[2.4.2] OpenVPN connects but doesn't get an IP address



  • I am trying to make OpenVPN client to work on pfsense 2.4.2 but somehow it seems to fail to get an IP address. The log do look OK as you can see below but still it fails to connect as it doesn't get any IP address and no routes are added.

    There is no chance of getting any conflict because the VPN is using 10.x.x.x class and pfsense is using 192.168.x.x.

    I tried to increase the log level and ended up with level=4 but still not hints on what went wrong.

    Time	Process	PID	Message
    Nov 24 19:47:40	openvpn	26096	MANAGEMENT: Client disconnected
    Nov 24 19:47:40	openvpn	26096	MANAGEMENT: CMD 'state 1'
    Nov 24 19:47:40	openvpn	26096	MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
    Nov 24 19:47:39	openvpn	26096	MANAGEMENT: Client disconnected
    Nov 24 19:47:39	openvpn	26096	MANAGEMENT: CMD 'state 1'
    Nov 24 19:47:39	openvpn	26096	MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
    Nov 24 19:47:26	openvpn	26096	UDPv4 link remote: [AF_INET]185.62.111.111:1194
    Nov 24 19:47:26	openvpn	26096	UDPv4 link local (bound): [AF_INET]88.97.111.111:0
    Nov 24 19:47:26	openvpn	26096	Socket Buffers: R=[42080->42080] S=[57344->57344]
    Nov 24 19:47:26	openvpn	26096	TCP/UDP: Preserving recently used remote address: [AF_INET]185.62.111.111:1194
    Nov 24 19:47:26	openvpn	26096	Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1417,tun-mtu 1360,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
    Nov 24 19:47:26	openvpn	26096	Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1417,tun-mtu 1360,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
    
    

    And here is the config used

    dev ovpnc1
    verb 5
    dev-type tun
    dev-node /dev/tun1
    writepid /var/run/openvpn_client1.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto udp4
    cipher AES-256-CBC
    auth SHA1
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    local 1.2.3.4
    tls-client
    client
    lport 0
    management /var/etc/openvpn/client1.sock unix
    remote example.com 1194
    auth-user-pass /var/etc/openvpn/client1.up
    auth-retry nointeract
    ca /var/etc/openvpn/client1.ca
    ncp-disable
    resolv-retry infinite
    persist-tun
    tun-mtu 1360
    auth-nocache
    reneg-sec 0
    route-delay 5
    

Log in to reply