pfsense openvpn connecting problem

T

timreichhart

Gawd
Joined
Feb 22, 2009
Messages
928
Guys
I am running 2.1-RELEASE (i386) of it and I am also running windows 7 and everytime I try to connect to it I get this error "Connecting pfsense-udp-1194-vpn has failed".
 
Check the logs on both server and client. Make sure your ports are open and no firewalls are blocking traffic. Try TCP 443.
 
This is the openvpn log:

Code: 
Dec 23 18:24:54 	openvpn[58933]: event_wait : Interrupted system call (code=4)
Dec 23 18:24:55 	openvpn[58933]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1558 172.16.0.1 172.16.0.2 init
Dec 23 18:24:55 	openvpn[58933]: SIGTERM[hard,] received, process exiting
Dec 23 18:24:55 	openvpn[83745]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013
Dec 23 18:24:55 	openvpn[83745]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want
Dec 23 18:24:55 	openvpn[83745]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 23 18:24:56 	openvpn[83745]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
Dec 23 18:24:56 	openvpn[83745]: TUN/TAP device ovpns1 exists previously, keep at program end
Dec 23 18:24:56 	openvpn[83745]: TUN/TAP device /dev/tun1 opened
Dec 23 18:24:56 	openvpn[83745]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 23 18:24:56 	openvpn[83745]: /sbin/ifconfig ovpns1 172.16.0.1 172.16.0.2 mtu 1500 netmask 255.255.255.255 up
Dec 23 18:24:56 	openvpn[83745]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1558 172.16.0.1 172.16.0.2 init
Dec 23 18:24:56 	openvpn[86064]: UDPv4 link local (bound): [AF_INET]70.62.55.173:11942
Dec 23 18:24:56 	openvpn[86064]: UDPv4 link remote: [undef]
Dec 23 18:24:56 	openvpn[86064]: Initialization Sequence Completed
 
That log says nothing. It only shows the server starting up. Try to connect and then check the client and server logs.
 
TCM2 please tell me where the client and server logs are at because that was the system ---> openvpn logs.
 
Uhm, wherever the log option in the config file points to? You're the admin. You're supposed to know where your logs are. :)
 
Tim, being pfSense, I'd start with Firewall logs and make sure that your connections aren't being blocked on the outside first.
 
Here is the firewall logs and I have the openvpn to connect to pass I used the openvpn wizard.

Code: 
34 matched log entries.Max(50)
Act 	Time 	If 	Source 	Destination 	Proto
block
	Dec 26 11:40:47 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:40:48 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:40:54 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:40:57 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:03 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:04 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 192.168.0.1 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 224.0.0.1 	IGMP
block
	Dec 26 11:41:04 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 192.168.0.1 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 224.0.0.1 	IGMP
block
	Dec 26 11:41:04 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 70.62.55.169 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 224.0.0.1 	IGMP
block
	Dec 26 11:41:04 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 70.62.55.169 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 224.0.0.1 	IGMP
block
	Dec 26 11:41:04 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:05 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:07 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:12 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:19 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:21 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:23 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:28 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:30 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:37 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:44 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:50 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:53 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:41:55 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:42:01 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:42:04 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:42:11 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:42:12 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:42:13 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:42:14 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:42:17 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:42:22 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:42:26 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:42:29 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP
block
	Dec 26 11:42:31 	WAN 	Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 0.0.0.0:68		Icon Reverse Resolve with DNS Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:67		UDP

Code: 
Last 50 OpenVPN log entries
Dec 26 11:44:16 	openvpn[98578]: event_wait : Interrupted system call (code=4)
Dec 26 11:44:16 	openvpn[98578]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1558 172.16.0.1 172.16.0.2 init
Dec 26 11:44:16 	openvpn[98578]: SIGTERM[hard,] received, process exiting
 
Last edited:
Well what? 3 lines we've already seen. There's just no information. The logs look truncated.
 
Have you tested 1194 UDP inbound to test that's responding? Did you trying connecting inside the network?
 
/usr/home I have not tested 1194 udp inbound and I have not tried to connect inside of the network I really dont have an away to test it inside of the network only way I can test it from external network. Is there an good guide how to set this up under the 2.1 release because the pfsense chat room and forum is like dead as an door knob.
 
You must log in or register to reply here.
Back
Top