OpenVPN connection problems
-
Ok, I'm trying to form an OpenVPN connection from my DD-WRT router at home, to my pfSense router that I have with some colocated servers.
I can go pfSense OpenVPN as client -> DD-WRT Router as Server, and get it to establish a connection that way, but trying to go the other way is driving me insane.
I used all the same cert / keys and simply set pfsense up as the server, and then used the same client keys / certs I had used on pfsense on dd-wrt as a client.
No mattery what options I change I get
Sun Oct 16 19:17:24 2011 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134) Sun Oct 16 19:17:24 2011 TLS Error: TLS object -> incoming plaintext read error Sun Oct 16 19:17:24 2011 TLS Error: TLS handshake failed Sun Oct 16 19:17:24 2011 SIGUSR1[soft,tls-error] received, process restarting
I've got Enable authentication of TLS packets unchecked in the server, yet it still puts tls-server in the server config file (checked by sshing in and going to the shell). Even if I remove that and manually restart the server through the shell though I still get the erros. So I tried enabling the authentication of TLS packets and have the same problem (letting pfSense auto generate a shared key.
Using the openvpn easy-rsa scripts on my computer I have no tls shared key to use in this, it should not even be tls enabled.
Any ideas?
EDIT:
I tried creating a brand new CA, new Certs and everything through pfsense, and it simply results in the same problem. Not matter what settings I try, I get TLS Errors. I even tried letting it create TLS keys, and adding the key file to the client and it's still a no go. -
Hi - were you able to figure out how to accomplish this? I too am trying to do this. Thanks.
-
I don't know if this will be of any help to you, I was having the exact same issues when trying to connect to pfsense from a windows openvpn client, I fixed it by changing from tap to tun and changing interface to any. I made the last change so I could test the tunnel from inside the network, it all worked fine, then I switched to my mobile broadband connection and it all worked!
I also used the OpenVPN client export utility (you can install from packages) to export the configuration.
Good luck.