Sendto error: 55
-
The manual suggested to contact the forum for help in diagnosing this type of error. I am a home user, and wanted to create a VPN to watch TV in the UK. I have a ubuntu 20.04 desktop, with 4 ethernet ports. (1port for local home network, 2 ports for pFsense. Virtualised pfSense, without setting up the VPN, and got it to "work" sort of...
Could browse the internet with acceptable results and pings from pFsense were in the order of 16mS.
Set up a VPN to London and the gateway now reports sendto Error: 55.
If I redirect traffic to the VPN (by changing the firewall rules) then internet traffic effectively times out.
Checking the status of the gateways the WAN DHCP and WAN_DHCP6 are online with 0% loss, the VPN to London is offline with 48% loss, and RTT in the order of 2000mS.
Not trying anything 'fancy' just want to redirect all incoming ip4 traffic to the VPN.I am sure the issue is associated with the configuration of the VPN and gateway, within pFsense but do not understand enough where to look next.
I used the documentation from https://support.strongvpn.com/hc/en-us/articles/360038592794-pfsense-openVPN-setup-tutorial.
this is the file downloaded from Diagnostics/Backup&Restore/ Config History<?xml version="1.0"?> <pfsense> <version>19.1</version> <lastchange></lastchange> <system> <optimization>normal</optimization> <hostname>pfSense</hostname> <domain>localdomain</domain> <dnsallowoverride>on</dnsallowoverride> <group> <name>all</name> <description><![CDATA[All Users]]></description> <scope>system</scope> <gid>1998</gid> <member>0</member> </group> <group> <name>admins</name> <description><![CDATA[System Administrators]]></description> <scope>system</scope> <gid>1999</gid> <member>0</member> <priv>page-all</priv> </group> <user> <name>admin</name> <descr><![CDATA[System Administrator]]></descr> <scope>system</scope> <groupname>admins</groupname> <bcrypt-hash>$2b$10$13u6qwCOwODv34GyCMgdWub6oQF3RX0rG7c3d3X4JvzuEmAXLYDd2</bcrypt-hash> <uid>0</uid> <priv>user-shell-access</priv> </user> <nextuid>2000</nextuid> <nextgid>2000</nextgid> <timeservers>2.pfsense.pool.ntp.org</timeservers> <webgui> <protocol>http</protocol> <loginautocomplete></loginautocomplete> <ssl-certref>60191cf6f006b</ssl-certref> <althostnames></althostnames> <dashboardcolumns>2</dashboardcolumns> </webgui> <disablenatreflection>yes</disablenatreflection> <disablesegmentationoffloading></disablesegmentationoffloading> <disablelargereceiveoffloading></disablelargereceiveoffloading> <ipv6allow></ipv6allow> <maximumtableentries>400000</maximumtableentries> <powerd_ac_mode>hadp</powerd_ac_mode> <powerd_battery_mode>hadp</powerd_battery_mode> <powerd_normal_mode>hadp</powerd_normal_mode> <bogons> <interval>monthly</interval> </bogons> <already_run_config_upgrade></already_run_config_upgrade> <timezone>Pacific/Auckland</timezone> </system> <interfaces> <wan> <enable></enable> <if>em0</if> <ipaddr>dhcp</ipaddr> <ipaddrv6>dhcp6</ipaddrv6> <gateway></gateway> <blockpriv>on</blockpriv> <blockbogons>on</blockbogons> <media></media> <mediaopt></mediaopt> <dhcp6-duid></dhcp6-duid> <dhcp6-ia-pd-len>0</dhcp6-ia-pd-len> </wan> <lan> <enable></enable> <if>em1</if> <ipaddr>192.168.10.100</ipaddr> <subnet>24</subnet> <ipaddrv6></ipaddrv6> <subnetv6></subnetv6> <media></media> <mediaopt></mediaopt> <track6-interface>wan</track6-interface> <track6-prefix-id>0</track6-prefix-id> <gateway></gateway> <gatewayv6></gatewayv6> </lan> <opt1> <descr><![CDATA[OPT_London]]></descr> <if>ovpnc1</if> <enable></enable> <spoofmac></spoofmac> </opt1> </interfaces> <staticroutes></staticroutes> <dhcpd> <lan> <enable></enable> <range> <from>192.168.10.150</from> <to>192.168.10.199</to> </range> </lan> </dhcpd> <dhcpdv6> <lan> <range> <from>::1000</from> <to>::2000</to> </range> <ramode>assist</ramode> <rapriority>medium</rapriority> </lan> </dhcpdv6> <snmpd> <syslocation></syslocation> <syscontact></syscontact> <rocommunity>public</rocommunity> </snmpd> <diag> <ipv6nat> <ipaddr></ipaddr> </ipv6nat> </diag> <syslog> <filterdescriptions>1</filterdescriptions> </syslog> <nat> <outbound> <mode>advanced</mode> <rule> <source> <network>127.0.0.0/8</network> </source> <sourceport></sourceport> <descr><![CDATA[Auto created rule for ISAKMP - localhost to VPN_London]]></descr> <target></target> <targetip></targetip> <targetip_subnet></targetip_subnet> <interface>opt1</interface> <poolopts></poolopts> <source_hash_key></source_hash_key> <staticnatport></staticnatport> <ipprotocol>inet</ipprotocol> <destination> <any></any> </destination> <dstport>500</dstport> <created> <time>1612426586</time> <username><![CDATA[Manual Outbound NAT Switch]]></username> </created> <updated> <time>1612427361</time> <username><![CDATA[admin@192.168.10.151 (Local Database)]]></username> </updated> </rule> <rule> <interface>wan</interface> <source> <network>127.0.0.0/8</network> </source> <sourceport></sourceport> <target></target> <destination> <any></any> </destination> <natport></natport> <descr><![CDATA[Auto created rule - localhost to WAN]]></descr> <created> <time>1612426586</time> <username><![CDATA[Manual Outbound NAT Switch]]></username> </created> </rule> <rule> <source> <network>::1/128</network> </source> <sourceport></sourceport> <descr><![CDATA[Auto created rule for ISAKMP - localhost to VPN_London]]></descr> <target></target> <targetip></targetip> <targetip_subnet></targetip_subnet> <interface>opt1</interface> <poolopts></poolopts> <source_hash_key></source_hash_key> <staticnatport></staticnatport> <ipprotocol>inet</ipprotocol> <destination> <any></any> </destination> <dstport>500</dstport> <created> <time>1612426586</time> <username><![CDATA[Manual Outbound NAT Switch]]></username> </created> <updated> <time>1612427391</time> <username><![CDATA[admin@192.168.10.151 (Local Database)]]></username> </updated> </rule> <rule> <interface>wan</interface> <source> <network>::1/128</network> </source> <sourceport></sourceport> <target></target> <destination> <any></any> </destination> <natport></natport> <descr><![CDATA[Auto created rule - localhost to WAN]]></descr> <created> <time>1612426586</time> <username><![CDATA[Manual Outbound NAT Switch]]></username> </created> </rule> <rule> <source> <network>192.168.10.0/24</network> </source> <sourceport></sourceport> <descr><![CDATA[Auto created rule for ISAKMP - LAN to VPN_London]]></descr> <target></target> <targetip></targetip> <targetip_subnet></targetip_subnet> <interface>opt1</interface> <poolopts></poolopts> <source_hash_key></source_hash_key> <staticnatport></staticnatport> <ipprotocol>inet</ipprotocol> <destination> <any></any> </destination> <dstport>500</dstport> <created> <time>1612426586</time> <username><![CDATA[Manual Outbound NAT Switch]]></username> </created> <updated> <time>1612427433</time> <username><![CDATA[admin@192.168.10.151 (Local Database)]]></username> </updated> </rule> <rule> <interface>wan</interface> <source> <network>192.168.10.0/24</network> </source> <sourceport></sourceport> <target></target> <destination> <any></any> </destination> <natport></natport> <descr><![CDATA[Auto created rule - LAN to WAN]]></descr> <created> <time>1612426586</time> <username><![CDATA[Manual Outbound NAT Switch]]></username> </created> </rule> </outbound> </nat> <filter> <rule> <type>pass</type> <ipprotocol>inet</ipprotocol> <descr><![CDATA[Default allow LAN to any rule]]></descr> <interface>lan</interface> <tracker>0100000101</tracker> <source> <network>lan</network> </source> <destination> <any></any> </destination> </rule> <rule> <type>pass</type> <ipprotocol>inet6</ipprotocol> <descr><![CDATA[Default allow LAN IPv6 to any rule]]></descr> <interface>lan</interface> <tracker>0100000102</tracker> <source> <network>lan</network> </source> <destination> <any></any> </destination> </rule> </filter> <shaper></shaper> <ipsec></ipsec> <aliases> </aliases> <proxyarp></proxyarp> <cron> <item> <minute>1,31</minute> <hour>0-5</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command>/usr/bin/nice -n20 adjkerntz -a</command> </item> <item> <minute>1</minute> <hour>3</hour> <mday>1</mday> <month>*</month> <wday>*</wday> <who>root</who> <command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command> </item> <item> <minute>1</minute> <hour>1</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command> </item> <item> <minute>*/60</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command> </item> <item> <minute>30</minute> <hour>12</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command>/usr/bin/nice -n20 /etc/rc.update_urltables</command> </item> <item> <minute>1</minute> <hour>0</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command>/usr/bin/nice -n20 /etc/rc.update_pkg_metadata</command> </item> </cron> <wol></wol> <rrd> <enable></enable> </rrd> <load_balancer> <monitor_type> <name>ICMP</name> <type>icmp</type> <descr><![CDATA[ICMP]]></descr> <options></options> </monitor_type> <monitor_type> <name>TCP</name> <type>tcp</type> <descr><![CDATA[Generic TCP]]></descr> <options></options> </monitor_type> <monitor_type> <name>HTTP</name> <type>http</type> <descr><![CDATA[Generic HTTP]]></descr> <options> <path>/</path> <host></host> <code>200</code> </options> </monitor_type> <monitor_type> <name>HTTPS</name> <type>https</type> <descr><![CDATA[Generic HTTPS]]></descr> <options> <path>/</path> <host></host> <code>200</code> </options> </monitor_type> <monitor_type> <name>SMTP</name> <type>send</type> <descr><![CDATA[Generic SMTP]]></descr> <options> <send></send> <expect>220 *</expect> </options> </monitor_type> </load_balancer> <widgets> <sequence>system_information:col1:show,netgate_services_and_support:col2:show,interfaces:col2:show</sequence> <period>10</period> </widgets> <openvpn> <openvpn-client> <auth_user><![CDATA[a329078]]></auth_user> <auth_pass><![CDATA[zUA382pnfF]]></auth_pass> <vpnid>1</vpnid> <protocol>UDP4</protocol> <dev_mode>tun</dev_mode> <interface>wan</interface> <ipaddr></ipaddr> <local_port></local_port> <server_addr>str-lcy106.strongconnectivity.com</server_addr> <server_port>1194</server_port> <proxy_addr></proxy_addr> <proxy_port></proxy_port> <proxy_authtype>none</proxy_authtype> <proxy_user></proxy_user> <proxy_passwd></proxy_passwd> <description><![CDATA[StrongVPN_London]]></description> <mode>p2p_tls</mode> <topology>subnet</topology> <custom_options>auth sha256; cipher AES-256-CBC; client; comp-lzo adaptive; hand-window 30; key-direction 1; mute 3; remote-cert-tls server; persist-key; redirect-gateway def1; resolv-retry infinite; route-delay 2; route-method exe; route-metric 1; topology subnet; tun-mtu 1400; verb 5;</custom_options> <caref>601baa885233a</caref> <certref></certref> <crlref></crlref> <tls> </tls> <tls_type>auth</tls_type> <tlsauth_keydir>default</tlsauth_keydir> <crypto>AES-256-CBC</crypto> <digest>SHA256</digest> <engine>none</engine> <tunnel_network></tunnel_network> <tunnel_networkv6></tunnel_networkv6> <remote_network></remote_network> <remote_networkv6></remote_networkv6> <use_shaper>1400</use_shaper> <compression>adaptive</compression> <auth-retry-none></auth-retry-none> <passtos></passtos> <udp_fast_io></udp_fast_io> <exit_notify>none</exit_notify> <sndrcvbuf></sndrcvbuf> <route_no_pull></route_no_pull> <route_no_exec>yes</route_no_exec> <verbosity_level>5</verbosity_level> <create_gw>v4only</create_gw> <ncp-ciphers>AES-128-GCM,AES-256-CBC</ncp-ciphers> <ncp_enable>disabled</ncp_enable> <ping_method>keepalive</ping_method> <keepalive_interval>10</keepalive_interval> <keepalive_timeout>60</keepalive_timeout> <ping_seconds>10</ping_seconds> <ping_action>ping_restart</ping_action> <ping_action_seconds>60</ping_action_seconds> <inactive_seconds>0</inactive_seconds> </openvpn-client> </openvpn> <dnshaper></dnshaper> <unbound> <enable></enable> <dnssec></dnssec> <active_interface></active_interface> <outgoing_interface></outgoing_interface> <custom_options></custom_options> <hideidentity></hideidentity> <hideversion></hideversion> <dnssecstripped></dnssecstripped> </unbound> <revision> <time>1612427433</time> <description><![CDATA[admin@192.168.10.151 (Local Database): Firewall: NAT: Outbound - saved/edited outbound NAT mapping.]]></description> <username><![CDATA[admin@192.168.10.151 (Local Database)]]></username> </revision> <cert> <refid>60191cf6f006b</refid> <descr><![CDATA[webConfigurator default (60191cf6f006b)]]></descr> <type>server</type> <crt>==</crt> <prv>==</prv> </cert> <ppps></ppps> <ca> <refid>601baa885233a</refid> <descr><![CDATA[StrongVPNca]]></descr> <serial>0</serial> </ca> <gateways></gateways> </pfsense>I would appreciate some guidance on where to look next, or what other information I could provide to help.
The Unix desktop is running Linux 5.8.0-43-generic on x86_64 on a Intel(R) Core(TM) i7-3970x CPU @3.50GHZ, 12 cores with 32GByte of memory.
Many thanks
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.