VPN can't connect after fresh install
-
Hello, I had to reinstall my PFSense box, and ever since I did, I can't get computers to connect to the vpn. I have re-ran through the openvpn wizard and reset it up and issued new certificates and everything via the client export and no one can still connect. any one have any ideas?
it ran perfectly till I did the re-install
-
Here is a screen shot of what happens. it tries to connect but just sits there till it times out.
-
Update your Windows client first with the latest release: https://swupdate.openvpn.org/community/releases/openvpn-install-2.4.9-I601-Win10.exe
Uninstall 2.4.7, Reboot
Install 2.4.9, Reboot and try again.-Rico
-
Hello, that didn't work. its acting like its not even getting past the firewall, even though the rules are there.
-
@anwoke8204
there is nothing listening on port 1194, is the server running? is the firewall rule on place on the wan interface?
there is nothing under Status / System Logs / OpenVPN ? -
Well that 98.202 IP doesn't answer ping, nor does a connection with nc on udp 1194 show any return traffic.
So with no connectivity to 1194, going to be a bit impossible for openvpn to work.
Well that might no return anything.. If your using tls-auth - doh!! I would sniff on pfsense while your trying to connect, do you see the traffic?
-
remind me again how I check to see if its running? sorry not completly awake yet
-
Is the service running?
Do a packet capture on your wan for udp port 1194 to see if you get traffic.
-
openvpn says its running
-
Well then sniff... Takes all of 10 seconds to do.. You can not connect to openvpn if pfsense never sees the traffic.
-
is there a way to do a packet capture from within pfsense?
-
Yes under diagnostic..
Did you update your client config after reinstall.. Your IP could of changed? Or if using tls-auth the packets would get dropped before anything when the hmac doesn't match, etc.
-
IP is the same for now, and packet capture came back empty
-
@anwoke8204 said in VPN can't connect after fresh install:
packet capture came back empty
Well then how you would you connect!
If pfsense does not see the traffic!! Mean you have something in front of pfsense that blocking 1194 UDP if you did not see any traffic on pfsense wan.