Enter at your own risk: newbie trying go configure OpenVPN client
-
Howdy – I'm new to the pfSense community. I'm also a networking know-nothing. Please have patience with me :P
I'm trying to connect to my StrongVPN subscription via OpenVPN.
After following various tutorials (and spending many hours tinkering), I was finally able to get the VPN connection configured properly (pfSense --> StrongVPN servers, but no devices could access the internet).
It's probably worth pointing out that I think I was able to get the VPN client properly configured, but I can't be 100% sure…I can see the green check mark and the "Up" status in pfSense. I also see "Initialization Sequence Completed" in System Logs\OpenVPN. However, immediately below that line I recently began seeing the following log entries:
May 12 02:14:12 openvpn 11588 MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
May 12 02:14:12 openvpn 11588 MANAGEMENT: CMD 'state 1'
May 12 02:14:12 openvpn 11588 MANAGEMENT: CMD 'status 2'
May 12 02:14:12 openvpn 11588 MANAGEMENT: Client disconnectedThe four lines above repeat every few minutes.
In addition to setting up the VPN client, I've also configured an OpenVPN interface, gateway, set Outbound NAT to Manual - AON, and created firewall rules for WAN, LAN, VPN, and OpenVPN. Most of the steps I followed from here: https://forum.pfsense.org/index.php?topic=29944.0 and here: http://swimminginthought.com/pfsense-routing-traffic-strongvpn-openvpn/, but these are really old threads (with broken image links) and old pfSense versions with menu options that don't always match up with what I'm seeing. Let's just say I had to improvise a bit.
Can anyone help me work through this?
=|
-
Sorry, I do not have a Strongvpn account.
I would start over and get pfSense connected to your ISP. Once that is done, download the openvpn.conf file for your Strongvpn account. Follow the instructions on Strongvpn web for Linux openvpn command line. Once you have that file, share the content here if you need more help. Be sure to mask out any sensitive details such as account and password.
It is a matter of configuring pfSense openvpn client according to the downloaded conf, setting firewall rules and NAT.
-
Thanks for your reply. I was worried that I was going to get crickets.
I think the issue I'm having is related to the last part of your statement. Specifically "setting firewall rules and NAT". I was able to get pfSense up and running directly through my ISP connection. I was also able to get the VPN configuration set up, but hit a wall when attempting to route my internal LAN traffic properly.
I will take your suggestion regarding starting over. However, is there a recent guide or tutorial you can point me to that will help me configure the firewall rules and NAT? As I mentioned, the only guides I've found have broken image links and old instructions, so I had to do some improvising (which most likely broke something).
Thanks again.
=|
-
Undo the routing and lan gateway steps. Instead use Firewall -> NAT -> Outbound manual NAT and add a rule for Strongvpn interface using Strongvpn address.If all goes right, your vpn server address will be displayed at strongvpn.com
https://doc.pfsense.org/index.php/Outbound_NAT
-
Thanks so much - finally got everything to work!