Issues setting up OpenVPN with TigerVPN
-
Alix 2d3 with pfSense 2.3.2-p1
1 WAN
1 LANSo I'm trying to incorporate the OpenVPN directly in the pfsense router vs on the client itself. I've followed several config guides, including this one to assist getting it applied to an interface, along with setting up the gateway on the LAN interface.
https://forum.pfsense.org/index.php?topic=76015.0
But after all of that, when I hit any site (like what's my IP sites), it's seeing my real IP, and not the VPN IP. If I do a ping test from the router (Diagnostics/Ping) and choose the VPN interface, it's successful. So I'm not sure what I'm missing here.
The client sent me this to use for the openvpn config:
client
remote nyc.tigervpn.com 1194 udp
remote nyc.tigervpn.com 443 tcp-clientpull
auth-user-pass
comp-lzo adaptive
ca ca.crt
dev tun
tls-client
script-security 2
cipher AES-256-CBC
mute 10route-delay 5
redirect-gateway def1
resolv-retry infinite
#dhcp-renew
#dhcp-release
persist-key
persist-tun
remote-cert-tls server
mssfixI've since combined these with the current settings from where I set it up (in GUI) and this is the current client1.conf file (I commented out duplicate stuff and moved it to the bottom):
dev ovpnc1
verb 4
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_client1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-256-CBC
auth SHA1
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 73.82.XX.XX (hiding my IP address)
engine cryptodev
tls-client
client
lport 0
management /var/etc/openvpn/client1.sock unix
remote nyc.tigervpn.com 1194
auth-user-pass /var/etc/openvpn/client1.up
ca /var/etc/openvpn/client1.ca
cert /var/etc/openvpn/client1.cert
key /var/etc/openvpn/client1.key
tls-auth /var/etc/openvpn/client1.tls-auth 1
comp-lzo adaptive
resolv-retry infiniteremote nyc.tigervpn.com 443 tcp-client
auth-user-pass /etc/openvpn-password.txt <- this was the only way i could get authentication to work, else I got a different errorpull
script-security 2
route-delay 5
redirect-gateway def1
remote-cert-tls server
mssfix#client
#remote nyc.tigervpn.com 1194 udp
#auth-user-pass
#comp-lzo adaptive
#ca ca.crt
#dev tun
#tls-client
#cipher AES-256-CBC
#mute 10
#resolv-retry infinite
#dhcp-renew
#dhcp-release
#persist-key
#persist-tunThe connection is always in a "Down" state and this is the OpenVPN logs (newest first):
Apr 10 15:26:05 openvpn 74479 TLS Error: cannot locate HMAC in incoming packet from [AF_INET]162.220.220.26:1194
Apr 10 15:26:05 openvpn 74479 TLS: Initial packet from [AF_INET]162.220.220.26:1194, sid=03a84775 77171301
Apr 10 15:26:04 openvpn 74479 MANAGEMENT: Client disconnected
Apr 10 15:26:04 openvpn 74479 MANAGEMENT: CMD 'state 1'
Apr 10 15:26:04 openvpn 74479 MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Apr 10 15:26:01 openvpn 74479 TLS Error: cannot locate HMAC in incoming packet from [AF_INET]162.220.220.26:1194
Apr 10 15:26:01 openvpn 74479 TLS: Initial packet from [AF_INET]162.220.220.26:1194, sid=03a84775 77171301
Apr 10 15:25:59 openvpn 74479 TLS Error: cannot locate HMAC in incoming packet from [AF_INET]162.220.220.26:1194
Apr 10 15:25:59 openvpn 74479 TLS: Initial packet from [AF_INET]162.220.220.26:1194, sid=03a84775 77171301
Apr 10 15:25:59 openvpn 74479 UDPv4 link remote: [AF_INET]162.220.220.26:1194
Apr 10 15:25:59 openvpn 74479 UDPv4 link local (bound): [AF_INET]73.82.XX.XX
Apr 10 15:25:59 openvpn 74479 Expected Remote Options hash (VER=V4): '162b04de'
Apr 10 15:25:59 openvpn 74479 Local Options hash (VER=V4): '9e7066d2'
Apr 10 15:25:59 openvpn 74479 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Apr 10 15:25:59 openvpn 74479 Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Apr 10 15:25:59 openvpn 74479 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:143 ET:0 EL:3 AF:3/1 ]
Apr 10 15:25:59 openvpn 74479 Socket Buffers: R=[42080->42080] S=[57344->57344]
Apr 10 15:25:59 openvpn 74479 Control Channel MTU parms [ L:1558 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Apr 10 15:25:59 openvpn 74479 LZO compression initialized
Apr 10 15:25:59 openvpn 74479 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Apr 10 15:25:59 openvpn 74479 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Apr 10 15:25:59 openvpn 74479 Control Channel Authentication: using '/var/etc/openvpn/client1.tls-auth' as a OpenVPN static key file
Apr 10 15:25:59 openvpn 74479 Initializing OpenSSL support for engine 'cryptodev'
Apr 10 15:25:59 openvpn 74479 NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
Apr 10 15:25:59 openvpn 74479 MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
Apr 10 15:25:59 openvpn 74413 WARNING: file '/etc/openvpn-password.txt' is group or others accessible
Apr 10 15:25:59 openvpn 74413 library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
Apr 10 15:25:59 openvpn 74413 OpenVPN 2.3.11 i386-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on May 16 2016
Apr 10 15:25:59 openvpn 74413 auth_user_pass_file = '/etc/openvpn-password.txt'
Apr 10 15:25:59 openvpn 74413 pull = ENABLED
Apr 10 15:25:59 openvpn 74413 client = ENABLED
Apr 10 15:25:59 openvpn 74413 port_share_port = 0
Apr 10 15:25:59 openvpn 74413 port_share_host = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 auth_user_pass_verify_script_via_file = DISABLED
Apr 10 15:25:59 openvpn 74413 auth_user_pass_verify_script = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 max_routes_per_client = 256
Apr 10 15:25:59 openvpn 74413 max_clients = 1024
Apr 10 15:25:59 openvpn 74413 cf_per = 0
Apr 10 15:25:59 openvpn 74413 cf_max = 0
Apr 10 15:25:59 openvpn 74413 duplicate_cn = DISABLED
Apr 10 15:25:59 openvpn 74413 enable_c2c = DISABLED
Apr 10 15:25:59 openvpn 74413 push_ifconfig_ipv6_remote = ::
Apr 10 15:25:59 openvpn 74413 push_ifconfig_ipv6_local = ::/0
Apr 10 15:25:59 openvpn 74413 push_ifconfig_ipv6_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 push_ifconfig_remote_netmask = 0.0.0.0
Apr 10 15:25:59 openvpn 74413 push_ifconfig_local = 0.0.0.0
Apr 10 15:25:59 openvpn 74413 push_ifconfig_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 tmp_dir = '/tmp'
Apr 10 15:25:59 openvpn 74413 ccd_exclusive = DISABLED
Apr 10 15:25:59 openvpn 74413 client_config_dir = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 client_disconnect_script = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 learn_address_script = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 client_connect_script = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 virtual_hash_size = 256
Apr 10 15:25:59 openvpn 74413 real_hash_size = 256
Apr 10 15:25:59 openvpn 74413 tcp_queue_limit = 64
Apr 10 15:25:59 openvpn 74413 n_bcast_buf = 256
Apr 10 15:25:59 openvpn 74413 ifconfig_ipv6_pool_netbits = 0
Apr 10 15:25:59 openvpn 74413 ifconfig_ipv6_pool_base = ::
Apr 10 15:25:59 openvpn 74413 ifconfig_ipv6_pool_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 ifconfig_pool_persist_refresh_freq = 600
Apr 10 15:25:59 openvpn 74413 ifconfig_pool_persist_filename = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 ifconfig_pool_netmask = 0.0.0.0
Apr 10 15:25:59 openvpn 74413 ifconfig_pool_end = 0.0.0.0
Apr 10 15:25:59 openvpn 74413 ifconfig_pool_start = 0.0.0.0
Apr 10 15:25:59 openvpn 74413 ifconfig_pool_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 server_bridge_pool_end = 0.0.0.0
Apr 10 15:25:59 openvpn 74413 server_bridge_pool_start = 0.0.0.0
Apr 10 15:25:59 openvpn 74413 server_bridge_netmask = 0.0.0.0
Apr 10 15:25:59 openvpn 74413 server_bridge_ip = 0.0.0.0
Apr 10 15:25:59 openvpn 74413 server_netbits_ipv6 = 0
Apr 10 15:25:59 openvpn 74413 server_network_ipv6 = ::
Apr 10 15:25:59 openvpn 74413 server_netmask = 0.0.0.0
Apr 10 15:25:59 openvpn 74413 server_network = 0.0.0.0
Apr 10 15:25:59 openvpn 74413 tls_auth_file = '/var/etc/openvpn/client1.tls-auth'
Apr 10 15:25:59 openvpn 74413 tls_exit = DISABLED
Apr 10 15:25:59 openvpn 74413 push_peer_info = DISABLED
Apr 10 15:25:59 openvpn 74413 single_session = DISABLED
Apr 10 15:25:59 openvpn 74413 transition_window = 3600
Apr 10 15:25:59 openvpn 74413 handshake_window = 60
Apr 10 15:25:59 openvpn 74413 renegotiate_seconds = 3600
Apr 10 15:25:59 openvpn 74413 renegotiate_packets = 0
Apr 10 15:25:59 openvpn 74413 renegotiate_bytes = 0
Apr 10 15:25:59 openvpn 74413 tls_timeout = 2
Apr 10 15:25:59 openvpn 74413 ssl_flags = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_eku = 'TLS Web Server Authentication'
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 0
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 136
Apr 10 15:25:59 openvpn 74413 remote_cert_ku = 160
Apr 10 15:25:59 openvpn 74413 ns_cert_type = 0
Apr 10 15:25:59 openvpn 74413 crl_file = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 verify_x509_name = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 verify_x509_type = 0
Apr 10 15:25:59 openvpn 74413 tls_export_cert = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 tls_verify = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 cipher_list = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 pkcs12_file = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 priv_key_file = '/var/etc/openvpn/client1.key'
Apr 10 15:25:59 openvpn 74413 extra_certs_file = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 cert_file = '/var/etc/openvpn/client1.cert'
Apr 10 15:25:59 openvpn 74413 dh_file = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 ca_path = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 ca_file = '/var/etc/openvpn/client1.ca'
Apr 10 15:25:59 openvpn 74413 key_method = 2
Apr 10 15:25:59 openvpn 74413 tls_client = ENABLED
Apr 10 15:25:59 openvpn 74413 tls_server = DISABLED
Apr 10 15:25:59 openvpn 74413 test_crypto = DISABLED
Apr 10 15:25:59 openvpn 74413 use_iv = ENABLED
Apr 10 15:25:59 openvpn 74413 packet_id_file = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 replay_time = 15
Apr 10 15:25:59 openvpn 74413 replay_window = 64
Apr 10 15:25:59 openvpn 74413 mute_replay_warnings = DISABLED
Apr 10 15:25:59 openvpn 74413 replay = ENABLED
Apr 10 15:25:59 openvpn 74413 engine = ENABLED
Apr 10 15:25:59 openvpn 74413 keysize = 0
Apr 10 15:25:59 openvpn 74413 prng_nonce_secret_len = 16
Apr 10 15:25:59 openvpn 74413 prng_hash = 'SHA1'
Apr 10 15:25:59 openvpn 74413 authname = 'SHA1'
Apr 10 15:25:59 openvpn 74413 authname_defined = ENABLED
Apr 10 15:25:59 openvpn 74413 ciphername = 'AES-256-CBC'
Apr 10 15:25:59 openvpn 74413 ciphername_defined = ENABLED
Apr 10 15:25:59 openvpn 74413 key_direction = 2
Apr 10 15:25:59 openvpn 74413 shared_secret_file = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 management_flags = 256
Apr 10 15:25:59 openvpn 74413 management_client_group = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 management_client_user = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 management_write_peer_info_file = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 management_echo_buffer_size = 100
Apr 10 15:25:59 openvpn 74413 management_log_history_cache = 250
Apr 10 15:25:59 openvpn 74413 management_user_pass = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 management_port = 0
Apr 10 15:25:59 openvpn 74413 management_addr = '/var/etc/openvpn/client1.sock'
Apr 10 15:25:59 openvpn 74413 [redirect_default_gateway local=0]
Apr 10 15:25:59 openvpn 74413 allow_pull_fqdn = DISABLED
Apr 10 15:25:59 openvpn 74413 max_routes = 100
Apr 10 15:25:59 openvpn 74413 route_gateway_via_dhcp = DISABLED
Apr 10 15:25:59 openvpn 74413 route_nopull = DISABLED
Apr 10 15:25:59 openvpn 74413 route_delay_defined = ENABLED
Apr 10 15:25:59 openvpn 74413 route_delay_window = 30
Apr 10 15:25:59 openvpn 74413 route_delay = 5
Apr 10 15:25:59 openvpn 74413 route_noexec = DISABLED
Apr 10 15:25:59 openvpn 74413 route_default_metric = 0
Apr 10 15:25:59 openvpn 74413 route_default_gateway = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 route_script = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 lzo = 7
Apr 10 15:25:59 openvpn 74413 fast_io = DISABLED
Apr 10 15:25:59 openvpn 74413 sockflags = 0
Apr 10 15:25:59 openvpn 74413 sndbuf = 0
Apr 10 15:25:59 openvpn 74413 rcvbuf = 0
Apr 10 15:25:59 openvpn 74413 occ = ENABLED
Apr 10 15:25:59 openvpn 74413 status_file_update_freq = 60
Apr 10 15:25:59 openvpn 74413 status_file_version = 1
Apr 10 15:25:59 openvpn 74413 status_file = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 gremlin = 0
Apr 10 15:25:59 openvpn 74413 mute = 0
Apr 10 15:25:59 openvpn 74413 verbosity = 4
Apr 10 15:25:59 openvpn 74413 nice = 0
Apr 10 15:25:59 openvpn 74413 suppress_timestamps = DISABLED
Apr 10 15:25:59 openvpn 74413 log = DISABLED
Apr 10 15:25:59 openvpn 74413 inetd = 0
Apr 10 15:25:59 openvpn 74413 daemon = ENABLED
Apr 10 15:25:59 openvpn 74413 up_delay = DISABLED
Apr 10 15:25:59 openvpn 74413 up_restart = DISABLED
Apr 10 15:25:59 openvpn 74413 down_pre = DISABLED
Apr 10 15:25:59 openvpn 74413 down_script = '/usr/local/sbin/ovpn-linkdown'
Apr 10 15:25:59 openvpn 74413 up_script = '/usr/local/sbin/ovpn-linkup'
Apr 10 15:25:59 openvpn 74413 writepid = '/var/run/openvpn_client1.pid'
Apr 10 15:25:59 openvpn 74413 cd_dir = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 chroot_dir = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 groupname = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 username = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 resolve_retry_seconds = 1000000000
Apr 10 15:25:59 openvpn 74413 passtos = DISABLED
Apr 10 15:25:59 openvpn 74413 persist_key = ENABLED
Apr 10 15:25:59 openvpn 74413 persist_remote_ip = DISABLED
Apr 10 15:25:59 openvpn 74413 persist_local_ip = DISABLED
Apr 10 15:25:59 openvpn 74413 persist_tun = ENABLED
Apr 10 15:25:59 openvpn 74413 remap_sigusr1 = 0
Apr 10 15:25:59 openvpn 74413 ping_timer_remote = ENABLED
Apr 10 15:25:59 openvpn 74413 ping_rec_timeout_action = 2
Apr 10 15:25:59 openvpn 74413 ping_rec_timeout = 60
Apr 10 15:25:59 openvpn 74413 ping_send_timeout = 10
Apr 10 15:25:59 openvpn 74413 inactivity_timeout = 0
Apr 10 15:25:59 openvpn 74413 keepalive_timeout = 60
Apr 10 15:25:59 openvpn 74413 keepalive_ping = 10
Apr 10 15:25:59 openvpn 74413 mlock = DISABLED
Apr 10 15:25:59 openvpn 74413 mtu_test = 0
Apr 10 15:25:59 openvpn 74413 shaper = 0
Apr 10 15:25:59 openvpn 74413 ifconfig_ipv6_remote = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 ifconfig_ipv6_netbits = 0
Apr 10 15:25:59 openvpn 74413 ifconfig_ipv6_local = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 ifconfig_nowarn = DISABLED
Apr 10 15:25:59 openvpn 74413 ifconfig_noexec = DISABLED
Apr 10 15:25:59 openvpn 74413 ifconfig_remote_netmask = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 ifconfig_local = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 tun_ipv6 = DISABLED
Apr 10 15:25:59 openvpn 74413 topology = 1
Apr 10 15:25:59 openvpn 74413 lladdr = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 dev_node = '/dev/tun1'
Apr 10 15:25:59 openvpn 74413 dev_type = 'tun'
Apr 10 15:25:59 openvpn 74413 dev = 'ovpnc1'
Apr 10 15:25:59 openvpn 74413 ipchange = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 remote_random = DISABLED
Apr 10 15:25:59 openvpn 74413 Connection profiles END
Apr 10 15:25:59 openvpn 74413 explicit_exit_notification = 0
Apr 10 15:25:59 openvpn 74413 mssfix = 1450
Apr 10 15:25:59 openvpn 74413 fragment = 0
Apr 10 15:25:59 openvpn 74413 mtu_discover_type = -1
Apr 10 15:25:59 openvpn 74413 tun_mtu_extra_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 tun_mtu_extra = 0
Apr 10 15:25:59 openvpn 74413 link_mtu_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 link_mtu = 1500
Apr 10 15:25:59 openvpn 74413 tun_mtu_defined = ENABLED
Apr 10 15:25:59 openvpn 74413 tun_mtu = 1500
Apr 10 15:25:59 openvpn 74413 socks_proxy_retry = DISABLED
Apr 10 15:25:59 openvpn 74413 socks_proxy_port = 0
Apr 10 15:25:59 openvpn 74413 socks_proxy_server = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 connect_retry_max = 0
Apr 10 15:25:59 openvpn 74413 connect_timeout = 10
Apr 10 15:25:59 openvpn 74413 connect_retry_seconds = 5
Apr 10 15:25:59 openvpn 74413 bind_local = ENABLED
Apr 10 15:25:59 openvpn 74413 bind_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 remote_float = DISABLED
Apr 10 15:25:59 openvpn 74413 remote_port = 443
Apr 10 15:25:59 openvpn 74413 remote = 'nyc.tigervpn.com'
Apr 10 15:25:59 openvpn 74413 local_port = 0
Apr 10 15:25:59 openvpn 74413 local = '73.82.XX.XX'
Apr 10 15:25:59 openvpn 74413 proto = tcp-client
Apr 10 15:25:59 openvpn 74413 Connection profiles [1]:
Apr 10 15:25:59 openvpn 74413 explicit_exit_notification = 0
Apr 10 15:25:59 openvpn 74413 mssfix = 1450
Apr 10 15:25:59 openvpn 74413 fragment = 0
Apr 10 15:25:59 openvpn 74413 mtu_discover_type = -1
Apr 10 15:25:59 openvpn 74413 tun_mtu_extra_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 tun_mtu_extra = 0
Apr 10 15:25:59 openvpn 74413 link_mtu_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 link_mtu = 1500
Apr 10 15:25:59 openvpn 74413 tun_mtu_defined = ENABLED
Apr 10 15:25:59 openvpn 74413 tun_mtu = 1500
Apr 10 15:25:59 openvpn 74413 socks_proxy_retry = DISABLED
Apr 10 15:25:59 openvpn 74413 socks_proxy_port = 0
Apr 10 15:25:59 openvpn 74413 socks_proxy_server = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 connect_retry_max = 0
Apr 10 15:25:59 openvpn 74413 connect_timeout = 10
Apr 10 15:25:59 openvpn 74413 connect_retry_seconds = 5
Apr 10 15:25:59 openvpn 74413 bind_local = ENABLED
Apr 10 15:25:59 openvpn 74413 bind_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 remote_float = DISABLED
Apr 10 15:25:59 openvpn 74413 remote_port = 1194
Apr 10 15:25:59 openvpn 74413 remote = 'nyc.tigervpn.com'
Apr 10 15:25:59 openvpn 74413 local_port = 0
Apr 10 15:25:59 openvpn 74413 local = '73.82.XX.XX'
Apr 10 15:25:59 openvpn 74413 proto = udp
Apr 10 15:25:59 openvpn 74413 Connection profiles [0]:
Apr 10 15:25:59 openvpn 74413 explicit_exit_notification = 0
Apr 10 15:25:59 openvpn 74413 mssfix = 1450
Apr 10 15:25:59 openvpn 74413 fragment = 0
Apr 10 15:25:59 openvpn 74413 mtu_discover_type = -1
Apr 10 15:25:59 openvpn 74413 tun_mtu_extra_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 tun_mtu_extra = 0
Apr 10 15:25:59 openvpn 74413 link_mtu_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 link_mtu = 1500
Apr 10 15:25:59 openvpn 74413 tun_mtu_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 tun_mtu = 1500
Apr 10 15:25:59 openvpn 74413 socks_proxy_retry = DISABLED
Apr 10 15:25:59 openvpn 74413 socks_proxy_port = 0
Apr 10 15:25:59 openvpn 74413 socks_proxy_server = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 connect_retry_max = 0
Apr 10 15:25:59 openvpn 74413 connect_timeout = 10
Apr 10 15:25:59 openvpn 74413 connect_retry_seconds = 5
Apr 10 15:25:59 openvpn 74413 bind_local = ENABLED
Apr 10 15:25:59 openvpn 74413 bind_defined = DISABLED
Apr 10 15:25:59 openvpn 74413 remote_float = DISABLED
Apr 10 15:25:59 openvpn 74413 remote_port = 1194
Apr 10 15:25:59 openvpn 74413 remote = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 local_port = 0
Apr 10 15:25:59 openvpn 74413 local = '73.82.XX.XX'
Apr 10 15:25:59 openvpn 74413 proto = udp
Apr 10 15:25:59 openvpn 74413 Connection profiles [default]:
Apr 10 15:25:59 openvpn 74413 show_tls_ciphers = DISABLED
Apr 10 15:25:59 openvpn 74413 key_pass_file = '[UNDEF]'
Apr 10 15:25:59 openvpn 74413 genkey = DISABLED
Apr 10 15:25:59 openvpn 74413 show_engines = DISABLED
Apr 10 15:25:59 openvpn 74413 show_digests = DISABLED
Apr 10 15:25:59 openvpn 74413 show_ciphers = DISABLED
Apr 10 15:25:59 openvpn 74413 mode = 0
Apr 10 15:25:59 openvpn 74413 config = '/var/etc/openvpn/client1.conf'
Apr 10 15:25:59 openvpn 74413 Current Parameter Settings: -
Just wondering if you ever got this working. I have been struggling and have tried much of the same.
-
Just wondering if you ever got this working. I have been struggling and have tried much of the same.
I actually did get this working, as far as the VPN interface getting an IP address (if you need these settings, PM me), but I can not route anything through it to the outside.
My goal is to define specific LAN traffic to go out the interface.
Current setup:
WAN (Comcast): 73.82.XX.XX
LAN: 10.0.0.0/24
VPN IP: 100.97.0.40 Remote IP: 162.250.2.18
Note the VPN IP changes very often, maybe once every 5 mins. Probably normal but I figured I would mention.I've looked over several guides on how to set up routing (created manual NAT rules, etc), but when I tell it to route all LAN traffic through the VPN interface, nothing goes out.
When I do ping tests from withing pfSense (Diagnostics/Ping):
WAN->VPN IP success
LAN->VPN IP success
VPN->WAN IP success
VPN->LAN gateway successVPN->any internet IP fails
VPN->Remote IP fails(Should the above two lines work?)
Rules:
Tiger_VPN
Protocol: IPv4
Source: *
Port: *
Destination: *
Port: *
Gateway: *OpenVPN:
Same as above except:
Source: LAN net
Gateway: TIGER_VPN_VPNV4WAN/LAN rules: Currently nothing involving VPN
Pending rule added to top of the list (which doesn't work - no net traffic goes out the VPN interface):
LAN
Protocol: IPv4 TCP
Source: *
Port: *
Destination: *
Port: *
Gateway: TIGER_VPN_VPNV4It seems a lot of people are getting stuck at this point where nothing routes through the VPN interface to the internet. Just seeing if I'm missing any rules here.