Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Server setup issues

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 3 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LSxT325
      last edited by

      Hi everyone,

      Having some trouble with setting up an OpenVPN Server.

      My setup:
      One WAN interface (igb0 ipv4 DHCP from internet provider) and one LAN interface with pfSense DHCP Server handing out IPs (ipv4) to all connected clients, 192.168.0.0/24.

      I used the OpenVPN wizard to set everything up, following the info provided here:
      https://marvintan.me/blog/configure-pfsense-as-openvpn-remote-access-server

      Tunnel network used in the wizard was: 192.168.100.0/24

      At the end of the wizard, I ticked the boxes for "Firewall Rule" and "OpenVPN Rule" to be created by the wizard.

      This is a fresh install of pfSense so I don't have a bunch of other firewall rules, just the defaults.  The only exception to this are the rules created by the OpenVPN Server wizard for the WAN and OpenVPN interfaces.

      Issues:

      When I try to connect to the VPN from an external network (LTE data connection on my mobile phone, via OpenVPN Connect client for Android), the connection log for the OpenVPN Connect client shows that it keeps trying to connect but is never successful.

      My pfSense web interface shows the following alert/error that is likely related:

      There were error(s) loading the rules: /tmp/rules.debug:159: unknown protocol tcp4 - The line in question reads [159]: pass in quick on $WAN reply-to ( igb0 xxx.xxx.123.1 ) inet proto tcp4 from any to xxx.xxx.124.191 tracker 1522539021 keep state label "USER_RULE: OpenVPN openvpntcp443 wizard"
@ 2018-04-01 08:22:51

      xxx.xxx.123.1 is the WAN gateway ip from my isp
      xxx.xxx.124.191 is my dhcp assigned wan ip

      Appreciate any ideas anyone has based on the info provided and the error shown above.

      Thanks.

      1 Reply Last reply Reply Quote 0
      • L
        LSxT325
        last edited by

        Any ideas about where to start troubleshooting, based on the error identified above?

        Thanks.

        1 Reply Last reply Reply Quote 0
        • V
          viragomann
          last edited by

          The OpenVPN rule seems to be flawed. Delete that rule and set it again manually.

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            https://redmine.pfsense.org/issues/8391

            Edit the created rule on WAN, change the protocol from any to TCP.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • L
              LSxT325
              last edited by

              Thank you both so much for the clues!  I edited the existing rule created by the wizard on WAN, changing to protocol from "any" to "tcp" and that fixed it up.

              Really appreciate the help.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.