OpenVPN and PIA Issues?



  • Hey Everyone!

    I've been pulling my hair out for weeks, I have pfsense working fine, (squid, squidguard, pfblocker and snort "seem" to be running as expected.
    The issue is I have PIA setup as a openvnp client and it works perfect, but I cant get the second openvpn service working for me to tunnel in. I used the openvpn wizard and I think the issue is with the firewall since if I connect interface ip address is connects perfectly, just wont connect once I'm outside my network using the dns from noip.

    This is the guide I followed for the openvpn wizard
    link text

    This is the guide I used for PIA in pfsense
    link text

    What screenshots would you need and I remember someone saying to black out parts of it?
    I'm a total noob with this stuff and have honestly searched the internet everyday for a few weeks looking for answers.
    My cable modem is in bridged mode also.



  • Does your Noip FQDN resolve to your WAN IP address?



  • it just says this site cannot be reached, trying it from my phone not on wifi



  • also I tried just using my external ip with the same results



  • After looking at what you said yes noip does resolve to my ip address on their site



  • OK because you said earlier that when you used your WAN IP address, it worked.

    Do I understand correctly that you have a client connection to PIA, and you also want to run OpenVPN server on your pfSense and connect to it remotely?



  • yes thats exactly what im trying to do, but for some reason cant get anywhere. right now I'm trying packet capture to see if its even reaching my pfsense box...Im not seeing anything but also just learned about 2 minutes ago so I'm probably doing something wrong

    sorry if I said wan works, I cant connect to openvpn using wan either, nothing from outside works except teamviewer on one of my pc's

    I'm using the client export wizard and openvpn on my android phone



  • ok so I just did some digging and realized my ip changes a lot, once I edited the conf file and put in my new ip as of now its actually trying to connect but failing on tls error cannot locate hmac in incomming packet from af_inet



  • Netgate has official docs on exactly how to do all of that. I've done it may times with success every time.

    https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/openvpn-remote-access-server.html



  • yea I honestly have tried all that, I think its an issue with pia and openvpn certs. I've seen many people just do a complete reinstall and get openvpn working first then adding pia/pfblocker to see where the problem starts, I'm going to do that.

    Thanks for your help!


Log in to reply