Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    What am I doing wrong?

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Mad Professor
      last edited by

      I'm trying to setup a roadwarrior openvpn using my laptop and wifi tethering through my phone to connect to my pfsense box at home. But windows 7 client won't connect saying TLS key negotiation failure, TLS handshake error. which seems to be a firewall issue, I created the firewall rule:

      
      PASS
      WAN
      Protocol: UDP
      source: any
      OS type: any
      Destination: any
      Destination port range from: OpenVPN
      Destination port range to: OpenVPN
      Tick in the LOG
      

      and I see the request from laptop to the firewall but it keeps going to the DMZ subnet specifically 172.16.0.125 which is a videophone.

      If I block the 1194 on the dmz subnet, it still doesn't work, if I set the destination on wan rule to ! DMZ net, it's now reporting it blocked.

      Is this because I have 1:1 nat of my public ip going to private ip causing this to break?

      Also if I set openvpn through nat using 192.168.0.1 then I get

      
      openvpn[10291]: 208.54.64.168:19692 write UDPv4: Operation not permitted (code=1)
      May 2 13:23:04 	openvpn[10291]: 208.54.64.168:28496 write UDPv4: Operation not permitted (code=1)
      May 2 13:23:03 	last message repeated 2 times
      May 2 13:23:01 	openvpn[10291]: 208.54.64.168:19692 write UDPv4: Operation not permitted (code=1)
      
      

      What can I do to fix this?

      1 Reply Last reply Reply Quote 0
      • M
        Mad Professor
        last edited by

        After two days banging my head on the desk, I got it.

        As for future reference to anyone, I was using pfsense 1.2.3.
        This is how I got it to work.
        I had to set a custom option in openvpn```
        local 192.168.0.1

        
        It took awhile since of a lot of the guides don't show this, and it was critical missing link.
        1 Reply Last reply Reply Quote 0
        • H
          heper
          last edited by

          i would advice updating to 2.0.3 which is the latest stable. Since 1.2.3 there have been numerous improvements, also making it much easier to setup openvpn.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.