Can't import openvpn certificates from pfsense 1.2.3 to pfsense 2.0



  • How to import certificates from pfsense 1.2.3 to pfsense 2.0?

    I copy ca.crt and ca.key to system -> certificate manager - CAs certificate data and certificate private key, then server.crt and server.key to  system -> certificate manager - Certificates.

    Use OpenVPN Settings:

    *Remote Access (SSL/TLS)
    *UDP
    *tun
    *Peer Certificate Authority (name from certificate manager)
    *Server Certificate (name from certificate manager)
    *DH Paramether  Length 1024 bits
    *Encryption BF-CBC128
    *Certificate Depth Client+Server
    *Tunnel Network 192.168.55.0/24
    *Local Network 192.168.2.0/24

    When Connecting OpenVPN Client, I receive error:

    TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 09 08:25:49 2012 TLS Error: TLS handshake failed
    Fri Mar 09 08:25:49 2012 TCP/UDP: Closing socket
    Fri Mar 09 08:25:49 2012 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 09 08:25:49 2012 Restart pause, 2 second(s)
    Fri Mar 09 08:25:51 2012 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 09 08:25:51 2012 NOTE: OpenVPN 2.1 requires '–script-security 2' or higher to call user-defined scripts or executables



  • ???

    Outgoing port was closed form client side.


Log in to reply