• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

TCP: connect to [AF_INET]192.168.1.86:1194 failed: Unknown error

Scheduled Pinned Locked Moved OpenVPN
10 Posts 5 Posters 2.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    do1
    last edited by Apr 10, 2024, 11:43 AM

    Hi,
    Please I am trying to setup a remote access to an openvpn server I am running at home. I followed the wizard and was able to suceesfully deploy the server.

    However, I am only able to access the system when I am using the same broadband network. I haven't added any rules yet too. It's a learning curve for me.

    Please can someone assists me.
    I appreciate

    J J 2 Replies Last reply Sep 30, 2024, 11:47 PM Reply Quote 0
    • J
      jcostilla1974 @do1
      last edited by Sep 30, 2024, 11:47 PM

      @do1 said in TCP: connect to [AF_INET]192.168.1.86:1194 failed: Unknown error:

      Reply

      Hi ! I have the same problem ! Maybe you need to configure port forwarding on the provider's router? My IP is 181.xxx.xxx.xxx and it is not the same as the WAN interface (192.168.246.xxx).

      J 1 Reply Last reply Oct 13, 2024, 2:55 PM Reply Quote 0
      • J
        johnpoz LAYER 8 Global Moderator @do1
        last edited by Oct 1, 2024, 12:08 AM

        @do1 where are you trying to connect to 192.168.1.86 from - cuz you sure are not going to do that over the internet..

        Is that your pfsense wan IP? If so your behind a nat and would have to forward on the device in front of pfsense to pfsense wan IP.. And your client would need to use whatever your actual public IP is..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        M 1 Reply Last reply Oct 11, 2024, 7:22 PM Reply Quote 0
        • M
          makazo @johnpoz
          last edited by Oct 11, 2024, 7:22 PM

          @johnpoz Hello,
          I also have this problem. I have a network of 10-15 computers. I can connect to all the computers in the places and run openvpn.

          I transferred the VPN configuration file that I exported via pfsense to my home computer. I entered my username and password. I cannot connect to our central pfsense network.

          TCP: connect to [AF_INET]192.xxx.x.xxx:1194 failed: Unknown error

          1 Reply Last reply Reply Quote 0
          • J
            jcostilla1974 @jcostilla1974
            last edited by Oct 13, 2024, 2:55 PM

            @jcostilla1974 I solved it. On the provider's router, you have to configure port forwarding. I solved it. On the provider's router, you have to configure port forwarding. Then, change the local IP address to the public one in the configuration file.

            M 1 Reply Last reply Oct 14, 2024, 3:35 PM Reply Quote 0
            • M
              makazo @jcostilla1974
              last edited by Oct 14, 2024, 3:35 PM

              @jcostilla1974 Can you explain in detail how you solved it? pls

              G 1 Reply Last reply Oct 16, 2024, 6:19 AM Reply Quote 0
              • G
                Gertjan @makazo
                last edited by Gertjan Oct 16, 2024, 6:20 AM Oct 16, 2024, 6:19 AM

                @makazo

                He discovered that you can not use RFC1918 or addresses like "192.168.1.1" on the Internet.
                "192.168.1.1" is only for local usage.
                "192.168.1.1" will never get routed by the Internet infrastructure - your ISP etc.
                "192.168.1.1" is used as one of your LAN IPv4s, and I also use it, and a couple of billions others. So, when, you use "192.168.1.1" to connect to, you want to connect to who ? ^^

                "192.168.1.1" is just an example here, you could use any RFC1918.

                So, from the outside, you have connect to your WAN IPv4, the one that your ISP gave you.
                On the WAN interface, the OpenVPN server should be listening for incoming connections. The correct port (ie 1194 UDP) should have a firewall that permits this connection as 'incoming' on WAN.

                @makazo said in TCP: connect to [AF_INET]192.168.1.86:1194 failed: Unknown error:

                pfsense to my home computer

                If your home computer is attached to the pfSense LAN, why do you need a VPN ?
                Or do you bring your home computer as a homeless computer : you bring it along with you like a phone, tablet etc ?

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                M 1 Reply Last reply Oct 16, 2024, 10:02 AM Reply Quote 0
                • M
                  makazo @Gertjan
                  last edited by Oct 16, 2024, 10:02 AM

                  @Gertjan First of all, thank you for your answer. How do I open port 1194 from the modem and create a rule in the firewall for this?

                  There is a pfsense device in a different location and I want to connect to that device with openvpn in addition to the remote desktop connection.

                  I understand that for this, port 1194 needs to be open and the ISP provider needs to have a fixed IP

                  Shouldn't it connect automatically after doing these?

                  thank you gertjan

                  J G 2 Replies Last reply Oct 16, 2024, 10:05 AM Reply Quote 0
                  • J
                    johnpoz LAYER 8 Global Moderator @makazo
                    last edited by Oct 16, 2024, 10:05 AM

                    @makazo said in TCP: connect to [AF_INET]192.168.1.86:1194 failed: Unknown error:

                    ISP provider needs to have a fixed IP

                    Doesn't really have to be "fixed" you can always reference a fqdn that points to whatever their IP might be, when it changes this fqdn will update to point to the different IP.. There are plenty of places that support free dynamic dns where some fqdn points to a specific IP, and the devices keeps this fqdn updated to its IP, and when it changes, etc.

                    At this remote site your wanting to access, you need to make sure the port your wanting to use 1194 for example is open or forwarded to pfsense wan IP where its openvpn is listening.

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    1 Reply Last reply Reply Quote 0
                    • G
                      Gertjan @makazo
                      last edited by Oct 16, 2024, 1:35 PM

                      @makazo said in TCP: connect to [AF_INET]192.168.1.86:1194 failed: Unknown error:

                      How do I open port 1194 from the modem and create a rule in the firewall for this?

                      When you set up the OpenVPN server on pfSense : use the pfSEnse VPN Wizard, and this will be proposed into the guided setup.

                      If not, as you've set up manually your server, not complicated neither :
                      The WAN interface has normally no rules what so ever, so the default "Block all" applies.
                      You've seen this state before : it was there when you installed pfSense.

                      For a "port 1194, protocol UDP, VPN server" to be reached from the outside (== the Internet) you ahve to ..... (roll the drums) open (== pass) port 1194, protocol UDP on the WAN interface.

                      Example : this is what half the planet is using right now :

                      54a8f239-a867-4825-97c7-bfbfc4b873c2-image.png

                      No "help me" PM's please. Use the forum, the community will thank you.
                      Edit : and where are the logs ??

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                        This community forum collects and processes your personal information.
                        consent.not_received