Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    I need help connecting openVPN client in pfsesne to openVPN AS

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 221 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      moussa854
      last edited by

      I was reading and trouble shooting a setup for openVPN client in pfsesne to openVPN AS but does not seems to be able to make it work!
      e3cbd82a-f815-4434-bd06-1a8cf2f4c4f0-image.png
      I created CA (from <ca></ca>) and cert (from <cert></cert> & <key></key>) certificates. Then I created openvpn client in pfsense

      1b227be1-c2e8-42dc-9b7f-b25fb067997a-image.png
      21f98a00-c274-49dd-99dd-938cd0e529de-image.png
      b1842a29-2c18-4dba-a036-7875844db180-image.png

      My log:

      Apr 3 13:17:35	openvpn	5704	WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
      Apr 3 13:17:35	openvpn	5704	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
      Apr 3 13:17:35	openvpn	5704	TCP/UDP: Preserving recently used remote address: [AF_INET]remoteIP:1194
      Apr 3 13:17:35	openvpn	5704	UDPv4 link local (bound): [AF_INET]localIP:0
      Apr 3 13:17:35	openvpn	5704	UDPv4 link remote: [AF_INET]remoteIP:1194
      Apr 3 13:18:36	openvpn	5704	[UNDEF] Inactivity timeout (--ping-restart), restarting
      Apr 3 13:18:36	openvpn	5704	SIGUSR1[soft,ping-restart] received, process restarting
      Apr 3 13:18:40	openvpn	5704	SIGTERM[hard,init_instance] received, process exiting
      Apr 3 13:18:41	openvpn	36649	WARNING: file '/var/etc/openvpn/client1.up' is group or others accessible
      Apr 3 13:18:41	openvpn	36649	OpenVPN 2.4.6 amd64-portbld-freebsd11.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Oct 3 2018
      Apr 3 13:18:41	openvpn	36649	library versions: OpenSSL 1.0.2o-freebsd 27 Mar 2018, LZO 2.10
      Apr 3 13:18:41	openvpn	36711	WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
      Apr 3 13:18:41	openvpn	36711	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
      Apr 3 13:18:41	openvpn	36711	TCP/UDP: Preserving recently used remote address: [AF_INET]remoteIP:1194
      Apr 3 13:18:41	openvpn	36711	UDPv4 link local (bound): [AF_INET]localIP:0
      Apr 3 13:18:41	openvpn	36711	UDPv4 link remote: [AF_INET]remoteIP:1194
      

      My NAT:
      c300426f-5ff5-49ee-b546-3cddef430cec-image.png
      Firewall rule
      669e6966-4751-4d20-8b0a-fe4fdf10c3d8-image.png

      I appreciate any help, thought or guidance.

      Best.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.