1
Virtual private networks / Re: OpenVPN client cannot connect
« on: February 13, 2021, 06:26:49 pm »
Shared key only seems to be an option with a peer-to-peer connection. Will that work?
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
Virtual private networks / OpenVPN client cannot connect
« on: February 12, 2021, 08:31:27 pm »
Greetings!
I am new to Opnsense, but I am a long time user of Pfsense so a lot of the fundamentals are familiar to me.
I am trying to setup my first OpenVPN server, but I am getting timeouts when trying to make an inbound connection. I don't see any errors on my client end except "TLS key negotiation failed to occur within 60 seconds."
Here is my setup:
LAN: 10.99.10.0/24
WAN: DHCP (using DDNS)
Server Mode: Remote Access (SSL/TLS + User Auth)
Backend for authentication: Local Database
Enforce local group: (none)
Protocol: UDP4
Device Mode: tun
Interface: WAN
Local port: 1194
DH Parameters Length: 2048 bit
Encryption algorithm: AES-256-CBC
Auth Digest Algorithm: SAH256
Hardware Crypto: No Hardware Crypto
Certificate Depth One
IPv4 Tunnel Network: 10.2.0.0/24
Redirect Gateway: Unchecked
IPv4 Local Network: 10.99.10.0/24
Firewall Rule (WAN)
Protocol: IPv4 UDP
Source: *
Port: *
Destination: WAN address
Port: 1194
Firewall Rule (OpenVPN)
Protocol: IPv4+6*
Source: *
Port: *
Destination: *
Port: *
Yes, I have verified that the DDNS host I am using is resolving to the correct IP as I can enable all inbound traffic and reach the web interface from that hostname. I had a Pfsense box here previously in which OpenVPN worked fine so I do not believe it is anything on the ISP side. Any ideas?
I am new to Opnsense, but I am a long time user of Pfsense so a lot of the fundamentals are familiar to me.
I am trying to setup my first OpenVPN server, but I am getting timeouts when trying to make an inbound connection. I don't see any errors on my client end except "TLS key negotiation failed to occur within 60 seconds."
Here is my setup:
LAN: 10.99.10.0/24
WAN: DHCP (using DDNS)
Server Mode: Remote Access (SSL/TLS + User Auth)
Backend for authentication: Local Database
Enforce local group: (none)
Protocol: UDP4
Device Mode: tun
Interface: WAN
Local port: 1194
DH Parameters Length: 2048 bit
Encryption algorithm: AES-256-CBC
Auth Digest Algorithm: SAH256
Hardware Crypto: No Hardware Crypto
Certificate Depth One
IPv4 Tunnel Network: 10.2.0.0/24
Redirect Gateway: Unchecked
IPv4 Local Network: 10.99.10.0/24
Firewall Rule (WAN)
Protocol: IPv4 UDP
Source: *
Port: *
Destination: WAN address
Port: 1194
Firewall Rule (OpenVPN)
Protocol: IPv4+6*
Source: *
Port: *
Destination: *
Port: *
Yes, I have verified that the DDNS host I am using is resolving to the correct IP as I can enable all inbound traffic and reach the web interface from that hostname. I had a Pfsense box here previously in which OpenVPN worked fine so I do not believe it is anything on the ISP side. Any ideas?
Pages: [1]