I'm trying to configure an OpenVPN client for a site-to-site VPN using pfSense 2.0.1. I've selected TLS Authentication and provided a static TLS key. The configuration file generated by pfSense (/var/etc/openvpn/client1.conf) contains the line:
tls-auth /var/etc/openvpn/client1.tls-auth 1
Where '1' specifies the 'direction'. Unfortunately, with a direction specified the tunnel fails to initialize (the server doesn't respond). If I stop the OpenVPN service, remove the '1' from the above configuration directive and restart the service, I'm up and running no problem (except for a bunch of 'write UDPv4: No buffer space available (code=55)' log entries - is that normal?).
This workaround is poor solution, because if I use the GUI to update the client configuration or restart pfSense, the change I've made gets overwritten.
Unfortunately, I have no control over the other end of the connection.
Is there a way to remove the 'direction' from the tls-auth directive more… formally (or even just effectively)?