VPN client starts but fails to receive data (images included)



  • I tried to include all the information that would prove useful to fixing this.
    I have not had a reply from TrustedZone in 36 hours so I thought I'd ask here.

    I included their .ovpn (as a .txt) file, the provided settings for manual set-up,  the only router configuration guide (for DD-WRT) with their script as a .txt

    Thank you for looking.
    ![certificate authority.JPG](/public/imported_attachments/1/certificate authority.JPG)
    ![certificate authority.JPG_thumb](/public/imported_attachments/1/certificate authority.JPG_thumb)


    ![DNS settings 1.jpg](/public/imported_attachments/1/DNS settings 1.jpg)
    ![DNS settings 1.jpg_thumb](/public/imported_attachments/1/DNS settings 1.jpg_thumb)
    ![DNS settings 2.JPG](/public/imported_attachments/1/DNS settings 2.JPG)
    ![DNS settings 2.JPG_thumb](/public/imported_attachments/1/DNS settings 2.JPG_thumb)




    ![OpenVPN Logs.JPG](/public/imported_attachments/1/OpenVPN Logs.JPG)
    ![OpenVPN Logs.JPG_thumb](/public/imported_attachments/1/OpenVPN Logs.JPG_thumb)
    ![VPN Settings.jpg](/public/imported_attachments/1/VPN Settings.jpg)
    ![VPN Settings.jpg_thumb](/public/imported_attachments/1/VPN Settings.jpg_thumb)
    VPN_trustedzone_trusted.zone_crt.txt
    Trust.Zone-VPN_ovpn.txt
    [Trust.Zone-VPN (DD-WRT script)_sh.txt](/public/imported_attachments/1/Trust.Zone-VPN (DD-WRT script)_sh.txt)


  • LAYER 8 Netgate

    What traffic have you policy-routed out the VPN?

    What, exactly, is the issue you are asking about?



  • I would like to have all internet traffic routed through the VPN service.

    I have gotten that far with my limited knowledge.

    I did not policy-route anything and I'm guessing the VPN is refusing my connection attempts if I am not receiving any data back.


  • LAYER 8 Netgate

    Since you have don't pull routes checked you need to policy route the traffic you want to go over the VPN over the VPN.

    A quick test would be to uncheck don't pull routes, disconnect and reconnect and test again.

    They are probably sending you a couple /1 routes that will send all traffic to them instead of directly to your ISP.



  • I have deleted my other DNS servers and made the VPN ones the default. I turned on pull routes.

    OpenVPN logs after reboot and restarting VPN client service (There's also some VPN server logs in there): https://pastebin.com/M2te19p9

    It says:

    Sep 2 12:29:20  openvpn    93251  SIGTERM[soft,auth-failure] received, process exiting
    Sep 2 12:29:20  openvpn    93251  AUTH: Received control message: AUTH_FAILED

    Wow, sorryy! I don't see this picture listed in my post (manual set-up settings from TrustedZone): http://i.imgur.com/2HTQgv3.png

    I do not know where the VPN pre-shared key would go.
    Do I need to have TLS authentication on in OpenVPN settings? I couldn't use the part of the .ovpn file because PFSense said it was incorrect upon saving and wouldn't allow it.

    Edit: 0 Bytes of data received on the interface


  • LAYER 8 Netgate

    All of those questions depend on the configuration of the server.

    Are they really zero help? They're the ones you are paying. Maybe you should switch?



  • I am using a free trial and haven't had a reply in 72 hours now. I messaged them yesterday and today about the issue.

    Thank you for your help c:

    Have a lovely day! I have somewhere to be soon.


  • LAYER 8 Netgate

    No, I do not see they need a TLS key.

    Create a CA in pfSense using the blob contained within<ca></ca>

    Create a certificate in pfSense using the blobs contained in the and

    In the OpenVPN client:

    Server Mode: Peer-to-Peer (SSL/TLS)

    Protocol: TCP

    Device Mode: tun

    Interface: WAN

    Server host or address: vpn.trust.zone

    Server port: 443

    Place the correct username and password

    Be sure TLS authentication is unchecked

    Be sure the CA you created is selected in the Peer Certificate authority

    Be sure the certificate you created is chosen in the Client Certificate.

    Encryption Algorithm: AES-256-CBC

    Auth Digest algorithm: SHA512 (eyeroll)

    Be sure Don't pull routes is unchecked


Log in to reply