I need help connecting openVPN client in pfsesne to openVPN AS
-
I was reading and trouble shooting a setup for openVPN client in pfsesne to openVPN AS but does not seems to be able to make it work!
I created CA (from <ca></ca>) and cert (from <cert></cert> & <key></key>) certificates. Then I created openvpn client in pfsense
My log:
Apr 3 13:17:35 openvpn 5704 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Apr 3 13:17:35 openvpn 5704 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Apr 3 13:17:35 openvpn 5704 TCP/UDP: Preserving recently used remote address: [AF_INET]remoteIP:1194 Apr 3 13:17:35 openvpn 5704 UDPv4 link local (bound): [AF_INET]localIP:0 Apr 3 13:17:35 openvpn 5704 UDPv4 link remote: [AF_INET]remoteIP:1194 Apr 3 13:18:36 openvpn 5704 [UNDEF] Inactivity timeout (--ping-restart), restarting Apr 3 13:18:36 openvpn 5704 SIGUSR1[soft,ping-restart] received, process restarting Apr 3 13:18:40 openvpn 5704 SIGTERM[hard,init_instance] received, process exiting Apr 3 13:18:41 openvpn 36649 WARNING: file '/var/etc/openvpn/client1.up' is group or others accessible Apr 3 13:18:41 openvpn 36649 OpenVPN 2.4.6 amd64-portbld-freebsd11.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Oct 3 2018 Apr 3 13:18:41 openvpn 36649 library versions: OpenSSL 1.0.2o-freebsd 27 Mar 2018, LZO 2.10 Apr 3 13:18:41 openvpn 36711 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Apr 3 13:18:41 openvpn 36711 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Apr 3 13:18:41 openvpn 36711 TCP/UDP: Preserving recently used remote address: [AF_INET]remoteIP:1194 Apr 3 13:18:41 openvpn 36711 UDPv4 link local (bound): [AF_INET]localIP:0 Apr 3 13:18:41 openvpn 36711 UDPv4 link remote: [AF_INET]remoteIP:1194
My NAT:
Firewall rule
I appreciate any help, thought or guidance.
Best.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.