What am I doing wrong?



  • I'm trying to setup a roadwarrior openvpn using my laptop and wifi tethering through my phone to connect to my pfsense box at home. But windows 7 client won't connect saying TLS key negotiation failure, TLS handshake error. which seems to be a firewall issue, I created the firewall rule:

    
    PASS
    WAN
    Protocol: UDP
    source: any
    OS type: any
    Destination: any
    Destination port range from: OpenVPN
    Destination port range to: OpenVPN
    Tick in the LOG
    

    and I see the request from laptop to the firewall but it keeps going to the DMZ subnet specifically 172.16.0.125 which is a videophone.

    If I block the 1194 on the dmz subnet, it still doesn't work, if I set the destination on wan rule to ! DMZ net, it's now reporting it blocked.

    Is this because I have 1:1 nat of my public ip going to private ip causing this to break?

    Also if I set openvpn through nat using 192.168.0.1 then I get

    
    openvpn[10291]: 208.54.64.168:19692 write UDPv4: Operation not permitted (code=1)
    May 2 13:23:04 	openvpn[10291]: 208.54.64.168:28496 write UDPv4: Operation not permitted (code=1)
    May 2 13:23:03 	last message repeated 2 times
    May 2 13:23:01 	openvpn[10291]: 208.54.64.168:19692 write UDPv4: Operation not permitted (code=1)
    
    

    What can I do to fix this?



  • After two days banging my head on the desk, I got it.

    As for future reference to anyone, I was using pfsense 1.2.3.
    This is how I got it to work.
    I had to set a custom option in openvpn```
    local 192.168.0.1

    
    It took awhile since of a lot of the guides don't show this, and it was critical missing link.


  • i would advice updating to 2.0.3 which is the latest stable. Since 1.2.3 there have been numerous improvements, also making it much easier to setup openvpn.


Log in to reply