I need help connecting openVPN client in pfsesne to openVPN AS



  • I was reading and trouble shooting a setup for openVPN client in pfsesne to openVPN AS but does not seems to be able to make it work!
    e3cbd82a-f815-4434-bd06-1a8cf2f4c4f0-image.png
    I created CA (from <ca></ca>) and cert (from <cert></cert> & <key></key>) certificates. Then I created openvpn client in pfsense

    1b227be1-c2e8-42dc-9b7f-b25fb067997a-image.png
    21f98a00-c274-49dd-99dd-938cd0e529de-image.png
    b1842a29-2c18-4dba-a036-7875844db180-image.png

    My log:

    Apr 3 13:17:35	openvpn	5704	WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    Apr 3 13:17:35	openvpn	5704	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Apr 3 13:17:35	openvpn	5704	TCP/UDP: Preserving recently used remote address: [AF_INET]remoteIP:1194
    Apr 3 13:17:35	openvpn	5704	UDPv4 link local (bound): [AF_INET]localIP:0
    Apr 3 13:17:35	openvpn	5704	UDPv4 link remote: [AF_INET]remoteIP:1194
    Apr 3 13:18:36	openvpn	5704	[UNDEF] Inactivity timeout (--ping-restart), restarting
    Apr 3 13:18:36	openvpn	5704	SIGUSR1[soft,ping-restart] received, process restarting
    Apr 3 13:18:40	openvpn	5704	SIGTERM[hard,init_instance] received, process exiting
    Apr 3 13:18:41	openvpn	36649	WARNING: file '/var/etc/openvpn/client1.up' is group or others accessible
    Apr 3 13:18:41	openvpn	36649	OpenVPN 2.4.6 amd64-portbld-freebsd11.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Oct 3 2018
    Apr 3 13:18:41	openvpn	36649	library versions: OpenSSL 1.0.2o-freebsd 27 Mar 2018, LZO 2.10
    Apr 3 13:18:41	openvpn	36711	WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    Apr 3 13:18:41	openvpn	36711	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Apr 3 13:18:41	openvpn	36711	TCP/UDP: Preserving recently used remote address: [AF_INET]remoteIP:1194
    Apr 3 13:18:41	openvpn	36711	UDPv4 link local (bound): [AF_INET]localIP:0
    Apr 3 13:18:41	openvpn	36711	UDPv4 link remote: [AF_INET]remoteIP:1194
    

    My NAT:
    c300426f-5ff5-49ee-b546-3cddef430cec-image.png
    Firewall rule
    669e6966-4751-4d20-8b0a-fe4fdf10c3d8-image.png

    I appreciate any help, thought or guidance.

    Best.


Log in to reply