PfSense as OpenVPN-AS Client
-
I was just wondering if I would be able to set up pfSense to act as an OpenVPN Access Server client and route all traffic through that.
I have an OpenVPN Access Server running on a VPS. I can confirm that it works through the OpenVPN connect app on my phone.
If someone could point me to a guide or give me some general guidance, I would greatly appreciate it. Thanks!
-
Well, I've done quite a bit of searching and I feel that I am getting closer.
I am receiving this in my logs when trying to connect. Looks like an issue with the passwords, I've already checked that those are correct…
May 18 20:30:32 openvpn[58267]: OpenVPN 2.2.2 i386-portbld-freebsd8.1 [SSL] [LZO2] [eurephia] built on Apr 2 2013 May 18 20:30:32 openvpn[58267]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock May 18 20:30:32 openvpn[58267]: WARNING: file '/conf/openvpn-server2.pas' is group or others accessible May 18 20:30:32 openvpn[58267]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts May 18 20:30:32 openvpn[58267]: Control Channel Authentication: using '/var/etc/openvpn/client1.tls-auth' as a OpenVPN static key file May 18 20:30:32 openvpn[58267]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication May 18 20:30:32 openvpn[58267]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication May 18 20:30:32 openvpn[58267]: Control Channel MTU parms [ L:1557 D:166 EF:66 EB:0 ET:0 EL:0 ] May 18 20:30:32 openvpn[58267]: Socket Buffers: R=[42080->65536] S=[57344->65536] May 18 20:30:32 openvpn[58267]: Data Channel MTU parms [ L:1557 D:1450 EF:57 EB:4 ET:0 EL:0 ] May 18 20:30:32 openvpn[58267]: Local Options hash (VER=V4): '0f816d6e' May 18 20:30:32 openvpn[58267]: Expected Remote Options hash (VER=V4): '2f3e190a' May 18 20:30:32 openvpn[58379]: UDPv4 link local (bound): 192.168.1.175 May 18 20:30:32 openvpn[58379]: UDPv4 link remote: My.IP.Address.123:1194 May 18 20:30:33 openvpn[58379]: TLS: Initial packet from My.IP.Address.123:1194, sid=a388832d cb9b06e6 May 18 20:30:33 openvpn[58379]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this May 18 20:30:33 openvpn[58379]: VERIFY OK: depth=1, /CN=OpenVPN_CA May 18 20:30:33 openvpn[58379]: VERIFY OK: nsCertType=SERVER May 18 20:30:33 openvpn[58379]: VERIFY OK: depth=0, /CN=OpenVPN_Server May 18 20:30:34 openvpn[58379]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1542' May 18 20:30:34 openvpn[58379]: WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC' May 18 20:30:34 openvpn[58379]: WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo' May 18 20:30:34 openvpn[58379]: Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key May 18 20:30:34 openvpn[58379]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication May 18 20:30:34 openvpn[58379]: Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key May 18 20:30:34 openvpn[58379]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication May 18 20:30:34 openvpn[58379]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA May 18 20:30:34 openvpn[58379]: [OpenVPN_Server] Peer Connection Initiated with My.IP.Address.123:1194 May 18 20:30:36 openvpn[58379]: SENT CONTROL [OpenVPN_Server]: 'PUSH_REQUEST' (status=1) May 18 20:30:36 openvpn[58379]: AUTH: Received AUTH_FAILED control message May 18 20:30:36 openvpn[58379]: SIGTERM received, sending exit notification to peer May 18 20:30:38 openvpn[58379]: TCP/UDP: Closing socket May 18 20:30:38 openvpn[58379]: SIGTERM[soft,exit-with-notification] received, process exiting
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.