I'm having trouble connecting my Windows 7 OpenVPN client to the pfSense 2.1.4 server. I have tried two different types of ciphers (BF-CBC and AES-256-CBC).
This is a fresh 2.1.4 install with the server's settings generated using the Wizard. I'm including my local config file. As you can see, I'm trying to connect via username / password and not via SSL certificate. *dev tun* *persist-tun* *cipher BF-CBC* *auth SHA1* *tls-client* *client* *resolv-retry infinite* *remote 204.93.122.117 1194 udp* *lport 0* *auth-user-pass* *ca C:\nnh-vpn.crt* *comp-lzo* It seems that the client is hitting the server, but for some reason, my client isn't successfully connecting. Here's the last 50 entries in the OpenVPN server's log (see end of this email). I'm having trouble tracking down the log files on the client machine, so perhaps this email should go to OpenVPN folks and not pfSense. But I'm wondering if anyone on this list has any suggestions. Thanks, David Jun 30 23:29:19openvpn[98461]: /sbin/ifconfig ovpns1 10.1.5.1 10.1.5.2 mtu 1500 netmask 255.255.255.255 upJun 30 23:29:19openvpn[98461]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1558 10.1.5.1 10.1.5.2 initJun 30 23:29:19openvpn[99566]: UDPv4 link local (bound): [AF_INET] 204.93.122.117:1194Jun 30 23:29:19openvpn[99566]: UDPv4 link remote: [undef]Jun 30 23:29:19openvpn[99566]: Initialization Sequence CompletedJun 30 23:31:53openvpn[99566]: event_wait : Interrupted system call (code=4)Jun 30 23:31:53openvpn[99566]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1558 10.1.5.1 10.1.5.2 initJun 30 23:31:53openvpn[99566]: SIGTERM[hard,] received, process exitingJun 30 23:31:53openvpn[33539]: OpenVPN 2.3.2 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014Jun 30 23:31:53openvpn[33539]: NOTE: the current --script-security setting may allow this configuration to call user-defined scriptsJun 30 23:31:53openvpn[33539]: WARNING: POTENTIALLY DANGEROUS OPTION --client-cert-not-required may accept clients which do not present a certificateJun 30 23:31:53openvpn[33539]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key fileJun 30 23:31:53openvpn[33539]: TUN/TAP device ovpns1 exists previously, keep at program endJun 30 23:31:53openvpn[33539]: TUN/TAP device /dev/tun1 openedJun 30 23:31:53openvpn[33539]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0Jun 30 23:31:53openvpn[33539]: /sbin/ifconfig ovpns1 10.1.5.1 10.1.5.2 mtu 1500 netmask 255.255.255.255 upJun 30 23:31:53openvpn[33539]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1558 10.1.5.1 10.1.5.2 initJun 30 23:31:53openvpn[34278]: UDPv4 link local (bound): [AF_INET]204.93.122.117:1194Jun 30 23:31:53openvpn[34278]: UDPv4 link remote: [undef]Jun 30 23:31:53openvpn[34278]: Initialization Sequence CompletedJun 30 23:43:53openvpn[34278]: event_wait : Interrupted system call (code=4)Jun 30 23:43:53openvpn[34278]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1558 10.1.5.1 10.1.5.2 initJun 30 23:43:53openvpn[34278]: SIGTERM[hard,] received, process exitingJun 30 23:43:53openvpn[94080]: OpenVPN 2.3.2 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014Jun 30 23:43:53openvpn[94080]: NOTE: the current --script-security setting may allow this configuration to call user-defined scriptsJun 30 23:43:53openvpn[94080]: WARNING: POTENTIALLY DANGEROUS OPTION --client-cert-not-required may accept clients which do not present a certificateJun 30 23:43:53openvpn[94080]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key fileJun 30 23:43:53openvpn[94080]: TUN/TAP device ovpns1 exists previously, keep at program endJun 30 23:43:53openvpn[94080]: TUN/TAP device /dev/tun1 openedJun 30 23:43:53openvpn[94080]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0Jun 30 23:43:53openvpn[94080]: /sbin/ifconfig ovpns1 10.1.5.1 10.1.5.2 mtu 1500 netmask 255.255.255.255 upJun 30 23:43:53openvpn[94080]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1558 10.1.5.1 10.1.5.2 initJun 30 23:43:53openvpn[95341]: UDPv4 link local (bound): [AF_INET]204.93.122.117:1194Jun 30 23:43:53openvpn[95341]: UDPv4 link remote: [undef]Jun 30 23:43:53openvpn[95341]: Initialization Sequence CompletedJun 30 23:51:18openvpn[95341]: event_wait : Interrupted system call (code=4)Jun 30 23:51:18openvpn[95341]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1558 10.1.5.1 10.1.5.2 initJun 30 23:51:18openvpn[95341]: SIGTERM[hard,] received, process exitingJun 30 23:51:18openvpn[39154]: OpenVPN 2.3.2 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014Jun 30 23:51:18openvpn[39154]: NOTE: the current --script-security setting may allow this configuration to call user-defined scriptsJun 30 23:51:18openvpn[39154]: WARNING: POTENTIALLY DANGEROUS OPTION --client-cert-not-required may accept clients which do not present a certificateJun 30 23:51:18openvpn[39154]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key fileJun 30 23:51:18openvpn[39154]: TUN/TAP device ovpns1 exists previously, keep at program endJun 30 23:51:18openvpn[39154]: TUN/TAP device /dev/tun1 openedJun 30 23:51:18openvpn[39154]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0Jun 30 23:51:18openvpn[39154]: /sbin/ifconfig ovpns1 10.1.5.1 10.1.5.2 mtu 1500 netmask 255.255.255.255 upJun 30 23:51:18openvpn[39154]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1542 10.1.5.1 10.1.5.2 initJun 30 23:51:18openvpn[40446]: UDPv4 link local (bound): [AF_INET]204.93.122.117:1194Jun 30 23:51:18openvpn[40446]: UDPv4 link remote: [undef]Jun 30 23:51:18openvpn[40446]: Initialization Sequence Completed -- David White Founder & CEO *Develop CENTS * Computing, Equipping, Networking, Training & Supporting Nonprofit Organizations Worldwide http://developcents.com 423-693-4234
_______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
