Messages

it works now finally.

step which worked in my case

• The Most important part is the Client export , WAN Address - it should be your external gateway where client will connect to authenticate and then you can just use the wizard for creating openvpn server in opnsense and use automatic firewall rules.
• at your local client, you need to also place the private key and certificate file in the config directory, I used the open GUI version and you can check the config directory by settigns

thank you for all the helps.

I have as well recreated all the certification CA and server as described in this article but its still the same issue

https://docs.opnsense.org/manual/how-tos/sslvpn_client.html

Attached the config of VPN Server

[Server Error Logs : TLS Error : Cannot locate HMAC in Incoming Packets from..Client : TLS Handshake Failed.]

Appreciating your replies, I am really just stuck with this setup, I have checked all settings as you have instructed but still it just doesnt work.

Pls check the attachments with screenshots of the settings.


I have also configured the Local client and place the right certificate file and key file inside the OpenVPN Config

Server Error Logs : TLS Error : Cannot locate HMAC in Incoming Packets from..

Client : TLS Handshake Failed.

thank you for the response. I did follow the guide as instructed and now I see in the client export the server and user but when I use the viscosity VPn client and import the certificate, it doesnt work,

[AF_INET]10.0.0.2:1196
2021-04-09 22:37:39: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2021-04-09 22:37:39: TLS Error: TLS handshake failed
2021-04-09 22:37:39: SIGTERM[soft,tls-error] received, process exiting
2021-04-09 22:37:39: State changed to Disconnected (Process Terminated)
2021-04-09 22:37:40: Viscosity Mac 1.9.2 (1565)
2021-04-09 22:37:40: Viscosity OpenVPN Engine Started


I see in the firewall logs that, client was trying to connect.

openvpn[19786]   Initialization Sequence Completed
2021-04-09T22:15:30   openvpn[19786]   UDPv4 link remote: [AF_UNSPEC]
2021-04-09T22:15:30   openvpn[19786]   UDPv4 link local (bound): [AF_INET]10.0.0.2:1194
2021-04-09T22:15:30   openvpn[19786]   Could not determine IPv4/IPv6 protocol. Using AF_INET
2021-04-09T22:15:29   openvpn[19786]   /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkup ovpns4 1500 1622 10.30.0.1 10.30.0.2 init
2021-04-09T22:15:29   openvpn[19786]   /sbin/ifconfig ovpns4 10.30.0.1 10.30.0.2 mtu 1500 netmask 255.255.255.255 up
2021-04-09T22:15:29   openvpn[19786]   TUN/TAP device /dev/tun4 opened
2021-04-09T22:15:29   openvpn[19786]   TUN/TAP device ovpns4 exists previously, keep at program end
2021-04-09T22:15:29   openvpn[19786]   NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2021-04-09T22:15:29   openvpn[13855]   library versions: OpenSSL 1.1.1h 22 Sep 2020, LZO 2.10
2021-04-09T22:15:29   openvpn[13855]   OpenVPN 2.4.9 amd64-portbld-freebsd12.1 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jul 28 2020
2021-04-09T22:15:29   openvpn[76154]   SIGTERM[hard,] received, process exiting
2021-04-09T22:15:27   openvpn[76154]   /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkdown ovpns4 1500 1622 10.30.0.1 10.30.0.2 init
2021-04-09T22:15:27   openvpn[76154]   event_wait : Interrupted system call (code=4)



but then it just disconnect and username/ password window pops up,

Dear All,

can I pls have any help on this topic ?

All,

I am really not understanding the client export part of OpenVPN Config, if I create the open VPN server with local database but I still don't see the Locally created users in the list so I can export the config, this is really complicated to get make it working,

can you pls explain me here?

thank you reply and I am very new to open sense, I have just downloaded the config which was there from the list, basically how Does the client export works ?

and Basically I don't see the list of Newly created updated users in Client Export. really not getting how this client export page works

pls help

Hi all,

I started to work for a company in the last week and Opensense Firewall is used there,there is not much documentation available about the configured vpn at my company and I am very new to open sense firewall in generally and I just see in the client export when I try to connect via Viscocity client, it doesnt work.

2021-04-07 10:48:43: Viscosity Mac 1.9.2 (1565)
2021-04-07 10:48:43: Viscosity OpenVPN Engine Started
2021-04-07 10:48:43: Running on macOS 11.2.3
2021-04-07 10:48:43: ---------
2021-04-07 10:48:43: State changed to Connecting
2021-04-07 10:48:43: Checking reachability status of connection...
2021-04-07 10:48:43: Connection is reachable. Starting connection attempt.
2021-04-07 10:48:43: OpenVPN 2.4.10 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Jan 18 2021
2021-04-07 10:48:43: library versions: OpenSSL 1.1.1i  8 Dec 2020, LZO 2.10
2021-04-07 10:48:55: Resolving address: vpn.repor.org
2021-04-07 10:48:55: Valid endpoint found: IP.IP:IP:IP:1194:1194:udp4
2021-04-07 10:48:55: TCP/UDP: Preserving recently used remote address: [AF_INET]IP.IP:IP:IP:1194
2021-04-07 10:48:55: UDPv4 link local (bound): [AF_INET][undef]:0
2021-04-07 10:48:55: UDPv4 link remote: [AF_INET]IP.IP:IP:IP:1194:1194
2021-04-07 10:49:55: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2021-04-07 10:49:55: TLS Error: TLS handshake failed
2021-04-07 10:49:55: SIGTERM[soft,tls-error] received, process exiting
2021-04-07 10:49:55: State changed to Disconnected (Process Terminated)


that's the log of the client and it doesnt connect, it seems that Client export have the internal gateway in config and I don't see any issue in the config of firewall, can someone pls help ?

thank you