HELP WITH OpenVPN and Firewall



  • Hello all,

    I already setup the OpenVPN for roadwarrior setup.  And allowed in the WAN area of the firewall port 1194.
    However my client cannot connect to my server.  Everytime the OpenVPN client attempts to establish connection, it's always connection timed out.
    I can see in my firewall logs that it allowed the connection because I enabled the logging for this particular item, but in my OpenVPN logs, there is nothing there.
    Even just logs of the attempts, none.

    Anyone can point me in the right direction?

    Thank you.



  • Have you enabled and configured OpenVPN?

    Are you using UDP or TCP on your server (you should be using UDP) and have you got the matching protocol in your firewall rule?



  • Yes, I have enabled OpenVPN. I can connect locally.

    I am using TCP.  I have matching protocol in my firewall rules, and I tried putting it in TCP/UDP.
    Why should I put it in UDP?



  • TCP over TCP is a nightmare - try Google ;)

    Are you able to access other services on your network from the Internet?  What are the first 2 numbers of your pfSense host's WAN IP address?



  • I think I can connect now to my VPN server from the internet… now my problem is Vista client.  I let my Vista client install OpenVPN 2.1_rc18 version.  However they cant connect.

    From the logs it says:

    openvpn[1433]: xxx.xxx.xxx.xxx:38099 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    openvpn[1433]: xxx.xxx.xxx.xxx:38099 TLS Error: TLS handshake failed
    openvpn[1433]: xxx.xxx.xxx.xxx:38099 Re-using SSL/TLS context
    openvpn[1433]: xxx.xxx.xxx.xxx:38099 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    openvpn[1433]: xxx.xxx.xxx.xxx:38099 TLS Error: TLS handshake failed
    openvpn[1433]: xxx.xxx.xxx.xxx:38099 Re-using SSL/TLS context



  • Are you running the Vista client as administrator?  Does it work from any other OS?


Log in to reply