Using a vpn internet gateway ?



  • Hello.

    After 2 day of search i have to come here to ask for help.

    I have a router with a wan to the internet.

    a lan on one subnet with dhcp

    a wlan with another subnet and his own dhcp.

    Is there a way to do something that the routeur connects to a pptp internet vpn gateway and all user that connect to the routeur by wlan goes to the internet by the pptp vpn ?

    Thank you for your help my friend.

    Sorry for my english, i don't speak very good english.



  • You can do this with OpenVPN and the Redirect Gateway (Force all client generated traffic through the tunnel.) option.  Just have to setup the NAT on the server side of the tunnel to NAT traffic out to the internet.  I did this at a remote site once to bypass the building's onsite network that was filtered and not under my control.  When the tunnel is down on the client side users use the local internet and when the link comes up traffic is redirected over the tunnel.



  • hello.

    thank you for your answer.

    where is the redirect gateway ? i don't find it !!!

    i can not do the same thing with pptp ?

    Thank you.



  • Didn't you notice the sticky in this forum? http://forum.pfsense.org/index.php/topic,29944.0.html

    Should be almost the same with other VPN types…



  • thank you for your answer.

    But i don't find the pptp client in pfsense…



  • You need to add a PPTP interface as a 2nd 'WAN'.

    This should fall under Interfaces -> Assign -> PPP ->  Add new (plus sign).

    Once you've this PPTP connection setup, you need to edit the NAT rules section and use Advance outbound NAT.

    You will see a default "Auto created rule for LAN to WAN".  Clone this rule by clicking the "+" sign beside it.
    Now, change the 'Interface' to the interface you created for the PPTP connection.
    Then change the source subnet to the WLAN subnet.
    Lastly, rename the description to "Rule for WLAN to PPTP"

    Now, after clicking ok, you will see the rule below the "Auto created rule for LAN to WAN" rule.  Check the box to the left of this rule and then move it above the "Auto created rule for LAN to WAN" by clicking the left arrow triangle sign.



  • Thank you for your help.

    But i have a first problem.

    When i set the login, password, source (my wan ip) and remote adress of the vpn in the pptp interface.

    I go to the status of interfaces.

    I click on connect and i can not get to connect to the pptp vpn.

    But when i try to connect with my win 7 pc wich is behin the same router than my pfsense server. It connect to the vpn without any probleme.

    Do you have an idea ?

    Thank you



  • Hello.

    i also tried to connect on an openvpn vpn server that is https://www.vpntunnel.se/en/ using this sticky post : http://forum.pfsense.org/index.php/topic,29944.0.html

    but i couldn't because in the tutorial it need a private key and the vpn server does not provide a private key as you can see here :
    http://www.vpntunnel.se/howto/linux.pdf

    someone can tell me how to use the tutorial without private key ?

    Thank you.



  • You have also got a private key….you always need a private key for your connection...

    I tested vpntunnel.se a couple of months ago but they were way too slow...



  • and where do i find this private key ?

    they don't talk about it in the conf pdf file….



  • nobody can help me ?



  • Try the instructions in this post
    http://forum.pfsense.org/index.php?topic=28969.0

    Worked fine for me with vpntunnel.se



  • thank you for your help.

    i made everything on the post but i don't have the "Direct-gateway def1" log.

    here is my log.

    the /conf/openvpn-auth.conf file exist and have a chmod 777 i checked it.

    Do you know what can be the problem ?

    Thank you

    
    Jun 6 20:06:22 openvpn[11951]: Exiting
    
    Jun 6 20:06:22 openvpn[11951]: Error opening 'Auth' auth file: /conf/openvpn-auth.conf: No such file or directory (errno=2)
    
    Jun 6 20:06:22 openvpn[11951]: WARNING: cannot stat file '/conf/openvpn-auth.conf': No such file or directory (errno=2)
    
    Jun 6 20:06:22 openvpn[11951]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
    
    Jun 6 20:06:22
    
    openvpn[11951]: OpenVPN 2.2.0 i386-portbld-freebsd8.1 [SSL] [LZO2] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on May 18 2011
    
    Jun 6 20:06:22
    
    openvpn[11951]: auth_user_pass_file = '/conf/openvpn-auth.conf'
    
    Jun 6 20:06:22
    
    openvpn[11951]: pull = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: client = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: port_share_port = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: port_share_host = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: ssl_flags = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: auth_user_pass_verify_script_via_file = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: auth_user_pass_verify_script = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: max_routes_per_client = 256
    
    Jun 6 20:06:22
    
    openvpn[11951]: max_clients = 1024
    
    Jun 6 20:06:22
    
    openvpn[11951]: cf_per = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: cf_max = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: duplicate_cn = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: enable_c2c = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: push_ifconfig_ipv6_remote = ::
    
    Jun 6 20:06:22
    
    openvpn[11951]: push_ifconfig_ipv6_local = ::/0
    
    Jun 6 20:06:22
    
    openvpn[11951]: push_ifconfig_ipv6_defined = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: push_ifconfig_remote_netmask = 0.0.0.0
    
    Jun 6 20:06:22
    
    openvpn[11951]: push_ifconfig_local = 0.0.0.0
    
    Jun 6 20:06:22
    
    openvpn[11951]: push_ifconfig_defined = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: tmp_dir = '/tmp'
    
    Jun 6 20:06:22
    
    openvpn[11951]: ccd_exclusive = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: client_config_dir = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: client_disconnect_script = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: learn_address_script = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: client_connect_script = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: virtual_hash_size = 256
    
    Jun 6 20:06:22
    
    openvpn[11951]: real_hash_size = 256
    
    Jun 6 20:06:22
    
    openvpn[11951]: tcp_queue_limit = 64
    
    Jun 6 20:06:22
    
    openvpn[11951]: n_bcast_buf = 256
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_ipv6_pool_netbits = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_ipv6_pool_base = ::
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_ipv6_pool_defined = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_pool_persist_refresh_freq = 600
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_pool_persist_filename = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_pool_netmask = 0.0.0.0
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_pool_end = 0.0.0.0
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_pool_start = 0.0.0.0
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_pool_defined = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: server_bridge_pool_end = 0.0.0.0
    
    Jun 6 20:06:22
    
    openvpn[11951]: server_bridge_pool_start = 0.0.0.0
    
    Jun 6 20:06:22
    
    openvpn[11951]: server_bridge_netmask = 0.0.0.0
    
    Jun 6 20:06:22
    
    openvpn[11951]: server_bridge_ip = 0.0.0.0
    
    Jun 6 20:06:22
    
    openvpn[11951]: server_netbits_ipv6 = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: server_network_ipv6 = ::
    
    Jun 6 20:06:22
    
    openvpn[11951]: server_netmask = 0.0.0.0
    
    Jun 6 20:06:22
    
    openvpn[11951]: server_network = 0.0.0.0
    
    Jun 6 20:06:22
    
    openvpn[11951]: tls_auth_file = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: tls_exit = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: push_peer_info = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: single_session = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: transition_window = 3600
    
    Jun 6 20:06:22
    
    openvpn[11951]: handshake_window = 60
    
    Jun 6 20:06:22
    
    openvpn[11951]: renegotiate_seconds = 3600
    
    Jun 6 20:06:22
    
    openvpn[11951]: renegotiate_packets = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: renegotiate_bytes = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: tls_timeout = 2
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_eku = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_cert_ku[i] = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: ns_cert_type = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: crl_file = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: tls_remote = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: tls_export_cert = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: tls_verify = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: cipher_list = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: pkcs12_file = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: priv_key_file = '/var/etc/openvpn/client1.key'
    
    Jun 6 20:06:22
    
    openvpn[11951]: cert_file = '/var/etc/openvpn/client1.cert'
    
    Jun 6 20:06:22
    
    openvpn[11951]: dh_file = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: ca_path = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: ca_file = '/var/etc/openvpn/client1.ca'
    
    Jun 6 20:06:22
    
    openvpn[11951]: key_method = 2
    
    Jun 6 20:06:22
    
    openvpn[11951]: tls_client = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: tls_server = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: test_crypto = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: use_iv = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: packet_id_file = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: replay_time = 15
    
    Jun 6 20:06:22
    
    openvpn[11951]: replay_window = 64
    
    Jun 6 20:06:22
    
    openvpn[11951]: mute_replay_warnings = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: replay = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: engine = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: keysize = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: prng_nonce_secret_len = 16
    
    Jun 6 20:06:22
    
    openvpn[11951]: prng_hash = 'SHA1'
    
    Jun 6 20:06:22
    
    openvpn[11951]: authname = 'SHA1'
    
    Jun 6 20:06:22
    
    openvpn[11951]: authname_defined = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: ciphername = 'BF-CBC'
    
    Jun 6 20:06:22
    
    openvpn[11951]: ciphername_defined = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: key_direction = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: shared_secret_file = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: management_flags = 256
    
    Jun 6 20:06:22
    
    openvpn[11951]: management_client_group = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: management_client_user = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: management_write_peer_info_file = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: management_echo_buffer_size = 100
    
    Jun 6 20:06:22
    
    openvpn[11951]: management_log_history_cache = 250
    
    Jun 6 20:06:22
    
    openvpn[11951]: management_user_pass = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: management_port = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: management_addr = '/var/etc/openvpn/client1.sock'
    
    Jun 6 20:06:22
    
    openvpn[11951]: allow_pull_fqdn = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: max_routes = 100
    
    Jun 6 20:06:22
    
    openvpn[11951]: route_gateway_via_dhcp = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: route_nopull = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: route_delay_defined = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: route_delay_window = 30
    
    Jun 6 20:06:22
    
    openvpn[11951]: route_delay = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: route_noexec = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: route_default_metric = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: route_default_gateway = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: route_script = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: lzo = 7
    
    Jun 6 20:06:22
    
    openvpn[11951]: fast_io = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: sockflags = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: sndbuf = 65536
    
    Jun 6 20:06:22
    
    openvpn[11951]: rcvbuf = 65536
    
    Jun 6 20:06:22
    
    openvpn[11951]: occ = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: status_file_update_freq = 60
    
    Jun 6 20:06:22
    
    openvpn[11951]: status_file_version = 1
    
    Jun 6 20:06:22
    
    openvpn[11951]: status_file = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: gremlin = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: mute = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: verbosity = 5
    
    Jun 6 20:06:22
    
    openvpn[11951]: nice = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: suppress_timestamps = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: log = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: inetd = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: daemon = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: up_delay = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: up_restart = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: down_pre = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: down_script = '/usr/local/sbin/ovpn-linkdown'
    
    Jun 6 20:06:22
    
    openvpn[11951]: up_script = '/usr/local/sbin/ovpn-linkup'
    
    Jun 6 20:06:22
    
    openvpn[11951]: writepid = '/var/run/openvpn_client1.pid'
    
    Jun 6 20:06:22
    
    openvpn[11951]: cd_dir = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: chroot_dir = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: groupname = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: username = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: resolve_retry_seconds = 1000000000
    
    Jun 6 20:06:22
    
    openvpn[11951]: passtos = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: mssfix = 1450
    
    Jun 6 20:06:22
    
    openvpn[11951]: persist_key = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: persist_remote_ip = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: persist_local_ip = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: persist_tun = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: explicit_exit_notification = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: remap_sigusr1 = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: ping_timer_remote = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: ping_rec_timeout_action = 2
    
    Jun 6 20:06:22
    
    openvpn[11951]: ping_rec_timeout = 60
    
    Jun 6 20:06:22
    
    openvpn[11951]: ping_send_timeout = 10
    
    Jun 6 20:06:22
    
    openvpn[11951]: inactivity_timeout = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: keepalive_timeout = 60
    
    Jun 6 20:06:22
    
    openvpn[11951]: keepalive_ping = 10
    
    Jun 6 20:06:22
    
    openvpn[11951]: mlock = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: mtu_test = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: mtu_discover_type = -1
    
    Jun 6 20:06:22
    
    openvpn[11951]: fragment = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: tun_mtu_extra_defined = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: tun_mtu_extra = 32
    
    Jun 6 20:06:22
    
    openvpn[11951]: link_mtu_defined = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: link_mtu = 1500
    
    Jun 6 20:06:22
    
    openvpn[11951]: tun_mtu_defined = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: tun_mtu = 1500
    
    Jun 6 20:06:22
    
    openvpn[11951]: shaper = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_ipv6_remote = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_ipv6_netbits = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_ipv6_local = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_nowarn = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_noexec = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_remote_netmask = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: ifconfig_local = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: tun_ipv6 = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: topology = 1
    
    Jun 6 20:06:22
    
    openvpn[11951]: lladdr = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: dev_node = '/dev/tap1'
    
    Jun 6 20:06:22
    
    openvpn[11951]: dev_type = 'tap'
    
    Jun 6 20:06:22
    
    openvpn[11951]: dev = 'ovpnc1'
    
    Jun 6 20:06:22
    
    openvpn[11951]: ipchange = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_random = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: Connection profiles END
    
    Jun 6 20:06:22
    
    openvpn[11951]: socks_proxy_retry = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: socks_proxy_port = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: socks_proxy_server = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: connect_retry_max = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: connect_timeout = 10
    
    Jun 6 20:06:22
    
    openvpn[11951]: connect_retry_seconds = 5
    
    Jun 6 20:06:22
    
    openvpn[11951]: bind_local = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: bind_defined = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_float = ENABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote_port = 10010
    
    Jun 6 20:06:22
    
    openvpn[11951]: remote = 'melissa.vpntunnel.se'
    
    Jun 6 20:06:22
    
    openvpn[11951]: local_port = 50011
    
    Jun 6 20:06:22
    
    openvpn[11951]: local = '192.168.1.63'
    
    Jun 6 20:06:22
    
    openvpn[11951]: proto = udp
    
    Jun 6 20:06:22
    
    openvpn[11951]: Connection profiles [default]:
    
    Jun 6 20:06:22
    
    openvpn[11951]: show_tls_ciphers = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: key_pass_file = '[UNDEF]'
    
    Jun 6 20:06:22
    
    openvpn[11951]: genkey = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: show_engines = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: show_digests = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: show_ciphers = DISABLED
    
    Jun 6 20:06:22
    
    openvpn[11951]: mode = 0
    
    Jun 6 20:06:22
    
    openvpn[11951]: config = '/var/etc/openvpn/client1.conf'
    
    Jun 6 20:06:22
    
    openvpn[11951]: Current Parameter Settings:
    [/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i]
    


  • Well I'm a complete novice but did you follow step 2 correctly?
    Looks like it is saying it can't find the file containing your user name and password.

    Step 2: Configure your username/password
    1.  Navigate to Diagnostics -> Edit file
    2.  Write /conf/openvpn-auth.conf in the “Save/Load from path” field
    3.  Add your username to the first line, and your password on the second, and press save. It should look like this:

    USERNAME
    PASSWORD



  • thank you for your answer.

    but as i edited my post after.

    the file exist.

    [2.0-RC2][root@pfsense.localdomain]/conf(11): ls /conf
    backup             config.xml         openvpn-auth.conf
    

    and is chmod 777

    i don't understand.

    (it is in red when i do a ls do you know why ?)



  • i just recreated the file with vi and it is perfectly working.

    Thank you thank you thank you thank you



  • No problem. Glad it is working.
    Only created an account to post that link  :)



  • While it is working…

    i have always this error on the openvpn log

    someone know what this means ?

    TLS Error: local/remote TLS keys are out of sync

    Thank you



  • I just went into similar problem:
    "TLS Error: local/remote TLS keys are out of sync: "
    version: 2.0-RC3 (i386) built on Mon Jul 4 16:48:37 EDT 2011
    using OpenVPN + Remote Access (user auth) + UDP tun
    I used that before, so issue seems to be related to latest snapshot.
    This sometimes causes client disconnection.


Log in to reply