Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    What am I doing wrong?

    OpenVPN
    2
    3
    1153
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Mad Professor last edited by

      I'm trying to setup a roadwarrior openvpn using my laptop and wifi tethering through my phone to connect to my pfsense box at home. But windows 7 client won't connect saying TLS key negotiation failure, TLS handshake error. which seems to be a firewall issue, I created the firewall rule:

      
      PASS
      WAN
      Protocol: UDP
      source: any
      OS type: any
      Destination: any
      Destination port range from: OpenVPN
      Destination port range to: OpenVPN
      Tick in the LOG
      

      and I see the request from laptop to the firewall but it keeps going to the DMZ subnet specifically 172.16.0.125 which is a videophone.

      If I block the 1194 on the dmz subnet, it still doesn't work, if I set the destination on wan rule to ! DMZ net, it's now reporting it blocked.

      Is this because I have 1:1 nat of my public ip going to private ip causing this to break?

      Also if I set openvpn through nat using 192.168.0.1 then I get

      
      openvpn[10291]: 208.54.64.168:19692 write UDPv4: Operation not permitted (code=1)
      May 2 13:23:04 	openvpn[10291]: 208.54.64.168:28496 write UDPv4: Operation not permitted (code=1)
      May 2 13:23:03 	last message repeated 2 times
      May 2 13:23:01 	openvpn[10291]: 208.54.64.168:19692 write UDPv4: Operation not permitted (code=1)
      
      

      What can I do to fix this?

      1 Reply Last reply Reply Quote 0
      • M
        Mad Professor last edited by

        After two days banging my head on the desk, I got it.

        As for future reference to anyone, I was using pfsense 1.2.3.
        This is how I got it to work.
        I had to set a custom option in openvpn```
        local 192.168.0.1

        
        It took awhile since of a lot of the guides don't show this, and it was critical missing link.
        1 Reply Last reply Reply Quote 0
        • H
          heper last edited by

          i would advice updating to 2.0.3 which is the latest stable. Since 1.2.3 there have been numerous improvements, also making it much easier to setup openvpn.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy