[SOLVED] OpenVPN not connecting from WAN

Started by vividou, January 18, 2018, 07:07:05 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
January 21, 2018, 07:55:12 AM #15
This is no longer the original issue (tls handshake failure), right?
That new error might suggest that something is killing your client somehow.

Are both LAN IP pools 192.168.0.0/24 ?
OPNsense v18 | HW: Gigabyte Z370N-WIFI, i3-8100, 8GB RAM, 60GB SSD, | Controllers: 82575GB-quad, 82574, I221, I219-V | PPPoE: RDS Romania | Down: 980Mbit/s | Up: 500Mbit/s

Team Rebellion Member
January 21, 2018, 11:21:09 AM #16 Last Edit: January 21, 2018, 12:30:52 PM by vividou
No, they use different subnet address. Moreover I do not want my Openvpn client to access the LAN, only connect to the vpn server and browse the web from there.

What could kill my client?
January 21, 2018, 03:48:01 PM #17
I have finally localised the openvpn server.conf file in /var/etc/openvpn/ on freebsd.

Here is its content:
Code Select

dev ovpns1
verb 6
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-256-CBC
auth SHA512
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
client-connect /usr/local/sbin/openvpn.attributes.sh
client-disconnect /usr/local/sbin/openvpn.attributes.sh
local 192.168.0.185
tls-server
server 10.0.8.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc/1
username-as-common-name
auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user 'Local Database' 'false' 'server1'" via-env
tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'openvpn-server-certificate' 1"
lport 1194
management /var/etc/openvpn/server1.sock unix
max-clients 10
push "redirect-gateway def1"
ca /var/etc/openvpn/server1.ca
cert /var/etc/openvpn/server1.cert
key /var/etc/openvpn/server1.key
dh /usr/local/etc/dh-parameters.2048
tls-auth /var/etc/openvpn/server1.tls-auth 0
comp-lzo adaptive
persist-remote-ip
float
topology subnet
March 01, 2018, 07:39:57 PM #18
After several attempts to configure, create certificates and in the meantime an update to 18.1.2, OpenVPN is now working.

I have noticed that the openvpn client on linux does not like when the ssl certificate for the same vpn changes. Once the certificate changes all following connection will contain the TSL error until the client is rebooted.
March 02, 2018, 07:30:07 AM #19
Nice, thank you for your feedback!
OPNsense v18 | HW: Gigabyte Z370N-WIFI, i3-8100, 8GB RAM, 60GB SSD, | Controllers: 82575GB-quad, 82574, I221, I219-V | PPPoE: RDS Romania | Down: 980Mbit/s | Up: 500Mbit/s

Team Rebellion Member
Print
Go Up Pages 1 2
User actions