OpenVPN : read UDP: Connection resert by peer (WSAECONNRESET) (code=10054)

albertmiclat · Mar 13, 2020, 4:23 AM

Hi All,

I'm having an issue when connecting client via OpenVPN, I have few pfsense instances and all of them are working fine, only for this particular setup im having the issue, all configuration is identical.

Appreciate any advise.

Thanks,
A

Rico · Mar 15, 2020, 10:03 AM

General connection error. Could be your client, could be your server or ISP blocking...
Let's start with showing us your pfSense WAN Firewall Rules and OpenVPN settings.
Is your pfSense WAN IP public or RFC1918?

-Rico

albertmiclat · Mar 15, 2020, 1:56 PM

Hi Rico,

Here's what I have done so far.

To ruled out a client issue.

I have tried few clients with different ISP's and got the same error message.
I tried re-generate new config file also no luck.

To ruled out a CA's or Cert. Issue.

I created brand new CA's and Certificate
I created a new Open VPN server with the new CA's and Cert.
Same error message.

Just to make sure I'm doing things correct I provision a new pfsense instance (using home internet line) and as expected everything works perfectly. I'm managing 6 pfsense instance and only this particular instance is having issue.

I don't have many rules on my WAN interface. OpenVPN port are open.

I have a public IP address but I'm using PPPoE connection.

I also suspect ISP is blocking the traffic I may need to check on this, also looking on the Status > System log > OpenVPN I don't attempt at ALL, so it looks it clients doesn't even get through the firewall.

Additional advice will be greatly appreciated. Cheers!

Thanks,
A

Rico · Mar 15, 2020, 6:47 PM

Sniff pfSense WAN traffic, if you don't see any OpenVPN connections the problem is upstream to pfSense, your ISP or client.

-Rico

albertmiclat · Mar 16, 2020, 2:47 AM

Hi Rico,

I tried the packet capture on pfsense and this is the result.

Looking on the Status > System log > OpenVPN logs i still don't see any attempt.

I'm just waiting for the ISP feedback if they are blocking anything on their end.

Thanks,
A

albertmiclat · Mar 16, 2020, 10:35 AM

Hi Rico,

Just to update:

Since I have two ISP connected to my firewall (1) PPPoE Connection (which is having issue) (2) Static IP Address.

I have tried using my secondary ISP by only changing the Interface and created the necessary firewall rules on the interface and the OpenVPN client connects w/out any issue, so it looks like my other ISP is blocking the traffic i still waiting for their feedback.

BTW, I have another issue please see the diagram below.

I also tried this options but no luck.

Appreciate your advice.

Thanks,
A