:31:47 2019 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Tue Mar 12 11:31:47 2019 /sbin/ip link set dev tun0 up mtu 1500
Tue Mar 12 11:31:47 2019 /sbin/ip addr add dev tun0 10.0.8.2/24 broadcast 10.0.8.255
Tue Mar 12 11:31:47 2019 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Mar 12 11:31:47 2019 Initialization Sequence Completed

He He, it's seeming to work!!!
Thanks for your help

Rico

And what did you change to get it working?

-Rico

trazom

This post is deleted!

trazom

it was the redirection port on my ADSL router

stephenw10

Cool, glad you got it working.

Steve