Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    1. Home
    2. Recent
    Log in to post
    Load new posts
    • All Topics
    • New Topics
    • Watched Topics
    • Unreplied Topics
    • All categories
    • All tags
    • opticalcO

      Netgate's openvpn client's remote server and my homes public IP

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      7
      0 Votes
      7 Posts
      379 Views
      GertjanG

      @opticalc said in Netgate's openvpn client's remote server and my homes public IP:

      and it was leaking DNS due to my client still using PFSense as the DNS server

      Unbound (the pfSense resolver) can be forced to use the VPN connection also .....

    • A

      Open VPN no longer working after certificate reissue

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      9
      0 Votes
      9 Posts
      623 Views
      A

      I followed some of your instructions and it is working once more.

      I made a new CA as stated
      I made a new Server Cert
      I changed the OPENVPN to use the new CA & Cert
      I changed 1 user to use the new CA & Cert
      I downloaded and installed a fresh installed and it is now working.

      @Gertjan Once more, thank you for time help time and assistance with helping me get this fixed. I really appreciate it.

    • W

      OPENVPN PIA Installed and working but lost VLAN access

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      5
      0 Votes
      5 Posts
      224 Views
      W

      That did the trick. 🙂

      Thank you again. Pleased to have it working.

    • S

      OpenVPN interface won't get IPv4 Virtual Address

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      2
      0 Votes
      2 Posts
      169 Views
      S

      So I figured it out. You need to go to Interfaces -> WAN and set "IPv6 Configuration Type" from "DHCP6" to "None" and then reboot pfSense. When rebooted, the interface now has an IPv4 virtual address when you look at interface status that you can bind to and use.

    • Y

      TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      3
      0 Votes
      3 Posts
      2k Views
      H

      I got the same error message after upgrading to a more recent pfsense version (2.6). I tried the packet capture (and I saw the client packets arriving), I switched from UDP to TCP (to no avail), I tried different port numbers and still got the same error message (TLS key negotiation failed to occur within 60 seconds).

      Then I configured the OpenVPN server "Endpoint Configuration" and switched the interface from "WAN" to "any". Et voilà - the error message was gone and the connection was established as desired!

      I then tried all different settings for "interface" to find out which was the right one, but I got the error message for every single one of them. Only "any" worked.

    • D

      DCO server gateway monitoring error / dpinger route error IPv6

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      2
      0 Votes
      2 Posts
      128 Views
      D

      I reviewed DCO limitations and the document states that openvpn /DCO should honor kernel level routes. I added static routes (although dpinger should do this as well) and that didn't fix anything.

    • B

      [SOLVED] OpenVPN Server not connecting clients after 80 tunnels

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      7
      0 Votes
      7 Posts
      421 Views
      N

      @Bambos This is surely the case

    • X

      OpenVPN on pfSense: Custom Password + Google Authenticator 2FA

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      6
      0 Votes
      6 Posts
      441 Views
      X

      @Gertjan
      Thank you for your time.
      Brief, competent and clear.
      Most likely my solution is to use the DUO Security platform first, and then, if successful, deploy my own server. Because I have a large number of VPN servers that require increased security
      Thank you very much again!
      Have a nice day.

    • D

      Can't access to Proxmox from outside (OpenVPN client)

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      9
      0 Votes
      9 Posts
      751 Views
      D

      @viragomann said in Can't access to Proxmox from outside (OpenVPN client):

      o limit the rule to a single IP, enter the IP with a /32 mask.

      Effectively !
      Thanks again for your support.

    • A

      OpenVPN Server dco

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      5
      0 Votes
      5 Posts
      346 Views
      A

      @Gertjan said in OpenVPN Server dco:

      so its really hidden ?

      i checked this. only in my windows connect app:

      433cb667-86dd-4934-aee9-06dfb0bed48f-image.png

    • F

      IPSec Interface

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      1
      0 Votes
      1 Posts
      132 Views
      No one has replied
    • G

      pfSense OpenVPN connects from iPhone hotspot but not Home Fibre

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      1
      0 Votes
      1 Posts
      146 Views
      No one has replied
    • H

      please allow "scramble obfuscate" option for OpenVPN client in PFSense

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      3
      0 Votes
      3 Posts
      246 Views
      H

      @johnpoz is there a custom package (OVPN) implemented with this feature ?

    • A

      OpenVPN Slow Only on One Specific Client (2.5G/1G Network)

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      5
      0 Votes
      5 Posts
      358 Views
      GertjanG

      @Aadrem said in OpenVPN Slow Only on One Specific Client (2.5G/1G Network):

      Super Micro 1537 with a CPU that never exceeds 10% load,

      pfSense is waiting on the WAN interface for traffic that comes in. Other VPN users have no issue, and you're pfSense handles them just fine. Just this 'one more' shows issues ?
      So, the issue isn't pfSense, the VPN server ..... but the client, or the connection to/from the client.

      What happens if you swap the VPN client config between 2 of your VPN users ?

      @Aadrem said in OpenVPN Slow Only on One Specific Client (2.5G/1G Network):

      (2.5 Gbps download / 1 Gbps upload). They are not on mobile 5G or a limited connection

      No need to mention this, if you already know the hard sealing :
      (1 Gbps download / 300 Mbps upload)

      That said, the "problematic clients are a MacBook Pro and a OnePlus" have the connection "(2.5 Gbps download / 1 Gbps upload)" all for themselves ? Or is this connection shared with others ?
      ISPs do sell their speeds measured with special conditions : like sun, Mars Earth and Jupiter aligned.

      @Aadrem said in OpenVPN Slow Only on One Specific Client (2.5G/1G Network):

      The issue does NOT occur when using 5G or FTTC connections, only on this specific FTTH connection.

      Ah : That's useful info. The issue points to that network and the ISP.

    • LPD7L

      Any Suggestions: Frequent Disconnects/Reconnects

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      1
      0 Votes
      1 Posts
      169 Views
      No one has replied
    • A

      pfsense openvpn client to ubuntu server connects but wont reconnect

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      10
      0 Votes
      10 Posts
      1k Views
      A

      @Gertjan
      in case anyone has this issue, i found the solution. besides removing the DNS line remove the TLS key from Custom options under advanced configuration towards the bottom of the openvpn client. then go to the top and select USE A TLS KEY, then uncheck automatically generate a key and paste your key from your server here.
      then for TLS Key Usage Mode change it to TLS encryption and authentication.
      now it works after saving the changes!

    • CatSpecial202C

      OpenVPN can only connect to HTTPS on gateway

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      12
      0 Votes
      12 Posts
      806 Views
      CatSpecial202C

      @viragomann Sorry for that. Yes, it looks like there was a misconfiguration here. I had to change my default gateway it was still setup to be the 10.0.0.1 that the switch comes with. I thought it would be set from DHCP but i guess it wasn't. It's all working now! Thanks!

    • G

      VPN with dual wan failovr

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      1
      0 Votes
      1 Posts
      100 Views
      No one has replied
    • O

      Openvpn and cisco-avpair - attributes check

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN bug php error
      1
      0 Votes
      1 Posts
      147 Views
      No one has replied
    • P

      CLIENT pfSense - Initialization Sequence NOT Completed (ovpnc1 pending, NOT up))

      Watching Ignoring Scheduled Pinned Locked Moved OpenVPN
      7
      0 Votes
      7 Posts
      475 Views
      V

      @poldus
      What do you consider as "static" here?

      The above shows the client log. But what shows the server log?
      Does the server even see any VPN packet?

      Are you aware, that shared key OpenVPN is deprecated these days?

      Do you really intend to setup a tap client?