Can't get n2n up and running
-
Hi there,
I have a pfSEnse OVPN instance running fine for years. Now I was going to add a new net-2-net connection betwee two up-to-date pfSense boxes through OpenVPN pre-shared-key.
But the tunnel does not get up. I increased loglevel already to 5 but I do not see why it is not working. Do you guys have any clue?
Jan 30 23:11:31 openvpn 47580 UDPv4 link local (bound): [AF_INET]192.168.178.2:1194 Jan 30 23:11:31 openvpn 47580 Socket Buffers: R=[42080->524288] S=[57344->524288] Jan 30 23:11:31 openvpn 47580 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1573,tun-mtu 1500,proto UDPv4,ifconfig 10.200.1.1 10.200.1.2,comp-lzo,cipher AES-128-CBC,auth SHA256,keysize 128,secret' Jan 30 23:11:31 openvpn 47580 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1573,tun-mtu 1500,proto UDPv4,ifconfig 10.200.1.2 10.200.1.1,comp-lzo,cipher AES-128-CBC,auth SHA256,keysize 128,secret' Jan 30 23:11:31 openvpn 47580 Data Channel MTU parms [ L:1573 D:1450 EF:73 EB:398 ET:0 EL:3 ] Jan 30 23:11:31 openvpn 47580 /sbin/route add -net 192.168.9.0 10.200.1.2 255.255.255.0 Jan 30 23:11:31 openvpn 47580 /usr/local/sbin/ovpn-linkup ovpns4 1500 1573 10.200.1.1 10.200.1.2 init Jan 30 23:11:31 openvpn 47580 /sbin/ifconfig ovpns4 10.200.1.1 10.200.1.2 mtu 1500 netmask 255.255.255.255 up Jan 30 23:11:31 openvpn 47580 do_ifconfig, tt->did_ifconfig_ipv6_setup=0 Jan 30 23:11:31 openvpn 47580 TUN/TAP device /dev/tun4 opened Jan 30 23:11:31 openvpn 47580 TUN/TAP device ovpns4 exists previously, keep at program end Jan 30 23:11:31 openvpn 47580 ROUTE_GATEWAY 192.168.178.1/255.255.255.0 IFACE=re1 HWADDR=90:1b:0e:e6:a9:c3 Jan 30 23:11:31 openvpn 47580 LZO compression initializing Jan 30 23:11:31 openvpn 47580 Incoming Static Key Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication Jan 30 23:11:31 openvpn 47580 Incoming Static Key Encryption: Cipher 'AES-128-CBC' initialized with 128 bit key Jan 30 23:11:31 openvpn 47580 Outgoing Static Key Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication Jan 30 23:11:31 openvpn 47580 Outgoing Static Key Encryption: Cipher 'AES-128-CBC' initialized with 128 bit key Jan 30 23:11:31 openvpn 47580 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Jan 30 23:11:31 openvpn 47580 MANAGEMENT: unix domain socket listening on /var/etc/openvpn/server4.sock Jan 30 23:11:31 openvpn 47415 library versions: OpenSSL 1.0.2o-freebsd 27 Mar 2018, LZO 2.10 Jan 30 23:11:31 openvpn 47415 OpenVPN 2.4.6 amd64-portbld-freebsd11.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Oct 3 2018 Jan 30 23:11:31 openvpn 47415 auth_user_pass_file = '[UNDEF]' Jan 30 23:11:31 openvpn 47415 pull = DISABLED Jan 30 23:11:31 openvpn 47415 client = DISABLED Jan 30 23:11:31 openvpn 47415 port_share_port = '[UNDEF]' Jan 30 23:11:31 openvpn 47415 port_share_host = '[UNDEF]' Jan 30 23:11:31 openvpn 47415 auth_token_lifetime = 0 Jan 30 23:11:31 openvpn 47415 auth_token_generate = DISABLED Jan 30 23:11:31 openvpn 47415 auth_user_pass_verify_script_via_file = DISABLED Jan 30 23:11:31 openvpn 47415 auth_user_pass_verify_script = '[UNDEF]' Jan 30 23:11:31 openvpn 47415 max_routes_per_client = 256 Jan 30 23:11:31 openvpn 47415 max_clients = 2 Jan 30 23:11:31 openvpn 47415 cf_per = 0 Jan 30 23:11:31 openvpn 47415 cf_max = 0 Jan 30 23:11:31 openvpn 47415 duplicate_cn = DISABLED Jan 30 23:11:31 openvpn 47415 enable_c2c = DISABLED Jan 30 23:11:31 openvpn 47415 push_ifconfig_ipv6_remote = :: Jan 30 23:11:31 openvpn 47415 push_ifconfig_ipv6_local = ::/0 Jan 30 23:11:31 openvpn 47415 push_ifconfig_ipv6_defined = DISABLED Jan 30 23:11:31 openvpn 47415 push_ifconfig_remote_netmask = 0.0.0.0 Jan 30 23:11:31 openvpn 47415 push_ifconfig_local = 0.0.0.0 Jan 30 23:11:31 openvpn 47415 push_ifconfig_defined = DISABLED Jan 30 23:11:31 openvpn 47415 tmp_dir = '/tmp' Jan 30 23:11:31 openvpn 47415 ccd_exclusive = DISABLED Jan 30 23:11:31 openvpn 47415 client_config_dir = '[UNDEF]' Jan 30 23:11:31 openvpn 47415 client_disconnect_script = '[UNDEF]' Jan 30 23:11:31 openvpn 47415 learn_address_script = '[UNDEF]' Jan 30 23:11:31 openvpn 47415 client_connect_script = '[UNDEF]' Jan 30 23:11:31 openvpn 47415 virtual_hash_size = 256 Jan 30 23:11:31 openvpn 47415 real_hash_size = 256 Jan 30 23:11:31 openvpn 47415 tcp_queue_limit = 64 Jan 30 23:11:31 openvpn 47415 n_bcast_buf = 256 Jan 30 23:11:31 openvpn 47415 ifconfig_ipv6_pool_netbits = 0 Jan 30 23:11:31 openvpn 47415 ifconfig_ipv6_pool_base = :: ``` Thanks /KNEBB
-
Forget everything- even though the remote networks field was entered and displayed properly I re-typed the values there on both sides.
And -whooops- network connected proerply.
Just for reference.
/KNEBB