4. OpenVPN connection problems

OpenVPN connection problems

  • S

    Ok, I'm trying to form an OpenVPN connection from my DD-WRT router at home, to my pfSense router that I have with some colocated servers.

    I can go pfSense OpenVPN as client -> DD-WRT Router as Server, and get it to establish a connection that way, but trying to go the other way is driving me insane.

    I used all the same cert / keys and simply set pfsense up as the server, and then used the same client keys / certs I had used on pfsense on dd-wrt as a client.

    No mattery what options I change I get

    
Sun Oct 16 19:17:24 2011 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
Sun Oct 16 19:17:24 2011 TLS Error: TLS object -> incoming plaintext read error
Sun Oct 16 19:17:24 2011 TLS Error: TLS handshake failed
Sun Oct 16 19:17:24 2011 SIGUSR1[soft,tls-error] received, process restarting

    I've got Enable authentication of TLS packets unchecked in the server, yet it still puts tls-server in the server config file (checked by sshing in and going to the shell).  Even if I remove that and manually restart the server through the shell though I still get the erros.  So I tried enabling the authentication of TLS packets and have the same problem (letting pfSense auto generate a shared key.

    Using the openvpn easy-rsa scripts on my computer I have no tls shared key to use in this, it should not even be tls enabled.

    Any ideas?

    EDIT:
    I tried creating a brand new CA, new Certs and everything through pfsense, and it simply results in the same problem.  Not matter what settings I try, I get TLS Errors.  I even tried letting it create TLS keys, and adding the key file to the client and it's still a no go.

    0
  • M

    Hi - were you able to figure out how to accomplish this? I too am trying to do this. Thanks.

    0
  • Z

    I don't know if this will be of any help to you, I was having the exact same issues when trying to connect to pfsense from a windows openvpn client, I fixed it by changing from tap to tun and changing interface to any. I made the last change so I could test the tunnel from inside the network, it all worked fine, then I switched to my mobile broadband connection and it all worked!

    I also used the OpenVPN client export utility (you can install from packages) to export the configuration.

    Good luck.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy