Problems getting road warrior to connect to openvpn



  • i'm having some problems getting tunnelblick on my macbook to connect to pfsense 1.2 using openvpn.

    here our my configuration files

    server:

    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    dev tun
    proto udp
    cipher BF-CBC
    up /etc/rc.filter_configure
    down /etc/rc.filter_configure
    server 192.168.2.0 255.255.255.0
    client-config-dir /var/etc/openvpn_csc
    push "route 192.168.1.0 255.255.255.0"
    lport 1194
    ca /var/etc/openvpn_server0.ca
    cert /var/etc/openvpn_server0.cert
    key /var/etc/openvpn_server0.key
    dh /var/etc/openvpn_server0.dh
    persist-remote-ip
    float

    client:

    float
    port 1194
    dev tun
    dev-node /sbin/ifconfig en1
    #dev-node /sbin/ifconfig en0
    proto udp
    remote "hostname here" 1194
    ping-restart 45
    persist-tun
    persist-key
    tls-client
    ca ca.crt
    cert client1.crt
    key client1.key
    ns-cert-type server
    pull
    verb 4

    and the tail end of my log file from the client;

    Sep  2 18:46:33 UNIXBOX openvpn[3984]: SENT CONTROL [server]:
    'PUSH_REQUEST' (status=1)
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: PUSH: Received control message:
    'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route 192.168.2.1,ping
    10,ping-restart 60,ifconfig 192.168.2.6 192.168.2.5'
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: OPTIONS IMPORT: timers and/or
    timeouts modified
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: OPTIONS IMPORT: –ifconfig/up
    options modified
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: OPTIONS IMPORT: route options
    modified
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: gw 172.16.0.1
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: TUN/TAP device /sbin/ifconfig
    opened
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: /sbin/ifconfig tun delete
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: NOTE: Tried to delete pre-
    existing tun/tap instance – No Problem if failure
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: /sbin/ifconfig tun 192.168.2.6
    192.168.2.5 mtu 1500 netmask 255.255.255.255 up
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: MANAGEMENT: Client disconnected
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: Mac OS X ifconfig failed: shell
    command exited with error status: 126
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: MANAGEMENT: TCP send error: Bad
    file descriptor
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: MANAGEMENT: Client disconnected
    Sep  2 18:46:33 UNIXBOX openvpn[3984]: Exiting

    i'm not sure where that 255.255.255.255 netmask is coming from either.

    any thoughts?

    thanks guys,



  • I dont see cipher in your client configuration file which should match your server's cipher algorithm



  • Also could you post the output of the log on pfSense?


Locked