4. Need pointers on how to debug this - pfSense to hidemyass VPN

Need pointers on how to debug this - pfSense to hidemyass VPN

  • D

    I've been trying to get pfSense OpenVPN client working with HideMyAss VPN.  I'm using pfSense 2.0-BETA5.

    I would appreciate any pointers on how to troubleshoot this.  Thanks.

    One error below:

    Feb 11 17:56:23 openvpn[26281]: TCP: connect to [AF_INET]204.45.156.146:443 failed, will try again in 5 seconds: Address already in use
    Feb 11 17:56:28 openvpn[26281]: TCP: connect to [AF_INET]204.45.156.146:443 failed, will try again in 5 seconds: Address already in use
    Feb 11 17:56:34 openvpn[26281]: TCP connection established with [AF_INET]204.45.156.146:443
    Feb 11 17:56:34 openvpn[26281]: TCPv4_CLIENT link local (bound): [AF_INET]98.117.107.207:50211
    Feb 11 17:56:34 openvpn[26281]: TCPv4_CLIENT link remote: [AF_INET]204.45.156.146:443
    Feb 11 17:56:34 openvpn[26281]: TLS: Initial packet from [AF_INET]204.45.156.146:443, sid=2ef593de 6aade313
    Feb 11 17:56:34 openvpn[26281]: WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
    Feb 11 17:56:36 openvpn[26281]: VERIFY OK: depth=1, /C=UK/ST=NR/L=Attleborough/O=Hide_My_Ass__Pro/OU=VPN/CN=vpn.hidemyass.com/emailAddress=ca@hidemyass.com
    Feb 11 17:56:36 openvpn[26281]: VERIFY OK: nsCertType=SERVER
    Feb 11 17:56:36 openvpn[26281]: VERIFY OK: depth=0, /C=UK/ST=NR/L=Attleborough/O=Hide_My_Ass__Pro/OU=VPN/CN=server/emailAddress=vpn@hidemyass.com
    Feb 11 17:56:39 openvpn[26281]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Feb 11 17:56:39 openvpn[26281]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Feb 11 17:56:39 openvpn[26281]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Feb 11 17:56:39 openvpn[26281]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Feb 11 17:56:39 openvpn[26281]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Feb 11 17:56:39 openvpn[26281]: [server] Peer Connection Initiated with [AF_INET]204.45.156.146:443
    Feb 11 17:56:41 openvpn[26281]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
    Feb 11 17:56:41 openvpn[26281]: PUSH: Received control message: 'PUSH_REPLY,topology subnet,route-gateway 204.45.98.5,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,redirect-gateway def1,ifconfig 204.45.98.52 255.255.255.192'
    Feb 11 17:56:41 openvpn[26281]: OPTIONS IMPORT: –ifconfig/up options modified
    Feb 11 17:56:41 openvpn[26281]: OPTIONS IMPORT: route options modified
    Feb 11 17:56:41 openvpn[26281]: OPTIONS IMPORT: route-related options modified
    Feb 11 17:56:41 openvpn[26281]: OPTIONS IMPORT: –ip-win32 and/or --dhcp-option options modified
    Feb 11 17:56:41 openvpn[26281]: ROUTE default_gateway=98.117.107.1
    Feb 11 17:56:41 openvpn[26281]: TUN/TAP device /dev/tun1 opened
    Feb 11 17:56:41 openvpn[26281]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Feb 11 17:56:41 openvpn[26281]: /sbin/ifconfig ovpnc1 204.45.98.52 netmask 255.255.255.192 mtu 1500 up
    Feb 11 17:56:41 openvpn[26281]: /sbin/route add -net 204.45.98.0 204.45.98.52 255.255.255.192
    Feb 11 17:56:41 openvpn[26281]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
    Feb 11 17:56:41 openvpn[26281]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1543 204.45.98.52 255.255.255.192 init
    Feb 11 17:56:41 openvpn[26281]: /sbin/route add -net 204.45.156.146 98.117.107.1 255.255.255.255
    Feb 11 17:56:41 openvpn[26281]: /sbin/route add -net 0.0.0.0 204.45.98.5 128.0.0.0
    Feb 11 17:56:41 openvpn[26281]: /sbin/route add -net 128.0.0.0 204.45.98.5 128.0.0.0
    Feb 11 17:56:41 openvpn[26281]: Initialization Sequence Completed
    Feb 11 18:56:39 openvpn[26281]: TLS: soft reset sec=0 bytes=741445/0 pkts=7395/0
    Feb 11 18:56:40 openvpn[26281]: VERIFY OK: depth=1, /C=UK/ST=NR/L=Attleborough/O=Hide_My_Ass__Pro/OU=VPN/CN=vpn.hidemyass.com/emailAddress=ca@hidemyass.com
    Feb 11 18:56:40 openvpn[26281]: VERIFY OK: nsCertType=SERVER
    Feb 11 18:56:40 openvpn[26281]: VERIFY OK: depth=0, /C=UK/ST=NR/L=Attleborough/O=Hide_My_Ass__Pro/OU=VPN/CN=server/emailAddress=vpn@hidemyass.com
    Feb 11 18:56:43 openvpn[26281]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Feb 11 18:56:43 openvpn[26281]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Feb 11 18:56:43 openvpn[26281]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Feb 11 18:56:43 openvpn[26281]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Feb 11 18:56:43 openvpn[26281]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA

    ===========================================

    0
  • D

    Nevermind. I think this was just logging an error because the route was already in the route table.

    I'm still having a route issue, but I'll post that seperately

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy