OpenVPN stuck on "waiting for server reply"



  • Trying to setup a vpn
    Followed this guide to the letter
    https://www.youtube.com/watch?v=7rQ-Tgt3L18&t=0s
    I keep getting stuck on the "waiting for server reply" message on any vpn I use on my phone on my laptop etc.
    I have no where to go to troubleshoot or to find an output from the server.

    Thanks for any help



  • @tbbz8x8 said in OpenVPN stuck on "waiting for server reply":

    I have no where to go to troubleshoot or to find an output from the server.

    Try the official videos Netgate YouTube Channel. There are several VPN videos.

    Btw :
    @tbbz8x8 said in OpenVPN stuck on "waiting for server reply":

    "waiting for server reply"

    Is this a VPN server message ? A client message ?



  • Thanks for the tip on the YouTube videos. I've watched probably 10 different openvpn videos and oddly not one was part of netgates videos.

    Also it is a client message. I don't even know where to get a status output from the server. I suppose that's what I meant by I don't know where to go to get help.



  • @tbbz8x8 said in OpenVPN stuck on "waiting for server reply":

    Also it is a client message. I don't even know where to get a status output from the server.

    In this case : don't look for any logs.
    If you're using the classic OpenVPN client (Windows) program, check the log local to the the client.
    What actually happens is : your client tries connects to an IP like a.b.c.d port number Z and there is no-one at home (doesn't rely).
    Or, at that address, the VPN server, probably your pfSense VPN server (right ?) should answer.

    Instead of an IP like a.b.c.d you could have something like myvpn.my-fqdn.tld:1194 and this will work just fine IF myvpn.my-fqdn.tld really points to your IP a.b.c.d.

    Also : I presume that your are testing from the outside of the network of your VPN server - your are not trying to connect from LAN, to your WAN IP ... => Use a basic smart phone, install OpenVPN, import the settings, and use this phone (and disable Wifi access !)

    Is there a router in front of your pfSense , And of so, did you "NAT" the "1194" port to your pfSense ?

    Anyway, I'm repeating all the things already being said in the video ;)



  • @gertjan Ok so no router in front of my pfsense box. I didn't forward port 1149 yet which I had changed to 1200 at one point because I was worried that charter was blocking traffic on that Port.

    I am connecting using either my phone outside the network or my laptop tethered to my phone that is outside the network. And ya that's about it



  • You have this firewall rule on your WAN interface :
    0_1537551393923_166422c1-9ef1-4195-b266-4e1289058c2f-image.png

    My 1194 is your 1200.

    Just for testing :if you make this firewall rule on WAN :
    0_1537551642701_1dde5799-c17c-4a72-a525-86796299fe66-image.png
    can you access the pfSense GUI from "Internet" ?
    Using https://myvpn.my-fqdn.tld or https://a.n.c.d ?

    If not : something is blocking between pfSense and the rest of Internet.


Log in to reply