OpenVPN Authentication Fails
With almost no free support except this forum, I'm about to return the box (PFSense SG-2220). I purchased the system only so that I can access my home lab via VPN. I created the CA, Server Cert, and User Cert. After that I created a User and assigned User Cert to this user. It's running latest firmware 2.3.4.
I have been trying to configure the VPN access for almost a week now but haven't had any luck. I am using Viscosity as my VPN Client on a Macbook but tried Tunnleblick as well. I tried different auth types but none work i.e. used Authentication as SSL.TLS Client and assigned proper Certs and Keys but I keep getting Authentication error - OpenVPN Verification failed. Please reconnect to try again.
I'm running out of ideas as to what's wrong. Any expert here who can guide before I return?
Things get interesting with the new release in which "OpenVPN Client Export Package" has been removed.
Thanks in advance.
The OpenVPN Client Export Package is in every version. There are no versions in which it has been removed.
In order to help you, we'll need to see a lot more detail. Specifically, we'll need to know more about the server and client configuration, and server and client logs from the failure. Include as much as possible, though we do not need to see keys/passwords.
Also, any time you change the server configuration you have to change the client to match. Using the export package, you'd need to export a new client configuration for each change.
Pretty sure when you buy hardware you get 2 free support calls included in the price. I did when bought the sg-2440. Haven't used yet, prob never need them - but nice to know they are there if needed..
For setting up road warrior - you click through the wizard, then go to the export package and download you config. Done!
Now what I did run into recently, is that the ios app does not support the newer tls-crypt feature of 2.4 openvpn.. So you have to make sure your just using tls auth and not crypt..
I would suggest you post up your config, post up your logs from client and server and we can figure out what you are doing wrong.