Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Issues with OpenVPN on pfSense 2.4.5 <-> Robustel R2000-4L

    OpenVPN
    1
    2
    170
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      breakaway
      last edited by breakaway

      I am trying to connect these two devices (and their networks) with an OpenVPN tunnel.

      If it matters, the pfsense end has publically routable IP and the robustel end is behind CGNAT. I've had a setup like this (albeit between OpenVPN and OpenWRT) working before but this one just won't work. Feeling pretty defeated. If anyone could take a look at my configs & logs below and give me some insights that would be amazing.

      Here is the config on the pfSense end

      cat server3.conf
dev ovpns3
verb 6
dev-type tun
dev-node /dev/tun3
writepid /var/run/openvpn_server3.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp4
cipher AES-128-CBC
auth SHA256
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 80.196.79.35
ifconfig 10.8.0.1 10.8.0.2
lport 1194
management /var/etc/openvpn/server3.sock unix
route 192.168.0.0 255.255.255.0
secret /var/etc/openvpn/server3.secret

      and here's the config at the robustel end:

      # show openvpn all
tunnel {
    id = 1
    enable = true
    desc = TotRDC
    mode = p2p
    tls_mode = none
    route = ""
    push_route = ""
    protocol = udp
    peer_addr = 80.196.79.35
    peer_port = 1194
    listen_ip = ""
    listen_port = 1194
    interface_type = tun
    auth_type = preshared
    username = ""
    password = ""
    local_ip = 10.8.0.2
    remote_ip = 10.8.0.1
    netmask = 255.255.255.0
    ip_pool_enable = false
    ip_pool_start = 10.8.0.5
    ip_pool_end = 10.8.0.254
    client_subnet = 10.8.0.0
    client_netmask = 255.255.255.0
    encryption = aes_128
    authentication = sha256
    reneg_interval = 86400
    max_client_num = 10
    keepalive_interval = 20
    keepalive_timeout = 120
    mtu = 1500
    fragment = ""
    private_key_password = ""
    compress_enable = true
    default_gateway_enable = false
    bridge_with_lan0_enable = true
    nat_enable = true
    dns_override_enable = false
    verbose_level = 6
    hmac_firwall = false
    crl_enable = false
    c2c_enable = false
    dup_client_enable = false
    ip_persist_enable = true
    pkcs12_enable = false
    ns_cert_type_enable = false
    expert = ""
}

      Logs from pfSense:

      Aug 3 17:57:30 	openvpn 	46020 	OpenVPN 2.4.9 amd64-portbld-freebsd11.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on May 4 2020
Aug 3 17:57:30 	openvpn 	46020 	library versions: OpenSSL 1.0.2u-freebsd 20 Dec 2019, LZO 2.10
Aug 3 17:57:30 	openvpn 	46219 	MANAGEMENT: unix domain socket listening on /var/etc/openvpn/server3.sock
Aug 3 17:57:30 	openvpn 	46219 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Aug 3 17:57:30 	openvpn 	46219 	Outgoing Static Key Encryption: Cipher 'AES-128-CBC' initialized with 128 bit key
Aug 3 17:57:30 	openvpn 	46219 	Outgoing Static Key Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Aug 3 17:57:30 	openvpn 	46219 	Incoming Static Key Encryption: Cipher 'AES-128-CBC' initialized with 128 bit key
Aug 3 17:57:30 	openvpn 	46219 	Incoming Static Key Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Aug 3 17:57:30 	openvpn 	46219 	ROUTE_GATEWAY 80.196.74.45/255.255.255.252 IFACE=vmx1 HWADDR=00:0c:29:4c:27:9f
Aug 3 17:57:30 	openvpn 	46219 	TUN/TAP device ovpns3 exists previously, keep at program end
Aug 3 17:57:30 	openvpn 	46219 	TUN/TAP device /dev/tun3 opened
Aug 3 17:57:30 	openvpn 	46219 	do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Aug 3 17:57:30 	openvpn 	46219 	/sbin/ifconfig ovpns3 10.8.0.1 10.8.0.2 mtu 1500 netmask 255.255.255.255 up
Aug 3 17:57:30 	openvpn 	46219 	/usr/local/sbin/ovpn-linkup ovpns3 1500 1572 10.8.0.1 10.8.0.2 init
Aug 3 17:57:30 	openvpn 	46219 	/sbin/route add -net 192.168.0.0 10.8.0.2 255.255.255.0
Aug 3 17:57:30 	openvpn 	46219 	Data Channel MTU parms [ L:1572 D:1450 EF:72 EB:398 ET:0 EL:3 ]
Aug 3 17:57:30 	openvpn 	46219 	Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto UDPv4,ifconfig 10.8.0.2 10.8.0.1,cipher AES-128-CBC,auth SHA256,keysize 128,secret'
Aug 3 17:57:30 	openvpn 	46219 	Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto UDPv4,ifconfig 10.8.0.1 10.8.0.2,cipher AES-128-CBC,auth SHA256,keysize 128,secret'
Aug 3 17:57:30 	openvpn 	46219 	Socket Buffers: R=[42080->42080] S=[57344->57344]
Aug 3 17:57:30 	openvpn 	46219 	UDPv4 link local (bound): [AF_INET]80.196.79.35:1194
Aug 3 17:57:30 	openvpn 	46219 	UDPv4 link remote: [AF_UNSPEC]
Aug 3 17:57:30 	openvpn 	46219 	TUN READ [96]
Aug 3 17:57:30 	openvpn 	46219 	TUN READ [96]
Aug 3 17:57:31 	openvpn 	46219 	TUN READ [76]
Aug 3 17:57:31 	openvpn 	46219 	TUN READ [72]
Aug 3 17:57:33 	openvpn 	46219 	TUN READ [76]
Aug 3 17:58:24 	openvpn 	46219 	MANAGEMENT: Client connected from /var/etc/openvpn/server3.sock
Aug 3 17:58:24 	openvpn 	46219 	MANAGEMENT: CMD 'status 2'
Aug 3 17:58:24 	openvpn 	46219 	MANAGEMENT: CMD 'quit'
Aug 3 17:58:24 	openvpn 	46219 	MANAGEMENT: Client disconnected
Aug 3 17:58:51 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:58:51 	openvpn 	46219 	Peer Connection Initiated with [AF_INET]49.224.231.134:57414
Aug 3 17:58:51 	openvpn 	46219 	TUN WRITE [17]
Aug 3 17:58:52 	openvpn 	46219 	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Aug 3 17:58:52 	openvpn 	46219 	Initialization Sequence Completed
Aug 3 17:59:00 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:00 	openvpn 	46219 	TUN WRITE [17]
Aug 3 17:59:01 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:01 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:11 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:11 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:11 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:11 	openvpn 	46219 	TUN WRITE [18]
Aug 3 17:59:21 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:21 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:21 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:21 	openvpn 	46219 	TUN WRITE [18]
Aug 3 17:59:27 	openvpn 	46219 	MANAGEMENT: Client connected from /var/etc/openvpn/server3.sock
Aug 3 17:59:27 	openvpn 	46219 	MANAGEMENT: CMD 'status 2'
Aug 3 17:59:27 	openvpn 	46219 	MANAGEMENT: CMD 'quit'
Aug 3 17:59:27 	openvpn 	46219 	MANAGEMENT: Client disconnected
Aug 3 17:59:31 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:31 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:31 	openvpn 	46219 	TUN WRITE [18]
Aug 3 17:59:41 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:41 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:41 	openvpn 	46219 	TUN WRITE [18]
Aug 3 17:59:51 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:51 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 17:59:51 	openvpn 	46219 	TUN WRITE [18]
Aug 3 18:00:01 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:00:02 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:00:02 	openvpn 	46219 	TUN WRITE [18]
Aug 3 18:00:11 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:00:12 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:00:12 	openvpn 	46219 	TUN WRITE [18]
Aug 3 18:00:21 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:00:22 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:00:22 	openvpn 	46219 	TUN WRITE [18]
Aug 3 18:00:29 	openvpn 	46219 	MANAGEMENT: Client connected from /var/etc/openvpn/server3.sock
Aug 3 18:00:30 	openvpn 	46219 	MANAGEMENT: CMD 'status 2'
Aug 3 18:00:30 	openvpn 	46219 	MANAGEMENT: CMD 'quit'
Aug 3 18:00:30 	openvpn 	46219 	MANAGEMENT: Client disconnected
Aug 3 18:00:31 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:00:32 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:00:32 	openvpn 	46219 	TUN WRITE [18]
Aug 3 18:00:41 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:00:43 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:00:43 	openvpn 	46219 	TUN WRITE [18]
Aug 3 18:00:51 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:00:52 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:00:52 	openvpn 	46219 	TUN WRITE [18]
Aug 3 18:01:01 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:01:02 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:01:02 	openvpn 	46219 	TUN WRITE [17]
Aug 3 18:01:11 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:01:12 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:01:12 	openvpn 	46219 	TUN WRITE [18]
Aug 3 18:01:21 	openvpn 	46219 	UDPv4 WRITE [80] to [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:01:22 	openvpn 	46219 	UDPv4 READ [80] from [AF_INET]49.224.231.134:57414: DATA len=80
Aug 3 18:01:22 	openvpn 	46219 	TUN WRITE [18]

      Logs from Robustel:

      Jan  1 00:00:45 router user.notice link_manager[807]: OpenVPN configure file create successfully.
Jan  1 00:00:45 router daemon.notice openvpn[1204]: Current Parameter Settings:
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   config = '/etc/openvpn/Tunnel_1/config'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   mode = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   persist_config = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   persist_mode = 1
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   show_ciphers = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   show_digests = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   show_engines = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   genkey = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   key_pass_file = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   show_tls_ciphers = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]: Connection profiles [default]:
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   proto = udp
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   local = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   local_port = 1194
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote = '80.196.79.35'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_port = 1194
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_float = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   bind_defined = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   bind_local = ENABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   connect_retry_seconds = 5
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   connect_timeout = 10
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   connect_retry_max = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   socks_proxy_server = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   socks_proxy_port = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   socks_proxy_retry = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tun_mtu = 1500
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tun_mtu_defined = ENABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   link_mtu = 1500
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   link_mtu_defined = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tun_mtu_extra = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tun_mtu_extra_defined = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   mtu_discover_type = -1
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   fragment = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   mssfix = 1450
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   explicit_exit_notification = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]: Connection profiles END
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_random = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ipchange = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   dev = 'tun1'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   dev_type = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   dev_node = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   lladdr = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   topology = 1
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tun_ipv6 = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_local = '10.8.0.2'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_remote_netmask = '10.8.0.1'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_noexec = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_nowarn = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_ipv6_local = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_ipv6_netbits = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_ipv6_remote = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   shaper = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   mtu_test = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   mlock = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   keepalive_ping = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   keepalive_timeout = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   inactivity_timeout = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ping_send_timeout = 20
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ping_rec_timeout = 120
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ping_rec_timeout_action = 2
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ping_timer_remote = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remap_sigusr1 = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   persist_tun = ENABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   persist_local_ip = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   persist_remote_ip = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   persist_key = ENABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   passtos = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   resolve_retry_seconds = 1000000000
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   username = 'root'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   groupname = 'root'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   chroot_dir = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   cd_dir = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   writepid = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   up_script = '/usr/bin/ovpn_up 1'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   down_script = '/usr/bin/ovpn_down 1'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   down_pre = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   up_restart = ENABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   up_delay = ENABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   daemon = ENABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   inetd = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   log = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   suppress_timestamps = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   nice = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   verbosity = 6
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   mute = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   status_file = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   status_file_version = 1
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   status_file_update_freq = 60
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   occ = ENABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   rcvbuf = 65536
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   sndbuf = 65536
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   mark = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   sockflags = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   fast_io = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   lzo = 7
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   route_script = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   route_default_gateway = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   route_default_metric = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   route_noexec = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   route_delay = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   route_delay_window = 30
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   route_delay_defined = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   route_nopull = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   route_gateway_via_dhcp = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   max_routes = 100
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   allow_pull_fqdn = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   management_addr = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   management_port = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   management_user_pass = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   management_log_history_cache = 250
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   management_echo_buffer_size = 100
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   management_write_peer_info_file = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   management_client_user = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   management_client_group = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   management_flags = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   shared_secret_file = '/tmp/openvpn/Tunnel_1/pre-share.key'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   key_direction = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ciphername_defined = ENABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ciphername = 'AES-128-CBC'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   authname_defined = ENABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   authname = 'SHA256'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   prng_hash = 'SHA1'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   prng_nonce_secret_len = 16
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   keysize = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   engine = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   replay = ENABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   mute_replay_warnings = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   replay_window = 64
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   replay_time = 15
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   packet_id_file = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   use_iv = ENABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   test_crypto = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tls_server = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tls_client = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   key_method = 2
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ca_file = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ca_path = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   dh_file = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   cert_file = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   priv_key_file = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   pkcs12_file = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   cipher_list = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tls_verify = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tls_export_cert = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   verify_x509_type = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   verify_x509_name = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   crl_file = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ns_cert_type = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_ku[i] = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   remote_cert_eku = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ssl_flags = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tls_timeout = 2
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   renegotiate_bytes = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   renegotiate_packets = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   renegotiate_seconds = 3600
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   handshake_window = 60
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   transition_window = 3600
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   single_session = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   push_peer_info = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tls_exit = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tls_auth_file = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   server_network = 0.0.0.0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   server_netmask = 0.0.0.0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   server_network_ipv6 = ::
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   server_netbits_ipv6 = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   server_bridge_ip = 0.0.0.0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   server_bridge_netmask = 0.0.0.0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   server_bridge_pool_start = 0.0.0.0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   server_bridge_pool_end = 0.0.0.0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_pool_defined = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_pool_start = 0.0.0.0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_pool_end = 0.0.0.0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_pool_netmask = 0.0.0.0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_pool_persist_filename = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_pool_persist_refresh_freq = 600
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_ipv6_pool_defined = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_ipv6_pool_base = ::
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ifconfig_ipv6_pool_netbits = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   n_bcast_buf = 256
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tcp_queue_limit = 64
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   real_hash_size = 256
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   virtual_hash_size = 256
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   client_connect_script = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   learn_address_script = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   client_disconnect_script = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   client_config_dir = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   ccd_exclusive = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   tmp_dir = '/tmp'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   push_ifconfig_defined = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   push_ifconfig_local = 0.0.0.0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   push_ifconfig_remote_netmask = 0.0.0.0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   push_ifconfig_ipv6_defined = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   push_ifconfig_ipv6_local = ::/0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   push_ifconfig_ipv6_remote = ::
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   enable_c2c = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   duplicate_cn = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   cf_max = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   cf_per = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   max_clients = 1024
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   max_routes_per_client = 256
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   auth_user_pass_verify_script = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   auth_user_pass_verify_script_via_file = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   port_share_host = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   port_share_port = 0
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   client = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   pull = DISABLED
Jan  1 00:00:45 router daemon.notice openvpn[1204]:   auth_user_pass_file = '[UNDEF]'
Jan  1 00:00:45 router daemon.notice openvpn[1204]: OpenVPN 2.3.8 mips-ar9341-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [IPv6] built on Nov 22 2019
Jan  1 00:00:45 router daemon.notice openvpn[1204]: library versions: OpenSSL 1.0.1j 15 Oct 2014, LZO 2.09
Jan  1 00:00:45 router daemon.warn openvpn[1205]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jan  1 00:00:45 router user.notice link_manager[807]: OpenVPN Tunnel_1 started
Jan  1 00:00:45 router daemon.notice openvpn[1205]: Static Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jan  1 00:00:45 router daemon.notice openvpn[1205]: Static Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Jan  1 00:00:45 router daemon.notice openvpn[1205]: Static Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jan  1 00:00:45 router daemon.notice openvpn[1205]: Static Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Jan  1 00:00:45 router daemon.notice openvpn[1205]: LZO compression initialized
Jan  1 00:00:45 router daemon.notice openvpn[1205]: Socket Buffers: R=[163840->131072] S=[163840->131072]
Jan  1 00:00:45 router daemon.notice openvpn[1205]: Data Channel MTU parms [ L:1573 D:1450 EF:73 EB:143 ET:0 EL:3 AF:3/1 ]
Jan  1 00:00:45 router daemon.notice openvpn[1205]: Local Options String: 'V4,dev-type tun,link-mtu 1573,tun-mtu 1500,proto UDPv4,ifconfig 10.8.0.1 10.8.0.2,comp-lzo,cipher AES-128-CBC,auth SHA256,keysize 128,secret'
Jan  1 00:00:45 router daemon.notice openvpn[1205]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1573,tun-mtu 1500,proto UDPv4,ifconfig 10.8.0.2 10.8.0.1,comp-lzo,cipher AES-128-CBC,auth SHA256,keysize 128,secret'
Jan  1 00:00:45 router daemon.notice openvpn[1205]: Local Options hash (VER=V4): '6fd1c528'
Jan  1 00:00:45 router daemon.notice openvpn[1205]: Expected Remote Options hash (VER=V4): '994ff23c'
Jan  1 00:00:45 router daemon.notice openvpn[1205]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Jan  1 00:00:45 router daemon.notice openvpn[1205]: UDPv4 link local (bound): [undef]
Jan  1 00:00:45 router daemon.notice openvpn[1205]: UDPv4 link remote: [AF_INET]80.196.79.35:1194
Jan  1 00:00:45 router daemon.notice openvpn[1205]: UDPv4 WRITE [80] to [AF_INET]80.196.79.35:1194:  DATA len=80
Aug  3 17:58:58 router daemon.notice openvpn[1205]: Inactivity timeout (--ping-restart), restarting
Aug  3 17:58:58 router daemon.notice openvpn[1205]: TCP/UDP: Closing socket
Aug  3 17:58:58 router daemon.notice openvpn[1205]: SIGUSR1[soft,ping-restart] received, process restarting
Aug  3 17:58:58 router daemon.notice openvpn[1205]: Restart pause, 2 second(s)
Aug  3 17:59:00 router daemon.warn openvpn[1205]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Aug  3 17:59:00 router daemon.notice openvpn[1205]: Re-using pre-shared static key
Aug  3 17:59:00 router daemon.notice openvpn[1205]: LZO compression initialized
Aug  3 17:59:00 router daemon.notice openvpn[1205]: Socket Buffers: R=[163840->131072] S=[163840->131072]
Aug  3 17:59:00 router daemon.notice openvpn[1205]: Data Channel MTU parms [ L:1573 D:1450 EF:73 EB:143 ET:0 EL:3 AF:3/1 ]
Aug  3 17:59:00 router daemon.notice openvpn[1205]: Local Options String: 'V4,dev-type tun,link-mtu 1573,tun-mtu 1500,proto UDPv4,ifconfig 10.8.0.1 10.8.0.2,comp-lzo,cipher AES-128-CBC,auth SHA256,keysize 128,secret'
Aug  3 17:59:00 router daemon.notice openvpn[1205]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1573,tun-mtu 1500,proto UDPv4,ifconfig 10.8.0.2 10.8.0.1,comp-lzo,cipher AES-128-CBC,auth SHA256,keysize 128,secret'
Aug  3 17:59:00 router daemon.notice openvpn[1205]: Local Options hash (VER=V4): '6fd1c528'
Aug  3 17:59:00 router daemon.notice openvpn[1205]: Expected Remote Options hash (VER=V4): '994ff23c'
Aug  3 17:59:00 router daemon.notice openvpn[1205]: UDPv4 link local (bound): [undef]
Aug  3 17:59:00 router daemon.notice openvpn[1205]: UDPv4 link remote: [AF_INET]80.196.79.35:1194
Aug  3 17:59:00 router daemon.notice openvpn[1205]: UDPv4 WRITE [80] to [AF_INET]80.196.79.35:1194:  DATA len=80
Aug  3 17:59:01 router daemon.notice openvpn[1205]: UDPv4 READ [80] from [AF_INET]80.196.79.35:1194:  DATA len=80
Aug  3 17:59:01 router daemon.notice openvpn[1205]: UDPv4 READ [80] from [AF_INET]80.196.79.35:1194:  DATA len=80
Aug  3 17:59:11 router daemon.notice openvpn[1205]: UDPv4 WRITE [80] to [AF_INET]80.196.79.35:1194:  DATA len=80
Aug  3 17:59:11 router daemon.notice openvpn[1205]: UDPv4 READ [80] from [AF_INET]80.196.79.35:1194:  DATA len=80
Aug  3 17:59:11 router daemon.notice openvpn[1205]: UDPv4 READ [80] from [AF_INET]80.196.79.35:1194:  DATA len=80
Aug  3 17:59:21 router daemon.notice openvpn[1205]: UDPv4 WRITE [80] to [AF_INET]80.196.79.35:1194:  DATA len=80
Aug  3 17:59:21 router daemon.notice openvpn[1205]: UDPv4 READ [80] from [AF_INET]80.196.79.35:1194:  DATA len=80
Aug  3 17:59:21 router daemon.notice openvpn[1205]: UDPv4 READ [80] from [AF_INET]80.196.79.35:1194:  DATA len=80
Aug  3 17:59:31 router daemon.notice openvpn[1205]: UDPv4 WRITE [80] to [AF_INET]80.196.79.35:1194:  DATA len=80
Aug  3 17:59:31 router daemon.notice openvpn[1205]: UDPv4 READ [80] from [AF_INET]80.196.79.35:1194:  DATA len=80
      1 Reply Last reply Reply Quote 0
      • B
        breakaway
        last edited by

        Ok this is "solved", if you can call it that. I gave up trying to get OpenVPN running on the Robustel. I instead used a OpenWRT based router to connect to the very same pfSense, had it working in under 10 minutes.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.