Amit Saxena wrote on Sun, Mar 22 2015 at 12:40 pm:
> Mypfsense has 2 nic
> Wan 192.168.1.4
> Lan 192.168.2.1
>
> Client machine
> Xp lan 192.168.2.4
>
> First I created server certificate
If your client PC is on the LAN, to what network are you VPNning on the
pfSense router? (if your client PC is on a different network and you are
trying to get to the LAN, you need a different subnet on the client end
otherwise packets won't route)
Some pitfalls: wildcard certs don’t work. Real certs don't seem to
work, it wants to use one created on your pfSense box. Therefore you must
export your pfSense's CA (cert. authority) certificate and import it as a
Trusted Root Certificate on your machine (that's what Windows calls it anyway).
The IPv4 Tunnel Network needs to be something not used on either end, such as
10.9.8.0/24. Add firewall rules to the OpenVPN interface on pfSense.
--
Steve Yates
ITS, Inc.
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
