(SOLVED) Unable to connect to OpenVPN as client, possible bug issue



  • Hello guys,

    I have set an OpenVPN server, to use local users auths. After that I added a local user in the admin group, and install openvpn-client-export to export credentials.

    In client export, it is:

    http://prntscr.com/ehte2j

    And after that I tried first, with,

    http://prntscr.com/ehtjnj

    but I was unable to connect it:

    Thu Mar 09 09:56:31 2017 OpenVPN 2.4.0 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Dec 27 2016
    Thu Mar 09 09:56:31 2017 Windows version 6.2 (Windows 8 or greater) 64bit
    Thu Mar 09 09:56:31 2017 library versions: OpenSSL 1.0.2i  22 Sep 2016, LZO 2.09
    Enter Management Password:
    Thu Mar 09 09:56:36 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]196.23.85.174:1194
    Thu Mar 09 09:56:36 2017 UDP link local (bound): [AF_INET][undef]:1194
    Thu Mar 09 09:56:36 2017 UDP link remote: [AF_INET]196.23.85.174:1194
    Thu Mar 09 09:57:01 2017 SIGTERM[hard,] received, process exiting
    

    then I made a try with,

    http://prntscr.com/ehthe1

    and I had a different output, I received this warning about a admin group,

    http://prntscr.com/ehtl71

    and after I made yes it shows the UAC prompt, and after another yes,

    http://prntscr.com/ehtlkv

    It seems that this last way provide me more info and lead me to this known bug:

    https://community.openvpn.net/openvpn/ticket/810

    So the question is, am I doing any wrong/left step here, or doesnt manner the way I try because it is definetely a bug?

    Network setup:

    Huawei 3/4g wifi router (LAN IP: 196.23.85.173, DHCP: OFF):

    • PC A (IP: 196.23.85.175)
    • pfsense 2.3.3 router (WAN IP: 196.23.85.174, LAN IP: 192.168.1.1, LAN port DHCP: 192.168.1.10 to 192.168.1.254):
      – PC B (IP: 192.168.1.10)

    Pfsense wan rules:

    http://prntscr.com/ehtims
    UPDATE1:

    I have tried with android, through,

    http://prntscr.com/ehwkrm

    And add it in openvpn connect app,

    http://prntscr.com/ehwpfc

    after that i received this message and cannot do ok, just cancel =/,

    http://prntscr.com/ehwpo5

    In english means:

    Permission of the connection

    OpenVPN Connect whats to configurate one VPN connection who will allow you to monitor network traffic. Accept only if you trust this host.

    <key icon="">It will appear in the top right conner when VPN is active.

    Cancel –-- OK</key>

    UPDATE 2:

    In Macos, through tunnelblick,

    http://prntscr.com/ehx1ai



  • Did you use a wizard? Is it Xauth+SSL? How is the network setup. What is the tunnel subnet, what is the LAN subnet, what are the firewall rules, what does telnet say, what does a packet trace/dump show. What about the server logs.



  • @johnkeates:

    Did you use a wizard?

    Yes.

    @johnkeates:

    How is the network setup. What is the tunnel subnet, what is the LAN subnet,

    Huawei 3/4g wifi router (LAN IP: 196.23.85.173, DHCP: OFF):

    • PC A (IP: 196.23.85.175)
    • pfsense 2.3.3 router (WAN IP: 196.23.85.174, LAN IP: 192.168.1.1, LAN port DHCP: 192.168.1.10 to 192.168.1.254):
      – PC B (IP: 192.168.1.10)

    @johnkeates:

    what are the firewall rules,

    Pfsense wan rules:

    http://prntscr.com/ehtims

    @johnkeates:

    what does telnet say

    Cannot connect to that port, but can I telnet to a UDP port?! lol

    @johnkeates:

    , what does a packet trace/dump show.

    http://prntscr.com/eice2b
    http://prntscr.com/eice7e

    @johnkeates:

    What about the server logs.

    http://prntscr.com/eic7rj
    http://prntscr.com/eiccvy
    http://prntscr.com/eicgfj

    Also I have notice that openvpn is not running and doesnt start but dont know why:

    http://prntscr.com/eic8sr



  • Well I made a mistake when i add the local network subnet (10.0.0.1/24 instead of 10.0.0.0/24) … but at least I can thank to this guy that have made the same mistake lool

    https://forum.pfsense.org/index.php?topic=123677.0