IOS 12.4.1 error connecting on pfsense OpenVPN setup server



  • Hi below is the logs where i cannot connect to my own pfsense OpenVPN server using my iPhone.
    -Do i need a static IP from ISP?
    -I tried turning off my modem firewall still no luck.

    Can anyone help? TIA

    2019-09-18 15:35:05 1

    2019-09-18 15:35:05 ----- OpenVPN Start -----
    OpenVPN core 3.git::728733ae ios arm64 64-bit PT_PROXY built on Aug 15 2019 06:21:05

    2019-09-18 15:35:05 OpenVPN core 3.git::728733ae ios arm64 64-bit PT_PROXY built on Aug 15 2019 06:21:05

    2019-09-18 15:35:05 Frame=512/2048/512 mssfix-ctrl=1250

    2019-09-18 15:35:05 UNUSED OPTIONS
    0 [persist-tun]
    1 [persist-key]
    3 [ncp-ciphers] [AES-128-GCM]
    5 [tls-client]

    2019-09-18 15:35:05 EVENT: RESOLVE

    2019-09-18 15:35:05 Contacting [192.168.1.2]:1194/UDP via UDP

    2019-09-18 15:35:05 EVENT: WAIT

    2019-09-18 15:35:05 Connecting to [192.168.1.2]:1194 (192.168.1.2) via UDPv4

    2019-09-18 15:35:15 Server poll timeout, trying next remote entry...

    2019-09-18 15:35:15 EVENT: RECONNECTING

    2019-09-18 15:35:15 EVENT: RESOLVE

    2019-09-18 15:35:15 Contacting [192.168.1.2]:1194/UDP via UDP

    2019-09-18 15:35:15 EVENT: WAIT

    2019-09-18 15:35:15 Connecting to [192.168.1.2]:1194 (192.168.1.2) via UDPv4

    2019-09-18 15:35:25 Server poll timeout, trying next remote entry...

    2019-09-18 15:35:25 EVENT: RECONNECTING

    2019-09-18 15:35:25 EVENT: RESOLVE

    2019-09-18 15:35:25 Contacting [192.168.1.2]:1194/UDP via UDP

    2019-09-18 15:35:25 EVENT: WAIT

    2019-09-18 15:35:25 Connecting to [192.168.1.2]:1194 (192.168.1.2) via UDPv4

    2019-09-18 15:35:35 EVENT: CONNECTION_TIMEOUT [ERR]

    2019-09-18 15:35:35 Raw stats on disconnect:
    BYTES_OUT : 1566
    PACKETS_OUT : 29
    CONNECTION_TIMEOUT : 1
    N_RECONNECT : 2

    2019-09-18 15:35:35 Performance stats on disconnect:
    CPU usage (microseconds): 63054
    Network bytes per CPU second: 24835
    Tunnel bytes per CPU second: 0

    2019-09-18 15:35:35 EVENT: DISCONNECTED

    2019-09-18 15:35:35 Raw stats on disconnect:
    BYTES_OUT : 1566
    PACKETS_OUT : 29
    CONNECTION_TIMEOUT : 1
    N_RECONNECT : 2

    2019-09-18 15:35:35 Performance stats on disconnect:
    CPU usage (microseconds): 65490
    Network bytes per CPU second: 23912
    Tunnel bytes per CPU second: 0



  • @seramis said in IOS 12.4.1 error connecting on pfsense OpenVPN setup server:

    -Do i need a static IP from ISP?

    You only need an IP which is accessible on UDP 1194, as your server is set to use.
    If you have a dynamic IP you must use a dynDNS service.

    @seramis said in IOS 12.4.1 error connecting on pfsense OpenVPN setup server:

    -I tried turning off my modem firewall still no luck.

    So there is a modem in front of pfSense? Is it in router mode or is it possible set it into bridge mode?
    If it is in router mode, have you forwarded UDP 1194 to the pfSense WAN IP?

    You have to provide some details about your setup.



  • @viragomann Hi thank you for your response

    I have modem came from the ISP, i turned off its firewall and IP is 192.168.1.1/24
    i'm not sure how to forward UDP 1194 to pfsense WAN IP?

    my PFsense LAN is 192.168.1.5/24
    my PFsense LAN is 192.168.1.230/24

    i already tried dynDNS service from "no IP" which gives me d3skt0p2019.ddns.net 110.54.240.157

    OpenVPN tunnel network is 192.168.50.0/24



  • @seramis

    Ideally you should put your ISP modem into modem/bridge mode if you can.

    Double NAT can be a right pain in the backside.



  • So does your modem have no possibility to set it into bridge mode?

    If not, you have to forward the VPN packets on it. How to do that, depends on the specific device. Since you did not mention, nobody can tell you how to do that.

    Also the configuration of the OpenVPN depends on you setup. Do you use pfSense as a router in your LAN or is it in the LAN with other devices which you are trying to access over the VPN?



  • @viragomann just tried port forwarding but still no luck
    https://www.cfos.de/en-us/cfos-personal-net/port-forwarding/huawei-b315s-936.htm

    My PFsense is in the LAN with other devices which i am trying to access over the VPN, my DHCP and DNS role is done by the ISP modem

    @NogBadTheBad ill try that Sir thank you



  • The "NAT settings" may be the option to use for this, not "virtual server".



  • @seramis said in IOS 12.4.1 error connecting on pfsense OpenVPN setup server:

    2019-09-18 15:35:05 EVENT: RESOLVE
    2019-09-18 15:35:05 Contacting [192.168.1.2]:1194/UDP via UDP

    You need to connect to your public IP. In the log it shows that you are connecting to 192.168.1.2, which is your local IP within your network. This is not reachable from the outside.

    You need to change this either to a static IP which has been assigned to you by your ISP or (recommended option) use a DynamicDNS service (e.g. freemyip.com).


Log in to reply