Issues setting up OpenVPN with TigerVPN



  • Alix 2d3 with pfSense 2.3.2-p1
    1 WAN
    1 LAN

    So I'm trying to incorporate the OpenVPN directly in the pfsense router vs on the client itself. I've followed several config guides, including this one to assist getting it applied to an interface, along with setting up the gateway on the LAN interface.

    https://forum.pfsense.org/index.php?topic=76015.0

    But after all of that, when I hit any site (like what's my IP sites), it's seeing my real IP, and not the VPN IP. If I do a ping test from the router (Diagnostics/Ping) and choose the VPN interface, it's successful. So I'm not sure what I'm missing here.

    The client sent me this to use for the openvpn config:

    client
    remote nyc.tigervpn.com 1194 udp
    remote nyc.tigervpn.com 443 tcp-client

    pull
    auth-user-pass
    comp-lzo adaptive
    ca ca.crt
    dev tun
    tls-client
    script-security 2
    cipher AES-256-CBC
    mute 10

    route-delay 5
    redirect-gateway def1
    resolv-retry infinite
    #dhcp-renew
    #dhcp-release
    persist-key
    persist-tun
    remote-cert-tls server
    mssfix

    I've since combined these with the current settings from where I set it up (in GUI) and this is the current client1.conf file (I commented out duplicate stuff and moved it to the bottom):

    dev ovpnc1
    verb 4
    dev-type tun
    dev-node /dev/tun1
    writepid /var/run/openvpn_client1.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto udp
    cipher AES-256-CBC
    auth SHA1
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    local 73.82.XX.XX (hiding my IP address)
    engine cryptodev
    tls-client
    client
    lport 0
    management /var/etc/openvpn/client1.sock unix
    remote nyc.tigervpn.com 1194
    auth-user-pass /var/etc/openvpn/client1.up
    ca /var/etc/openvpn/client1.ca
    cert /var/etc/openvpn/client1.cert
    key /var/etc/openvpn/client1.key
    tls-auth /var/etc/openvpn/client1.tls-auth 1
    comp-lzo adaptive
    resolv-retry infinite

    remote nyc.tigervpn.com 443 tcp-client
    auth-user-pass /etc/openvpn-password.txt  <- this was the only way i could get authentication to work, else I got a different error

    pull
    script-security 2
    route-delay 5
    redirect-gateway def1
    remote-cert-tls server
    mssfix

    #client
    #remote nyc.tigervpn.com 1194 udp
    #auth-user-pass
    #comp-lzo adaptive
    #ca ca.crt
    #dev tun
    #tls-client
    #cipher AES-256-CBC
    #mute 10
    #resolv-retry infinite
    #dhcp-renew
    #dhcp-release
    #persist-key
    #persist-tun

    The connection is always in a "Down" state and this is the OpenVPN logs (newest first):

    Apr 10 15:26:05 openvpn 74479 TLS Error: cannot locate HMAC in incoming packet from [AF_INET]162.220.220.26:1194
    Apr 10 15:26:05 openvpn 74479 TLS: Initial packet from [AF_INET]162.220.220.26:1194, sid=03a84775 77171301
    Apr 10 15:26:04 openvpn 74479 MANAGEMENT: Client disconnected
    Apr 10 15:26:04 openvpn 74479 MANAGEMENT: CMD 'state 1'
    Apr 10 15:26:04 openvpn 74479 MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
    Apr 10 15:26:01 openvpn 74479 TLS Error: cannot locate HMAC in incoming packet from [AF_INET]162.220.220.26:1194
    Apr 10 15:26:01 openvpn 74479 TLS: Initial packet from [AF_INET]162.220.220.26:1194, sid=03a84775 77171301
    Apr 10 15:25:59 openvpn 74479 TLS Error: cannot locate HMAC in incoming packet from [AF_INET]162.220.220.26:1194
    Apr 10 15:25:59 openvpn 74479 TLS: Initial packet from [AF_INET]162.220.220.26:1194, sid=03a84775 77171301
    Apr 10 15:25:59 openvpn 74479 UDPv4 link remote: [AF_INET]162.220.220.26:1194
    Apr 10 15:25:59 openvpn 74479 UDPv4 link local (bound): [AF_INET]73.82.XX.XX
    Apr 10 15:25:59 openvpn 74479 Expected Remote Options hash (VER=V4): '162b04de'
    Apr 10 15:25:59 openvpn 74479 Local Options hash (VER=V4): '9e7066d2'
    Apr 10 15:25:59 openvpn 74479 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
    Apr 10 15:25:59 openvpn 74479 Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
    Apr 10 15:25:59 openvpn 74479 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:143 ET:0 EL:3 AF:3/1 ]
    Apr 10 15:25:59 openvpn 74479 Socket Buffers: R=[42080->42080] S=[57344->57344]
    Apr 10 15:25:59 openvpn 74479 Control Channel MTU parms [ L:1558 D:1184 EF:66 EB:0 ET:0 EL:3 ]
    Apr 10 15:25:59 openvpn 74479 LZO compression initialized
    Apr 10 15:25:59 openvpn 74479 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    Apr 10 15:25:59 openvpn 74479 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    Apr 10 15:25:59 openvpn 74479 Control Channel Authentication: using '/var/etc/openvpn/client1.tls-auth' as a OpenVPN static key file
    Apr 10 15:25:59 openvpn 74479 Initializing OpenSSL support for engine 'cryptodev'
    Apr 10 15:25:59 openvpn 74479 NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
    Apr 10 15:25:59 openvpn 74479 MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
    Apr 10 15:25:59 openvpn 74413 WARNING: file '/etc/openvpn-password.txt' is group or others accessible
    Apr 10 15:25:59 openvpn 74413 library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
    Apr 10 15:25:59 openvpn 74413 OpenVPN 2.3.11 i386-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on May 16 2016
    Apr 10 15:25:59 openvpn 74413 auth_user_pass_file = '/etc/openvpn-password.txt'
    Apr 10 15:25:59 openvpn 74413 pull = ENABLED
    Apr 10 15:25:59 openvpn 74413 client = ENABLED
    Apr 10 15:25:59 openvpn 74413 port_share_port = 0
    Apr 10 15:25:59 openvpn 74413 port_share_host = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 auth_user_pass_verify_script_via_file = DISABLED
    Apr 10 15:25:59 openvpn 74413 auth_user_pass_verify_script = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 max_routes_per_client = 256
    Apr 10 15:25:59 openvpn 74413 max_clients = 1024
    Apr 10 15:25:59 openvpn 74413 cf_per = 0
    Apr 10 15:25:59 openvpn 74413 cf_max = 0
    Apr 10 15:25:59 openvpn 74413 duplicate_cn = DISABLED
    Apr 10 15:25:59 openvpn 74413 enable_c2c = DISABLED
    Apr 10 15:25:59 openvpn 74413 push_ifconfig_ipv6_remote = ::
    Apr 10 15:25:59 openvpn 74413 push_ifconfig_ipv6_local = ::/0
    Apr 10 15:25:59 openvpn 74413 push_ifconfig_ipv6_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 push_ifconfig_remote_netmask = 0.0.0.0
    Apr 10 15:25:59 openvpn 74413 push_ifconfig_local = 0.0.0.0
    Apr 10 15:25:59 openvpn 74413 push_ifconfig_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 tmp_dir = '/tmp'
    Apr 10 15:25:59 openvpn 74413 ccd_exclusive = DISABLED
    Apr 10 15:25:59 openvpn 74413 client_config_dir = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 client_disconnect_script = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 learn_address_script = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 client_connect_script = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 virtual_hash_size = 256
    Apr 10 15:25:59 openvpn 74413 real_hash_size = 256
    Apr 10 15:25:59 openvpn 74413 tcp_queue_limit = 64
    Apr 10 15:25:59 openvpn 74413 n_bcast_buf = 256
    Apr 10 15:25:59 openvpn 74413 ifconfig_ipv6_pool_netbits = 0
    Apr 10 15:25:59 openvpn 74413 ifconfig_ipv6_pool_base = ::
    Apr 10 15:25:59 openvpn 74413 ifconfig_ipv6_pool_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 ifconfig_pool_persist_refresh_freq = 600
    Apr 10 15:25:59 openvpn 74413 ifconfig_pool_persist_filename = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 ifconfig_pool_netmask = 0.0.0.0
    Apr 10 15:25:59 openvpn 74413 ifconfig_pool_end = 0.0.0.0
    Apr 10 15:25:59 openvpn 74413 ifconfig_pool_start = 0.0.0.0
    Apr 10 15:25:59 openvpn 74413 ifconfig_pool_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 server_bridge_pool_end = 0.0.0.0
    Apr 10 15:25:59 openvpn 74413 server_bridge_pool_start = 0.0.0.0
    Apr 10 15:25:59 openvpn 74413 server_bridge_netmask = 0.0.0.0
    Apr 10 15:25:59 openvpn 74413 server_bridge_ip = 0.0.0.0
    Apr 10 15:25:59 openvpn 74413 server_netbits_ipv6 = 0
    Apr 10 15:25:59 openvpn 74413 server_network_ipv6 = ::
    Apr 10 15:25:59 openvpn 74413 server_netmask = 0.0.0.0
    Apr 10 15:25:59 openvpn 74413 server_network = 0.0.0.0
    Apr 10 15:25:59 openvpn 74413 tls_auth_file = '/var/etc/openvpn/client1.tls-auth'
    Apr 10 15:25:59 openvpn 74413 tls_exit = DISABLED
    Apr 10 15:25:59 openvpn 74413 push_peer_info = DISABLED
    Apr 10 15:25:59 openvpn 74413 single_session = DISABLED
    Apr 10 15:25:59 openvpn 74413 transition_window = 3600
    Apr 10 15:25:59 openvpn 74413 handshake_window = 60
    Apr 10 15:25:59 openvpn 74413 renegotiate_seconds = 3600
    Apr 10 15:25:59 openvpn 74413 renegotiate_packets = 0
    Apr 10 15:25:59 openvpn 74413 renegotiate_bytes = 0
    Apr 10 15:25:59 openvpn 74413 tls_timeout = 2
    Apr 10 15:25:59 openvpn 74413 ssl_flags = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_eku = 'TLS Web Server Authentication'
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 136
    Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 160
    Apr 10 15:25:59 openvpn 74413 ns_cert_type = 0
    Apr 10 15:25:59 openvpn 74413 crl_file = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 verify_x509_name = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 verify_x509_type = 0
    Apr 10 15:25:59 openvpn 74413 tls_export_cert = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 tls_verify = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 cipher_list = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 pkcs12_file = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 priv_key_file = '/var/etc/openvpn/client1.key'
    Apr 10 15:25:59 openvpn 74413 extra_certs_file = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 cert_file = '/var/etc/openvpn/client1.cert'
    Apr 10 15:25:59 openvpn 74413 dh_file = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 ca_path = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 ca_file = '/var/etc/openvpn/client1.ca'
    Apr 10 15:25:59 openvpn 74413 key_method = 2
    Apr 10 15:25:59 openvpn 74413 tls_client = ENABLED
    Apr 10 15:25:59 openvpn 74413 tls_server = DISABLED
    Apr 10 15:25:59 openvpn 74413 test_crypto = DISABLED
    Apr 10 15:25:59 openvpn 74413 use_iv = ENABLED
    Apr 10 15:25:59 openvpn 74413 packet_id_file = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 replay_time = 15
    Apr 10 15:25:59 openvpn 74413 replay_window = 64
    Apr 10 15:25:59 openvpn 74413 mute_replay_warnings = DISABLED
    Apr 10 15:25:59 openvpn 74413 replay = ENABLED
    Apr 10 15:25:59 openvpn 74413 engine = ENABLED
    Apr 10 15:25:59 openvpn 74413 keysize = 0
    Apr 10 15:25:59 openvpn 74413 prng_nonce_secret_len = 16
    Apr 10 15:25:59 openvpn 74413 prng_hash = 'SHA1'
    Apr 10 15:25:59 openvpn 74413 authname = 'SHA1'
    Apr 10 15:25:59 openvpn 74413 authname_defined = ENABLED
    Apr 10 15:25:59 openvpn 74413 ciphername = 'AES-256-CBC'
    Apr 10 15:25:59 openvpn 74413 ciphername_defined = ENABLED
    Apr 10 15:25:59 openvpn 74413 key_direction = 2
    Apr 10 15:25:59 openvpn 74413 shared_secret_file = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 management_flags = 256
    Apr 10 15:25:59 openvpn 74413 management_client_group = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 management_client_user = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 management_write_peer_info_file = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 management_echo_buffer_size = 100
    Apr 10 15:25:59 openvpn 74413 management_log_history_cache = 250
    Apr 10 15:25:59 openvpn 74413 management_user_pass = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 management_port = 0
    Apr 10 15:25:59 openvpn 74413 management_addr = '/var/etc/openvpn/client1.sock'
    Apr 10 15:25:59 openvpn 74413 [redirect_default_gateway local=0]
    Apr 10 15:25:59 openvpn 74413 allow_pull_fqdn = DISABLED
    Apr 10 15:25:59 openvpn 74413 max_routes = 100
    Apr 10 15:25:59 openvpn 74413 route_gateway_via_dhcp = DISABLED
    Apr 10 15:25:59 openvpn 74413 route_nopull = DISABLED
    Apr 10 15:25:59 openvpn 74413 route_delay_defined = ENABLED
    Apr 10 15:25:59 openvpn 74413 route_delay_window = 30
    Apr 10 15:25:59 openvpn 74413 route_delay = 5
    Apr 10 15:25:59 openvpn 74413 route_noexec = DISABLED
    Apr 10 15:25:59 openvpn 74413 route_default_metric = 0
    Apr 10 15:25:59 openvpn 74413 route_default_gateway = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 route_script = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 lzo = 7
    Apr 10 15:25:59 openvpn 74413 fast_io = DISABLED
    Apr 10 15:25:59 openvpn 74413 sockflags = 0
    Apr 10 15:25:59 openvpn 74413 sndbuf = 0
    Apr 10 15:25:59 openvpn 74413 rcvbuf = 0
    Apr 10 15:25:59 openvpn 74413 occ = ENABLED
    Apr 10 15:25:59 openvpn 74413 status_file_update_freq = 60
    Apr 10 15:25:59 openvpn 74413 status_file_version = 1
    Apr 10 15:25:59 openvpn 74413 status_file = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 gremlin = 0
    Apr 10 15:25:59 openvpn 74413 mute = 0
    Apr 10 15:25:59 openvpn 74413 verbosity = 4
    Apr 10 15:25:59 openvpn 74413 nice = 0
    Apr 10 15:25:59 openvpn 74413 suppress_timestamps = DISABLED
    Apr 10 15:25:59 openvpn 74413 log = DISABLED
    Apr 10 15:25:59 openvpn 74413 inetd = 0
    Apr 10 15:25:59 openvpn 74413 daemon = ENABLED
    Apr 10 15:25:59 openvpn 74413 up_delay = DISABLED
    Apr 10 15:25:59 openvpn 74413 up_restart = DISABLED
    Apr 10 15:25:59 openvpn 74413 down_pre = DISABLED
    Apr 10 15:25:59 openvpn 74413 down_script = '/usr/local/sbin/ovpn-linkdown'
    Apr 10 15:25:59 openvpn 74413 up_script = '/usr/local/sbin/ovpn-linkup'
    Apr 10 15:25:59 openvpn 74413 writepid = '/var/run/openvpn_client1.pid'
    Apr 10 15:25:59 openvpn 74413 cd_dir = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 chroot_dir = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 groupname = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 username = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 resolve_retry_seconds = 1000000000
    Apr 10 15:25:59 openvpn 74413 passtos = DISABLED
    Apr 10 15:25:59 openvpn 74413 persist_key = ENABLED
    Apr 10 15:25:59 openvpn 74413 persist_remote_ip = DISABLED
    Apr 10 15:25:59 openvpn 74413 persist_local_ip = DISABLED
    Apr 10 15:25:59 openvpn 74413 persist_tun = ENABLED
    Apr 10 15:25:59 openvpn 74413 remap_sigusr1 = 0
    Apr 10 15:25:59 openvpn 74413 ping_timer_remote = ENABLED
    Apr 10 15:25:59 openvpn 74413 ping_rec_timeout_action = 2
    Apr 10 15:25:59 openvpn 74413 ping_rec_timeout = 60
    Apr 10 15:25:59 openvpn 74413 ping_send_timeout = 10
    Apr 10 15:25:59 openvpn 74413 inactivity_timeout = 0
    Apr 10 15:25:59 openvpn 74413 keepalive_timeout = 60
    Apr 10 15:25:59 openvpn 74413 keepalive_ping = 10
    Apr 10 15:25:59 openvpn 74413 mlock = DISABLED
    Apr 10 15:25:59 openvpn 74413 mtu_test = 0
    Apr 10 15:25:59 openvpn 74413 shaper = 0
    Apr 10 15:25:59 openvpn 74413 ifconfig_ipv6_remote = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 ifconfig_ipv6_netbits = 0
    Apr 10 15:25:59 openvpn 74413 ifconfig_ipv6_local = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 ifconfig_nowarn = DISABLED
    Apr 10 15:25:59 openvpn 74413 ifconfig_noexec = DISABLED
    Apr 10 15:25:59 openvpn 74413 ifconfig_remote_netmask = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 ifconfig_local = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 tun_ipv6 = DISABLED
    Apr 10 15:25:59 openvpn 74413 topology = 1
    Apr 10 15:25:59 openvpn 74413 lladdr = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 dev_node = '/dev/tun1'
    Apr 10 15:25:59 openvpn 74413 dev_type = 'tun'
    Apr 10 15:25:59 openvpn 74413 dev = 'ovpnc1'
    Apr 10 15:25:59 openvpn 74413 ipchange = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 remote_random = DISABLED
    Apr 10 15:25:59 openvpn 74413 Connection profiles END
    Apr 10 15:25:59 openvpn 74413 explicit_exit_notification = 0
    Apr 10 15:25:59 openvpn 74413 mssfix = 1450
    Apr 10 15:25:59 openvpn 74413 fragment = 0
    Apr 10 15:25:59 openvpn 74413 mtu_discover_type = -1
    Apr 10 15:25:59 openvpn 74413 tun_mtu_extra_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 tun_mtu_extra = 0
    Apr 10 15:25:59 openvpn 74413 link_mtu_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 link_mtu = 1500
    Apr 10 15:25:59 openvpn 74413 tun_mtu_defined = ENABLED
    Apr 10 15:25:59 openvpn 74413 tun_mtu = 1500
    Apr 10 15:25:59 openvpn 74413 socks_proxy_retry = DISABLED
    Apr 10 15:25:59 openvpn 74413 socks_proxy_port = 0
    Apr 10 15:25:59 openvpn 74413 socks_proxy_server = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 connect_retry_max = 0
    Apr 10 15:25:59 openvpn 74413 connect_timeout = 10
    Apr 10 15:25:59 openvpn 74413 connect_retry_seconds = 5
    Apr 10 15:25:59 openvpn 74413 bind_local = ENABLED
    Apr 10 15:25:59 openvpn 74413 bind_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 remote_float = DISABLED
    Apr 10 15:25:59 openvpn 74413 remote_port = 443
    Apr 10 15:25:59 openvpn 74413 remote = 'nyc.tigervpn.com'
    Apr 10 15:25:59 openvpn 74413 local_port = 0
    Apr 10 15:25:59 openvpn 74413 local = '73.82.XX.XX'
    Apr 10 15:25:59 openvpn 74413 proto = tcp-client
    Apr 10 15:25:59 openvpn 74413 Connection profiles [1]:
    Apr 10 15:25:59 openvpn 74413 explicit_exit_notification = 0
    Apr 10 15:25:59 openvpn 74413 mssfix = 1450
    Apr 10 15:25:59 openvpn 74413 fragment = 0
    Apr 10 15:25:59 openvpn 74413 mtu_discover_type = -1
    Apr 10 15:25:59 openvpn 74413 tun_mtu_extra_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 tun_mtu_extra = 0
    Apr 10 15:25:59 openvpn 74413 link_mtu_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 link_mtu = 1500
    Apr 10 15:25:59 openvpn 74413 tun_mtu_defined = ENABLED
    Apr 10 15:25:59 openvpn 74413 tun_mtu = 1500
    Apr 10 15:25:59 openvpn 74413 socks_proxy_retry = DISABLED
    Apr 10 15:25:59 openvpn 74413 socks_proxy_port = 0
    Apr 10 15:25:59 openvpn 74413 socks_proxy_server = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 connect_retry_max = 0
    Apr 10 15:25:59 openvpn 74413 connect_timeout = 10
    Apr 10 15:25:59 openvpn 74413 connect_retry_seconds = 5
    Apr 10 15:25:59 openvpn 74413 bind_local = ENABLED
    Apr 10 15:25:59 openvpn 74413 bind_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 remote_float = DISABLED
    Apr 10 15:25:59 openvpn 74413 remote_port = 1194
    Apr 10 15:25:59 openvpn 74413 remote = 'nyc.tigervpn.com'
    Apr 10 15:25:59 openvpn 74413 local_port = 0
    Apr 10 15:25:59 openvpn 74413 local = '73.82.XX.XX'
    Apr 10 15:25:59 openvpn 74413 proto = udp
    Apr 10 15:25:59 openvpn 74413 Connection profiles [0]:
    Apr 10 15:25:59 openvpn 74413 explicit_exit_notification = 0
    Apr 10 15:25:59 openvpn 74413 mssfix = 1450
    Apr 10 15:25:59 openvpn 74413 fragment = 0
    Apr 10 15:25:59 openvpn 74413 mtu_discover_type = -1
    Apr 10 15:25:59 openvpn 74413 tun_mtu_extra_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 tun_mtu_extra = 0
    Apr 10 15:25:59 openvpn 74413 link_mtu_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 link_mtu = 1500
    Apr 10 15:25:59 openvpn 74413 tun_mtu_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 tun_mtu = 1500
    Apr 10 15:25:59 openvpn 74413 socks_proxy_retry = DISABLED
    Apr 10 15:25:59 openvpn 74413 socks_proxy_port = 0
    Apr 10 15:25:59 openvpn 74413 socks_proxy_server = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 connect_retry_max = 0
    Apr 10 15:25:59 openvpn 74413 connect_timeout = 10
    Apr 10 15:25:59 openvpn 74413 connect_retry_seconds = 5
    Apr 10 15:25:59 openvpn 74413 bind_local = ENABLED
    Apr 10 15:25:59 openvpn 74413 bind_defined = DISABLED
    Apr 10 15:25:59 openvpn 74413 remote_float = DISABLED
    Apr 10 15:25:59 openvpn 74413 remote_port = 1194
    Apr 10 15:25:59 openvpn 74413 remote = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 local_port = 0
    Apr 10 15:25:59 openvpn 74413 local = '73.82.XX.XX'
    Apr 10 15:25:59 openvpn 74413 proto = udp
    Apr 10 15:25:59 openvpn 74413 Connection profiles [default]:
    Apr 10 15:25:59 openvpn 74413 show_tls_ciphers = DISABLED
    Apr 10 15:25:59 openvpn 74413 key_pass_file = '[UNDEF]'
    Apr 10 15:25:59 openvpn 74413 genkey = DISABLED
    Apr 10 15:25:59 openvpn 74413 show_engines = DISABLED
    Apr 10 15:25:59 openvpn 74413 show_digests = DISABLED
    Apr 10 15:25:59 openvpn 74413 show_ciphers = DISABLED
    Apr 10 15:25:59 openvpn 74413 mode = 0
    Apr 10 15:25:59 openvpn 74413 config = '/var/etc/openvpn/client1.conf'
    Apr 10 15:25:59 openvpn 74413 Current Parameter Settings:



  • Just wondering if you ever got this working.  I have been struggling and have tried much of the same.



  • @jelter:

    Just wondering if you ever got this working.  I have been struggling and have tried much of the same.

    I actually did get this working, as far as the VPN interface getting an IP address (if you need these settings, PM me), but I can not route anything through it to the outside.

    My goal is to define specific LAN traffic to go out the interface.

    Current setup:

    WAN (Comcast): 73.82.XX.XX

    LAN: 10.0.0.0/24

    VPN IP: 100.97.0.40  Remote IP: 162.250.2.18
    Note the VPN IP changes very often, maybe once every 5 mins. Probably normal but I figured I would mention.

    I've looked over several guides on how to set up routing (created manual NAT rules, etc), but when I tell it to route all LAN traffic through the VPN interface, nothing goes out.

    When I do ping tests from withing pfSense (Diagnostics/Ping):

    WAN->VPN IP success
    LAN->VPN IP success
    VPN->WAN IP success
    VPN->LAN gateway success

    VPN->any internet IP fails
    VPN->Remote IP fails

    (Should the above two lines work?)

    Rules:

    Tiger_VPN
    Protocol: IPv4
    Source: *
    Port: *
    Destination: *
    Port: *
    Gateway: *

    OpenVPN:
    Same as above except:
    Source: LAN net
    Gateway: TIGER_VPN_VPNV4

    WAN/LAN rules: Currently nothing involving VPN

    Pending rule added to top of the list (which doesn't work - no net traffic goes out the VPN interface):

    LAN
    Protocol: IPv4 TCP
    Source: *
    Port: *
    Destination: *
    Port: *
    Gateway: TIGER_VPN_VPNV4

    It seems a lot of people are getting stuck at this point where nothing routes through the VPN interface to the internet. Just seeing if I'm missing any rules here.


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy