Openvpn connection timeout from certain external ip address
-
I am trying to connect to business network via open vpn.
Connection has been working fine the last 2 years.
I set up my new laptop last week while connected to my phone hotspot. I may have entered my password incorrectly, not sure but it wouldn't connect.Got home and without changing any settings it connected straight away.
Tried connecting to my wife's phone hotspot and again connected right away.It seems my phones IP has possibly been blacklisted somehow, but I don't know where to look. I have checked system logs for firewall and openvpn but see nothing related to a connection from my phone.
PFsense was configured by a third party who I cannot seem to get in contact with.
Has anyone any idea what could be blocking my phones IP from connecting.Thanks
-
What do you use ? this : OpenVPN Connect for ... ?
It has a log page. What does it show ?The IPv4 your OpenVPN client uses is the one that leads to the pfSense WAN interface, right ?
If you have access to the pfSense - OpenVPN side, connect to your OpenVPN server while sitting in front of it using your "my new laptop last week while connected to my phone hotspot".
As soon as the connection comes into the pfSense WAN interface :
You'll see see the counters (marked green) going up. Refresh the pfSense dashboard screen if needed.
If these counters don't change : the OpenVPN traffic never reached pfSense, which means you have to check the equipment in front of your pfSense.Check also the pfSense OpenVPN server log for any messages.
-
Yes using the Open VPN Connect app on both mobile and laptop.
Here is the log from my phone.[Jul 15, 2024, 15:06:15] ----- OpenVPN Start ----- [Jul 15, 2024, 15:06:15] EVENT: CORE_THREAD_ACTIVE [Jul 15, 2024, 15:06:15] OpenVPN core 3.8.5connectQA3(3.git::11d19f67:RelWithDebInfo) android arm64 64-bit PT_PROXY [Jul 15, 2024, 15:06:15] Frame=512/2112/512 mssfix-ctrl=1250 [Jul 15, 2024, 15:06:15] NOTE: This configuration contains options that were not used: [Jul 15, 2024, 15:06:15] Unsupported option (ignored) [Jul 15, 2024, 15:06:15] 0 [persist-tun] [Jul 15, 2024, 15:06:15] 1 [persist-key] [Jul 15, 2024, 15:06:15] 2 [ncp-ciphers] [AES-256-GCM:AES-128-GCM] [Jul 15, 2024, 15:06:15] 3 [resolv-retry] [infinite] [Jul 15, 2024, 15:06:15] Contacting ***.***.***.***:1194 via UDP [Jul 15, 2024, 15:06:15] EVENT: RESOLVE [Jul 15, 2024, 15:06:15] EVENT: WAIT [Jul 15, 2024, 15:06:15] Connecting to [***.***.***.***]:1194 (***.***.***.***) via UDPv4 [Jul 15, 2024, 15:06:25] Server poll timeout, trying next remote entry... [Jul 15, 2024, 15:06:25] Contacting ***.***.***.***:1194 via UDP [Jul 15, 2024, 15:06:25] EVENT: RECONNECTING [Jul 15, 2024, 15:06:25] EVENT: WAIT [Jul 15, 2024, 15:06:25] Connecting to [***.***.***.***]:1194 (***.***.***.***) via UDPv4 [Jul 15, 2024, 15:06:35] Server poll timeout, trying next remote entry... [Jul 15, 2024, 15:06:35] EVENT: RECONNECTING [Jul 15, 2024, 15:06:35] Contacting ***.***.***.***:1194 via UDP [Jul 15, 2024, 15:06:35] EVENT: WAIT [Jul 15, 2024, 15:06:35] Connecting to [***.***.***.***]:1194 (***.***.***.***) via UDPv4 [Jul 15, 2024, 15:06:45] Server poll timeout, trying next remote entry... [Jul 15, 2024, 15:06:45] EVENT: RECONNECTING [Jul 15, 2024, 15:06:45] Contacting ***.***.***.***:1194 via UDP [Jul 15, 2024, 15:06:45] EVENT: WAIT [Jul 15, 2024, 15:06:45] Connecting to [***.***.***.***]:1194 (***.***.***.***) via UDPv4 [Jul 15, 2024, 15:06:55] Server poll timeout, trying next remote entry... [Jul 15, 2024, 15:06:55] Contacting ***.***.***.***:1194 via UDP [Jul 15, 2024, 15:06:55] EVENT: RECONNECTING [Jul 15, 2024, 15:06:55] EVENT: WAIT [Jul 15, 2024, 15:06:55] Connecting to [***.***.***.***]:1194 (***.***.***.***) via UDPv4 [Jul 15, 2024, 15:07:05] Server poll timeout, trying next remote entry... [Jul 15, 2024, 15:07:05] EVENT: RECONNECTING [Jul 15, 2024, 15:07:05] Contacting ***.***.***.***:1194 via UDP [Jul 15, 2024, 15:07:05] EVENT: WAIT [Jul 15, 2024, 15:07:05] Connecting to [***.***.***.***]:1194 (***.***.***.***) via UDPv4 [Jul 15, 2024, 15:07:15] EVENT: PAUSE [Jul 15, 2024, 15:10:13] Contacting ***.***.***.***:1194 via UDP [Jul 15, 2024, 15:10:13] EVENT: RESUME [Jul 15, 2024, 15:10:13] Connecting to [***.***.***.***]:1194 (***.***.***.***) via UDPv4 [Jul 15, 2024, 15:10:13] EVENT: RECONNECTING [Jul 15, 2024, 15:10:13] EVENT: WAIT [Jul 15, 2024, 15:10:23] Server poll timeout, trying next remote entry... [Jul 15, 2024, 15:10:23] EVENT: RECONNECTING [Jul 15, 2024, 15:10:23] Contacting ***.***.***.***:1194 via UDP [Jul 15, 2024, 15:10:23] EVENT: WAIT [Jul 15, 2024, 15:10:23] Connecting to [***.***.***.***]:1194 (***.***.***.***) via UDPv4.
I will check pfsense when I am back on site next and see if there is another appliance blocking the traffic.
-
Seems like the client couldn't reach [...]:1194.
-
Yes I seems my IP is being blocked somehow but I didn't see any other appliances plugged in the last time I checked. Is there a method of blacklisting an IP in pfsense or is it definitely something on the network blocking it?
Here is the log from the same device connected to a different network.
[Jul 15, 2024, 17:08:24] ----- OpenVPN Start ----- [Jul 15, 2024, 17:08:24] EVENT: CORE_THREAD_ACTIVE [Jul 15, 2024, 17:08:24] OpenVPN core 3.8.5connectQA3(3.git::11d19f67:RelWithDebInfo) android arm64 64-bit PT_PROXY [Jul 15, 2024, 17:08:24] Frame=512/2112/512 mssfix-ctrl=1250 [Jul 15, 2024, 17:08:24] NOTE: This configuration contains options that were not used: [Jul 15, 2024, 17:08:24] Unsupported option (ignored) [Jul 15, 2024, 17:08:24] 0 [persist-tun] [Jul 15, 2024, 17:08:24] 1 [persist-key] [Jul 15, 2024, 17:08:24] 2 [ncp-ciphers] [AES-256-GCM:AES-128-GCM] [Jul 15, 2024, 17:08:24] 3 [resolv-retry] [infinite] [Jul 15, 2024, 17:08:24] EVENT: RESOLVE [Jul 15, 2024, 17:08:24] Contacting ***.***.***.***:1194 via UDP [Jul 15, 2024, 17:08:24] EVENT: WAIT [Jul 15, 2024, 17:08:24] Connecting to [***.***.***.***]:1194 (***.***.***.***) via UDPv4 [Jul 15, 2024, 17:08:24] EVENT: CONNECTING [Jul 15, 2024, 17:08:24] Tunnel Options:V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client [Jul 15, 2024, 17:08:24] Creds: Username/Password [Jul 15, 2024, 17:08:24] Sending Peer Info: IV_VER=3.8.5connectQA3 IV_PLAT=android IV_NCP=2 IV_TCPNL=1 IV_PROTO=990 IV_MTU=1600 IV_CIPHERS=AES-128-GCM:AES-192-GCM:AES-256-GCM:CHACHA20-POLY1305 IV_GUI_VER=net.openvpn.connect.android_3.4.2-9909 IV_SSO=webauth,openurl,crtext [Jul 15, 2024, 17:08:24] VERIFY OK: depth=1, /C=IE/ST=Leinster/L=Carlow/O=Ds Computers/emailAddress=info@website.com/CN=internal-ca, signature: RSA-SHA256 [Jul 15, 2024, 17:08:24] VERIFY OK: depth=0, /C=IE/ST=Leinster/L=Carlow/O=Ds Computers/emailAddress=info@website.com/CN=www.website.com, signature: RSA-SHA256 [Jul 15, 2024, 17:08:24] SSL Handshake: peer certificate: CN=www.website.com, 2048 bit RSA, cipher: TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD [Jul 15, 2024, 17:08:24] Session is ACTIVE [Jul 15, 2024, 17:08:24] Sending PUSH_REQUEST to server... [Jul 15, 2024, 17:08:24] EVENT: GET_CONFIG [Jul 15, 2024, 17:08:25] Sending PUSH_REQUEST to server... [Jul 15, 2024, 17:08:26] OPTIONS: 0 [route] [192.168.20.0] [255.255.255.0] 1 [route] [192.168.10.0] [255.255.255.0] 2 [dhcp-option] [DOMAIN] [pfsense.home] 3 [dhcp-option] [DNS] [192.168.20.1] 4 [route-gateway] [192.168.18.1] 5 [topology] [subnet] 6 [ping] [10] 7 [ping-restart] [60] 8 [ifconfig] [192.168.18.2] [255.255.255.0] 9 [peer-id] [0] 10 [cipher] [AES-256-GCM] 11 [protocol-flags] [cc-exit] [tls-ekm] [dyn-tls-crypt] 12 [tun-mtu] [1500] 13 [block-ipv6] 14 [block-ipv4] [Jul 15, 2024, 17:08:26] PROTOCOL OPTIONS: cipher: AES-256-GCM digest: NONE key-derivation: TLS Keying Material Exporter [RFC5705] compress: NONE peer ID: 0 control channel: tls-auth enabled control channel: dynamic tls-crypt enabled [Jul 15, 2024, 17:08:26] EVENT: ASSIGN_IP [Jul 15, 2024, 17:08:26] TunPersist: saving tun context: Session Name: ***.***.***.*** Layer: OSI_LAYER_3 MTU: 1500 Remote Address: ***.***.***.*** Tunnel Addresses: 192.168.18.2/24 -> 192.168.18.1 Reroute Gateway: IPv4=0 IPv6=0 flags=[ IPv4 ] Block IPv4: yes Block IPv6: yes Add Routes: 192.168.20.0/24 192.168.10.0/24 Exclude Routes: DNS Servers: 192.168.20.1 Search Domains: pfsense.home [Jul 15, 2024, 17:08:26] Connected via tun [Jul 15, 2024, 17:08:26] EVENT: CONNECTED info='User@***.***.***.***:1194 (***.***.***.***) via /UDPv4 on tun/192.168.18.2/ gw=[192.168.18.1/] mtu=1500'
-
I showed you my OpenVPN firewall rule, the one that accepts 'UDP, port 1194' from 'everybody'.
Such a rule accepts OpenVPN traffic from everybody.
No 'blacklisting' is happening on pfSense. That is, you didn't tell us about that.If you don't see the traffic counter in front of the rule going up when you connect, the traffic never arrives at the pfSense WAN NIC.
You have an upstream router ? Did you NAT that router ?
-
This post is deleted!