NordVPN question



  • Hey All\NordVPN users,

    I am new to pfsense and setting up nordvpn which I had for a while. I like to route everything through vpn and I had followed  https://nordvpn.com/tutorials/pfsense/pfsense-openvpn/ to the dot. Everything is enable and I had reboot once I setup the openvpn but doesn't seem like it's routing everything through vpn. Things I notice:

    Firewall\Rules\LAN: States MiB traffic is increasing
    Status\OpenVPN: NordVPN UDP shows status down, Virtual server status shows Service not running?, and remote host shows Unable to contact daemon. (I have tried to start the daemon on gui but no luck.)

    Status\System Logs\OpenVPN:

    Oct 28 00:35:59  openvpn  32138  push_ifconfig_defined = DISABLED 
    Oct 28 00:35:59  openvpn  32138  push_ifconfig_local = 0.0.0.0 
    Oct 28 00:35:59  openvpn  32138  push_ifconfig_remote_netmask = 0.0.0.0 
    Oct 28 00:35:59  openvpn  32138  push_ifconfig_ipv6_defined = DISABLED 
    Oct 28 00:35:59  openvpn  32138  push_ifconfig_ipv6_local = ::/0 
    Oct 28 00:35:59  openvpn  32138  push_ifconfig_ipv6_remote = :: 
    Oct 28 00:35:59  openvpn  32138  enable_c2c = DISABLED 
    Oct 28 00:35:59  openvpn  32138  duplicate_cn = DISABLED 
    Oct 28 00:35:59  openvpn  32138  cf_max = 0 
    Oct 28 00:35:59  openvpn  32138  cf_per = 0 
    Oct 28 00:35:59  openvpn  32138  max_clients = 1024 
    Oct 28 00:35:59  openvpn  32138  max_routes_per_client = 256 
    Oct 28 00:35:59  openvpn  32138  auth_user_pass_verify_script = '[UNDEF]' 
    Oct 28 00:35:59  openvpn  32138  auth_user_pass_verify_script_via_file = DISABLED 
    Oct 28 00:35:59  openvpn  32138  port_share_host = '[UNDEF]' 
    Oct 28 00:35:59  openvpn  32138  port_share_port = 0 
    Oct 28 00:35:59  openvpn  32138  client = ENABLED 
    Oct 28 00:35:59  openvpn  32138  pull = ENABLED 
    Oct 28 00:35:59  openvpn  32138  auth_user_pass_file = '/var/etc/openvpn/client1.up' 
    Oct 28 00:35:59  openvpn  32138  OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Jul 19 2016 
    Oct 28 00:35:59  openvpn  32138  library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09 
    Oct 28 00:35:59  openvpn  32138  WARNING: file '/var/etc/openvpn/client1.up' is group or others accessible 
    Oct 28 00:35:59  openvpn  32458  MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock 
    Oct 28 00:35:59  openvpn  32458  WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. 
    Oct 28 00:35:59  openvpn  32458  NOTE: the current –script-security setting may allow this configuration to call user-defined scripts 
    Oct 28 00:35:59  openvpn  32458  Control Channel Authentication: using '/var/etc/openvpn/client1.tls-auth' as a OpenVPN static key file 
    Oct 28 00:35:59  openvpn  32458  Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 
    Oct 28 00:35:59  openvpn  32458  Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 
    Oct 28 00:35:59  openvpn  32458  LZO compression initialized 
    Oct 28 00:35:59  openvpn  32458  Control Channel MTU parms [ L:1562 D:1184 EF:66 EB:0 ET:0 EL:3 ] 
    Oct 28 00:35:59  openvpn  32458  Socket Buffers: R=[42080->42080] S=[57344->57344] 
    Oct 28 00:35:59  openvpn  32458  Data Channel MTU parms [ L:1562 D:1450 EF:62 EB:143 ET:0 EL:3 AF:3/1 ] 
    Oct 28 00:35:59  openvpn  32458  Fragmentation MTU parms [ L:1562 D:1300 EF:61 EB:143 ET:1 EL:3 AF:3/1 ] 
    Oct 28 00:35:59  openvpn  32458  Local Options String: 'V4,dev-type tun,link-mtu 1562,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client' 
    Oct 28 00:35:59  openvpn  32458  Expected Remote Options String: 'V4,dev-type tun,link-mtu 1562,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server' 
    Oct 28 00:35:59  openvpn  32458  Local Options hash (VER=V4): '311e36c2' 
    Oct 28 00:35:59  openvpn  32458  Expected Remote Options hash (VER=V4): 'c77ff366' 
    Oct 28 00:35:59  openvpn  32458  UDPv4 link local (bound): [AF_INET]71.68.65.243 
    Oct 28 00:35:59  openvpn  32458  UDPv4 link remote: [AF_INET]191.101.1.212:1194 
    Oct 28 00:35:59  openvpn  32458  TLS: Initial packet from [AF_INET]191.101.1.212:1194, sid=04792ab8 19a286cc 
    Oct 28 00:35:59  openvpn  32458  WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this 
    Oct 28 00:36:00  openvpn  32458  VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=vpn-us_v1, CN=vpn-us_v1, name=vpn-us_v1, emailAddress=info@nordvpn.com 
    Oct 28 00:36:00  openvpn  32458  VERIFY OK: depth=0, C=PA, ST=PA, L=Panama, O=NordVPN, OU=NordVPN, CN=vpn-us2.nordvpn.com, name=NordVPN, emailAddress=cert@nordvpn.com 
    Oct 28 00:36:00  openvpn  32458  WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1562', remote='link-mtu 1590' 
    Oct 28 00:36:00  openvpn  32458  WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532' 
    Oct 28 00:36:00  openvpn  32458  WARNING: 'mtu-dynamic' is present in local config but missing in remote config, local='mtu-dynamic' 
    Oct 28 00:36:00  openvpn  32458  WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 256' 
    Oct 28 00:36:00  openvpn  32458  OpenSSL: error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length 
    Oct 28 00:36:00  openvpn  32458  EVP set key size 
    Oct 28 00:36:00  openvpn  32458  Exiting due to fatal error

    If ya'll need screenshot on the setup it's exactly like nordvpn steps, but I can retake screenshot if ya'll need.

    Thanks,

    U3



  • NVM I figure it out.


Log in to reply