PFSENSE 2.01 with OpenVPN/RoadWarrior setup?

  • Does anyone have the PfSense 2.01 working with openvpn with the roadwarrior type of setup.
    I found a guide and went through it for 2.01. I created the ca, certs and user and keep getting a TLS timeout error!
    I have tried this on two different pfsense firewalls both of them running 2.0X I suspect its something in this release?
    Anyone have any idea's?
    If you have the road warrior setup working what did you do to get rid of the TLS timeout errors?
    I'm using the local user auth type setup  ???

  • It's definitly nothing with the release.

    Are you using SSL/TLS or SSL/TLS + User-Auth or User-Auth only ?
    Make sure the TLS key your created on the OpenVPN server is correct on the client.

    Did you use the client export utility to get the config files and certificates and keys for the client ? If not - use it to make sure everything ist correct.

  • Yes, Its setup as Remote Access (SSL/TLS + User Auth)
    Yes the export worked fine. I copied the config and opened it up the only thing i needed to change was the ip address of the firewall itself It had the private ip address of the firewall not the public. When i connect it prompts me for the user/password then goes through "attempting to establish TCP connection with x.x.x.x.x:443"
    "connect to x.x.x.x:443 failed, will try again in 5 seconds: Connect time out [WSAETIMEDOUT]"
    I have verified that there are rules for this inbound traffic and even tried changing it to udp and 1194 then changed it to 1195 and wiped out the entire openvpn setup and recreated it with the same results.
    Any ideas?

  • Scratch that last reply!, I found the issue. If you use the wizard and have the wrong interface in the config. then change it later after the wizard is done. It wont work even if you change the config accordingly. I found that if you run the wizard correctly through with no changes it works just fine!
    Thanks for the sanity check!

  • Ok :)

Log in to reply