IPSec VPN seems to work, but no communication?

[Patrick M. Hausen]

Did you also create and configure one for the server?

[ibrewster]

Did you also create and configure one for the server?

Yeah - I have the server set up with the ACME client, getting a certificate from letsencrypt.org. Though I also set up the local authority (which is how I created the user certificate), and have a server certificate created using that.

I used the official letsencrypt.org certificate for the OpenVPN server.

For what it's worth, I have a dynamic IP address with a dynamic DNS service on OPNsense set up through freedns, and I *can* connect (via port forwarding) to an OpenVPN Access Server instance I set up on a box behind the firewall, so I know OpenVPN works from my client machine to my host network in general, I just need to get all the settings right.

And yes, I did make sure to disable the port forward to that box before trying to set up OpenVPN on the OPNsense box 

I may try looking at the configuration file that box creates, vs the one OPNsense is giving me to see if I can figure out what's different between the two. Not sure if that's worth the effort or not.

[ibrewster]

GOT IT!!!!! Well, for OpenVPN at least. Apparently OpenVPN didn't like me using the letsencrypt.org certificate for the server, but the self-generated certificate for the client. I switched over to using the self-generated certificate for the server, and got a connection - and it even routes traffic correctly!

So not the IPsec connection I was going for, but it works, so I guess that's solved?

Thanks everyone who helped me troubleshoot this!