Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Need pointers on how to debug this - pfSense to hidemyass VPN

    OpenVPN
    1
    2
    3.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dveith
      last edited by

      I've been trying to get pfSense OpenVPN client working with HideMyAss VPN.  I'm using pfSense 2.0-BETA5.

      I would appreciate any pointers on how to troubleshoot this.  Thanks.

      One error below:

      Feb 11 17:56:23 openvpn[26281]: TCP: connect to [AF_INET]204.45.156.146:443 failed, will try again in 5 seconds: Address already in use
      Feb 11 17:56:28 openvpn[26281]: TCP: connect to [AF_INET]204.45.156.146:443 failed, will try again in 5 seconds: Address already in use
      Feb 11 17:56:34 openvpn[26281]: TCP connection established with [AF_INET]204.45.156.146:443
      Feb 11 17:56:34 openvpn[26281]: TCPv4_CLIENT link local (bound): [AF_INET]98.117.107.207:50211
      Feb 11 17:56:34 openvpn[26281]: TCPv4_CLIENT link remote: [AF_INET]204.45.156.146:443
      Feb 11 17:56:34 openvpn[26281]: TLS: Initial packet from [AF_INET]204.45.156.146:443, sid=2ef593de 6aade313
      Feb 11 17:56:34 openvpn[26281]: WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
      Feb 11 17:56:36 openvpn[26281]: VERIFY OK: depth=1, /C=UK/ST=NR/L=Attleborough/O=Hide_My_Ass__Pro/OU=VPN/CN=vpn.hidemyass.com/emailAddress=ca@hidemyass.com
      Feb 11 17:56:36 openvpn[26281]: VERIFY OK: nsCertType=SERVER
      Feb 11 17:56:36 openvpn[26281]: VERIFY OK: depth=0, /C=UK/ST=NR/L=Attleborough/O=Hide_My_Ass__Pro/OU=VPN/CN=server/emailAddress=vpn@hidemyass.com
      Feb 11 17:56:39 openvpn[26281]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
      Feb 11 17:56:39 openvpn[26281]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
      Feb 11 17:56:39 openvpn[26281]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
      Feb 11 17:56:39 openvpn[26281]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
      Feb 11 17:56:39 openvpn[26281]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
      Feb 11 17:56:39 openvpn[26281]: [server] Peer Connection Initiated with [AF_INET]204.45.156.146:443
      Feb 11 17:56:41 openvpn[26281]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
      Feb 11 17:56:41 openvpn[26281]: PUSH: Received control message: 'PUSH_REPLY,topology subnet,route-gateway 204.45.98.5,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,redirect-gateway def1,ifconfig 204.45.98.52 255.255.255.192'
      Feb 11 17:56:41 openvpn[26281]: OPTIONS IMPORT: –ifconfig/up options modified
      Feb 11 17:56:41 openvpn[26281]: OPTIONS IMPORT: route options modified
      Feb 11 17:56:41 openvpn[26281]: OPTIONS IMPORT: route-related options modified
      Feb 11 17:56:41 openvpn[26281]: OPTIONS IMPORT: –ip-win32 and/or --dhcp-option options modified
      Feb 11 17:56:41 openvpn[26281]: ROUTE default_gateway=98.117.107.1
      Feb 11 17:56:41 openvpn[26281]: TUN/TAP device /dev/tun1 opened
      Feb 11 17:56:41 openvpn[26281]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
      Feb 11 17:56:41 openvpn[26281]: /sbin/ifconfig ovpnc1 204.45.98.52 netmask 255.255.255.192 mtu 1500 up
      Feb 11 17:56:41 openvpn[26281]: /sbin/route add -net 204.45.98.0 204.45.98.52 255.255.255.192
      Feb 11 17:56:41 openvpn[26281]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
      Feb 11 17:56:41 openvpn[26281]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1543 204.45.98.52 255.255.255.192 init
      Feb 11 17:56:41 openvpn[26281]: /sbin/route add -net 204.45.156.146 98.117.107.1 255.255.255.255
      Feb 11 17:56:41 openvpn[26281]: /sbin/route add -net 0.0.0.0 204.45.98.5 128.0.0.0
      Feb 11 17:56:41 openvpn[26281]: /sbin/route add -net 128.0.0.0 204.45.98.5 128.0.0.0
      Feb 11 17:56:41 openvpn[26281]: Initialization Sequence Completed
      Feb 11 18:56:39 openvpn[26281]: TLS: soft reset sec=0 bytes=741445/0 pkts=7395/0
      Feb 11 18:56:40 openvpn[26281]: VERIFY OK: depth=1, /C=UK/ST=NR/L=Attleborough/O=Hide_My_Ass__Pro/OU=VPN/CN=vpn.hidemyass.com/emailAddress=ca@hidemyass.com
      Feb 11 18:56:40 openvpn[26281]: VERIFY OK: nsCertType=SERVER
      Feb 11 18:56:40 openvpn[26281]: VERIFY OK: depth=0, /C=UK/ST=NR/L=Attleborough/O=Hide_My_Ass__Pro/OU=VPN/CN=server/emailAddress=vpn@hidemyass.com
      Feb 11 18:56:43 openvpn[26281]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
      Feb 11 18:56:43 openvpn[26281]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
      Feb 11 18:56:43 openvpn[26281]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
      Feb 11 18:56:43 openvpn[26281]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
      Feb 11 18:56:43 openvpn[26281]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA

      ===========================================

      1 Reply Last reply Reply Quote 0
      • D
        dveith
        last edited by

        Nevermind. I think this was just logging an error because the route was already in the route table.

        I'm still having a route issue, but I'll post that seperately

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.