Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    VPN client starts but fails to receive data (images included)

    OpenVPN
    2
    8
    416
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tigerlillies last edited by

      I tried to include all the information that would prove useful to fixing this.
      I have not had a reply from TrustedZone in 36 hours so I thought I'd ask here.

      I included their .ovpn (as a .txt) file, the provided settings for manual set-up,  the only router configuration guide (for DD-WRT) with their script as a .txt

      Thank you for looking.
      ![certificate authority.JPG](/public/imported_attachments/1/certificate authority.JPG)
      ![certificate authority.JPG_thumb](/public/imported_attachments/1/certificate authority.JPG_thumb)


      ![DNS settings 1.jpg](/public/imported_attachments/1/DNS settings 1.jpg)
      ![DNS settings 1.jpg_thumb](/public/imported_attachments/1/DNS settings 1.jpg_thumb)
      ![DNS settings 2.JPG](/public/imported_attachments/1/DNS settings 2.JPG)
      ![DNS settings 2.JPG_thumb](/public/imported_attachments/1/DNS settings 2.JPG_thumb)




      ![OpenVPN Logs.JPG](/public/imported_attachments/1/OpenVPN Logs.JPG)
      ![OpenVPN Logs.JPG_thumb](/public/imported_attachments/1/OpenVPN Logs.JPG_thumb)
      ![VPN Settings.jpg](/public/imported_attachments/1/VPN Settings.jpg)
      ![VPN Settings.jpg_thumb](/public/imported_attachments/1/VPN Settings.jpg_thumb)
      VPN_trustedzone_trusted.zone_crt.txt
      Trust.Zone-VPN_ovpn.txt
      [Trust.Zone-VPN (DD-WRT script)_sh.txt](/public/imported_attachments/1/Trust.Zone-VPN (DD-WRT script)_sh.txt)

      1 Reply Last reply Reply Quote 0
      • Derelict
        Derelict LAYER 8 Netgate last edited by

        What traffic have you policy-routed out the VPN?

        What, exactly, is the issue you are asking about?

        1 Reply Last reply Reply Quote 0
        • T
          tigerlillies last edited by

          I would like to have all internet traffic routed through the VPN service.

          I have gotten that far with my limited knowledge.

          I did not policy-route anything and I'm guessing the VPN is refusing my connection attempts if I am not receiving any data back.

          1 Reply Last reply Reply Quote 0
          • Derelict
            Derelict LAYER 8 Netgate last edited by

            Since you have don't pull routes checked you need to policy route the traffic you want to go over the VPN over the VPN.

            A quick test would be to uncheck don't pull routes, disconnect and reconnect and test again.

            They are probably sending you a couple /1 routes that will send all traffic to them instead of directly to your ISP.

            1 Reply Last reply Reply Quote 0
            • T
              tigerlillies last edited by

              I have deleted my other DNS servers and made the VPN ones the default. I turned on pull routes.

              OpenVPN logs after reboot and restarting VPN client service (There's also some VPN server logs in there): https://pastebin.com/M2te19p9

              It says:

              Sep 2 12:29:20  openvpn    93251  SIGTERM[soft,auth-failure] received, process exiting
              Sep 2 12:29:20  openvpn    93251  AUTH: Received control message: AUTH_FAILED

              Wow, sorryy! I don't see this picture listed in my post (manual set-up settings from TrustedZone): http://i.imgur.com/2HTQgv3.png

              I do not know where the VPN pre-shared key would go.
              Do I need to have TLS authentication on in OpenVPN settings? I couldn't use the part of the .ovpn file because PFSense said it was incorrect upon saving and wouldn't allow it.

              Edit: 0 Bytes of data received on the interface

              1 Reply Last reply Reply Quote 0
              • Derelict
                Derelict LAYER 8 Netgate last edited by

                All of those questions depend on the configuration of the server.

                Are they really zero help? They're the ones you are paying. Maybe you should switch?

                1 Reply Last reply Reply Quote 0
                • T
                  tigerlillies last edited by

                  I am using a free trial and haven't had a reply in 72 hours now. I messaged them yesterday and today about the issue.

                  Thank you for your help c:

                  Have a lovely day! I have somewhere to be soon.

                  1 Reply Last reply Reply Quote 0
                  • Derelict
                    Derelict LAYER 8 Netgate last edited by

                    No, I do not see they need a TLS key.

                    Create a CA in pfSense using the blob contained within<ca></ca>

                    Create a certificate in pfSense using the blobs contained in the and

                    In the OpenVPN client:

                    Server Mode: Peer-to-Peer (SSL/TLS)

                    Protocol: TCP

                    Device Mode: tun

                    Interface: WAN

                    Server host or address: vpn.trust.zone

                    Server port: 443

                    Place the correct username and password

                    Be sure TLS authentication is unchecked

                    Be sure the CA you created is selected in the Peer Certificate authority

                    Be sure the certificate you created is chosen in the Client Certificate.

                    Encryption Algorithm: AES-256-CBC

                    Auth Digest algorithm: SHA512 (eyeroll)

                    Be sure Don't pull routes is unchecked

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post

                    Products

                    • Platform Overview
                    • TNSR
                    • pfSense
                    • Appliances

                    Services

                    • Training
                    • Professional Services

                    Support

                    • Subscription Plans
                    • Contact Support
                    • Product Lifecycle
                    • Documentation

                    News

                    • Media Coverage
                    • Press
                    • Events

                    Resources

                    • Blog
                    • FAQ
                    • Find a Partner
                    • Resource Library
                    • Security Information

                    Company

                    • About Us
                    • Careers
                    • Partners
                    • Contact Us
                    • Legal
                    Our Mission

                    We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                    Subscribe to our Newsletter

                    Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                    © 2021 Rubicon Communications, LLC | Privacy Policy