Can't get n2n up and running



  • Hi there,

    I have a pfSEnse OVPN instance running fine for years. Now I was going to add a new net-2-net connection betwee two up-to-date pfSense boxes through OpenVPN pre-shared-key.

    But the tunnel does not get up. I increased loglevel already to 5 but I do not see why it is not working. Do you guys have any clue?

    Jan 30 23:11:31 	openvpn 	47580 	UDPv4 link local (bound): [AF_INET]192.168.178.2:1194
    Jan 30 23:11:31 	openvpn 	47580 	Socket Buffers: R=[42080->524288] S=[57344->524288]
    Jan 30 23:11:31 	openvpn 	47580 	Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1573,tun-mtu 1500,proto UDPv4,ifconfig 10.200.1.1 10.200.1.2,comp-lzo,cipher AES-128-CBC,auth SHA256,keysize 128,secret'
    Jan 30 23:11:31 	openvpn 	47580 	Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1573,tun-mtu 1500,proto UDPv4,ifconfig 10.200.1.2 10.200.1.1,comp-lzo,cipher AES-128-CBC,auth SHA256,keysize 128,secret'
    Jan 30 23:11:31 	openvpn 	47580 	Data Channel MTU parms [ L:1573 D:1450 EF:73 EB:398 ET:0 EL:3 ]
    Jan 30 23:11:31 	openvpn 	47580 	/sbin/route add -net 192.168.9.0 10.200.1.2 255.255.255.0
    Jan 30 23:11:31 	openvpn 	47580 	/usr/local/sbin/ovpn-linkup ovpns4 1500 1573 10.200.1.1 10.200.1.2 init
    Jan 30 23:11:31 	openvpn 	47580 	/sbin/ifconfig ovpns4 10.200.1.1 10.200.1.2 mtu 1500 netmask 255.255.255.255 up
    Jan 30 23:11:31 	openvpn 	47580 	do_ifconfig, tt->did_ifconfig_ipv6_setup=0
    Jan 30 23:11:31 	openvpn 	47580 	TUN/TAP device /dev/tun4 opened
    Jan 30 23:11:31 	openvpn 	47580 	TUN/TAP device ovpns4 exists previously, keep at program end
    Jan 30 23:11:31 	openvpn 	47580 	ROUTE_GATEWAY 192.168.178.1/255.255.255.0 IFACE=re1 HWADDR=90:1b:0e:e6:a9:c3
    Jan 30 23:11:31 	openvpn 	47580 	LZO compression initializing
    Jan 30 23:11:31 	openvpn 	47580 	Incoming Static Key Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    Jan 30 23:11:31 	openvpn 	47580 	Incoming Static Key Encryption: Cipher 'AES-128-CBC' initialized with 128 bit key
    Jan 30 23:11:31 	openvpn 	47580 	Outgoing Static Key Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    Jan 30 23:11:31 	openvpn 	47580 	Outgoing Static Key Encryption: Cipher 'AES-128-CBC' initialized with 128 bit key
    Jan 30 23:11:31 	openvpn 	47580 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 30 23:11:31 	openvpn 	47580 	MANAGEMENT: unix domain socket listening on /var/etc/openvpn/server4.sock
    Jan 30 23:11:31 	openvpn 	47415 	library versions: OpenSSL 1.0.2o-freebsd 27 Mar 2018, LZO 2.10
    Jan 30 23:11:31 	openvpn 	47415 	OpenVPN 2.4.6 amd64-portbld-freebsd11.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Oct 3 2018
    Jan 30 23:11:31 	openvpn 	47415 	auth_user_pass_file = '[UNDEF]'
    Jan 30 23:11:31 	openvpn 	47415 	pull = DISABLED
    Jan 30 23:11:31 	openvpn 	47415 	client = DISABLED
    Jan 30 23:11:31 	openvpn 	47415 	port_share_port = '[UNDEF]'
    Jan 30 23:11:31 	openvpn 	47415 	port_share_host = '[UNDEF]'
    Jan 30 23:11:31 	openvpn 	47415 	auth_token_lifetime = 0
    Jan 30 23:11:31 	openvpn 	47415 	auth_token_generate = DISABLED
    Jan 30 23:11:31 	openvpn 	47415 	auth_user_pass_verify_script_via_file = DISABLED
    Jan 30 23:11:31 	openvpn 	47415 	auth_user_pass_verify_script = '[UNDEF]'
    Jan 30 23:11:31 	openvpn 	47415 	max_routes_per_client = 256
    Jan 30 23:11:31 	openvpn 	47415 	max_clients = 2
    Jan 30 23:11:31 	openvpn 	47415 	cf_per = 0
    Jan 30 23:11:31 	openvpn 	47415 	cf_max = 0
    Jan 30 23:11:31 	openvpn 	47415 	duplicate_cn = DISABLED
    Jan 30 23:11:31 	openvpn 	47415 	enable_c2c = DISABLED
    Jan 30 23:11:31 	openvpn 	47415 	push_ifconfig_ipv6_remote = ::
    Jan 30 23:11:31 	openvpn 	47415 	push_ifconfig_ipv6_local = ::/0
    Jan 30 23:11:31 	openvpn 	47415 	push_ifconfig_ipv6_defined = DISABLED
    Jan 30 23:11:31 	openvpn 	47415 	push_ifconfig_remote_netmask = 0.0.0.0
    Jan 30 23:11:31 	openvpn 	47415 	push_ifconfig_local = 0.0.0.0
    Jan 30 23:11:31 	openvpn 	47415 	push_ifconfig_defined = DISABLED
    Jan 30 23:11:31 	openvpn 	47415 	tmp_dir = '/tmp'
    Jan 30 23:11:31 	openvpn 	47415 	ccd_exclusive = DISABLED
    Jan 30 23:11:31 	openvpn 	47415 	client_config_dir = '[UNDEF]'
    Jan 30 23:11:31 	openvpn 	47415 	client_disconnect_script = '[UNDEF]'
    Jan 30 23:11:31 	openvpn 	47415 	learn_address_script = '[UNDEF]'
    Jan 30 23:11:31 	openvpn 	47415 	client_connect_script = '[UNDEF]'
    Jan 30 23:11:31 	openvpn 	47415 	virtual_hash_size = 256
    Jan 30 23:11:31 	openvpn 	47415 	real_hash_size = 256
    Jan 30 23:11:31 	openvpn 	47415 	tcp_queue_limit = 64
    Jan 30 23:11:31 	openvpn 	47415 	n_bcast_buf = 256
    Jan 30 23:11:31 	openvpn 	47415 	ifconfig_ipv6_pool_netbits = 0
    Jan 30 23:11:31 	openvpn 	47415 	ifconfig_ipv6_pool_base = :: 
    ```
    
    Thanks
    
    /KNEBB


  • Forget everything- even though the remote networks field was entered and displayed properly I re-typed the values there on both sides.

    And -whooops- network connected proerply.

    Just for reference.

    /KNEBB


Log in to reply