Capturing packets but not making connection
-
Blow away what you have, try again with the wizard. Make sure for Compression you choose Adaptive LZO Compression [Legacy style, comp-lzo adaptive]. If it still isn't working for you, post screenshots of your OpenVPN Server config.
-
No luck. Here is the configuration.
-
You can post images here directly btw. Upload Image button on the far-right of the Edit bar.
You haven't specified a local network (the field seems to be missing entirely for some reason in your screenshot), and you have nothing for NCP Algorithms.
You need to specify the local network that VPN users will have access to.
Another thing: IIRC, the Windows-based OpenVPN client must be run in Administrator mode or it will not properly update the routing table, although it appears to work and connects, but no traffic flows.
-
Yea sorry about that. I tried to post it directly here but it said it was too big.
For some reason when I check "Redirect IPv4 Gateway" under Tunnel Settings, the "IPv4 local network(s)" field goes away. I unchecked that and set the local network to be my lan and still nothing
-
OK thanks, I had no idea that the local network setting disappears when you force all through the gateway. I would try following the wizard exactly and then changing settings only after you know it's working.
Have you verified that WAN has an allow rule for udp/1194, and that the OpenVPN interface has an allow all rule? Your tunnel network of 192.168.70.0/24 definitely does not overlap with LAN? What about the NCP settings I mentioned? And how are you testing this exactly? Via your phone with an OpenVPN client?
-
Wan and the OpenVPN interface both have the rules described. The tunnel network doesn't overlap with any of my other interfaces. I added all of the NCP Algorithm options. And yes testing via my phone.
-
Anything in the OpenVPN or System log? You may have to increase the verbosity level of the OpenVPN Server log.
Just to confirm, you're saying that you have two routers: your main router is pfSense, and you have some other router behind it. pfSense is your WAN connection, correct?
https://docs.netgate.com/pfsense/en/latest/book/openvpn/troubleshooting-openvpn.html
-
Nothing in there. Increased the verbosity level. Will try to grab some logs.
Yep the wan goes into pfsense and the other routers wan is pfsense.
No luck with all of the stuff in the troubleshooting guide.
-
Any possibility it's an issue with the client? I've done this many times and it usually just works.
-
I doubt it. I am using the client export tool and moving it straight to my phone and into openvpn connect.
That's what so frustrating about this, I have this super odd scenario that no one has ever been in because it always seems to just work for them so there is like no one who understands whats going on.
-
But it's not that odd. Forget the other router since it's not involved here. Is thee literally anything in the log that even shows the connection attempt? If not, try doing a packet capture on WAN for that traffic and see if your client even hits it.
-
Not seeing anything in the log. Did a packet capture and I am seeing my phones wan ip on port 1194
-
Hmm. All I can think of at this point is to try it with a different client just to rule that out.
