>Adding "cipher AES-128-CBC" to the client file fixed the problem, I'm able to
>ping
>
>Thanks all for the help
I was just replying saying it looked fine, didn’t your log suggest this to
start?
Adding "cipher AES-128-CBC" to the client file fixed the problem, I'm able to
ping
Thanks all for the help
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
C
dev ovpns2
dev-type tun
dev-node /dev/tun2
writepid /var/run/openvpn_server2.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-128-CBC
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local x.x.x.x
t
>Here is my config
>
>Server
/snip
That’s a mess of xml, log in with ssh and post the
/var/etc/openvpn/server2.conf or
whichever # is applicable.
>-client---
>Client
/snip
That looks right.
Here is my config
Server
-
2
server_tls
Local Database
UDP
wan
1194
-
-
xx
1024
AES-128-CBC
none
10.168.2.0/24
10.168.255.0/24
10
yes
yes
yes
yes
0
-client
>Even with "Force all client generated traffic through the tunnel" checked
>I'm unable to ping any of the clients or the local net
You'd get a definitive answer immediately if you sanitized and posted or
paste binned your client *and* server conf files.
From: k_o_l [mailto:k_...@hotmail.com]
Sent: Tuesday, March 08, 2011 6:14 PM
To: support@pfsense.com
Subject: RE: [pfSense Support] OpenVPN issues
From: Jim Pingle [mailto:li...@pingle.org]
Sent: Tuesday, March 08, 2011 5:53 PM
To: support@pfsense.com
Subject: Re: [pfSense Support] OpenVPN
From: Jim Pingle [mailto:li...@pingle.org]
Sent: Tuesday, March 08, 2011 5:53 PM
To: support@pfsense.com
Subject: Re: [pfSense Support] OpenVPN issues
On 3/8/2011 5:38 PM, k_o_l wrote:
> Just under address pool I had 10.168.2.0/24, I'm fine with not getting /24
> with the new setup,
On 3/8/2011 5:38 PM, k_o_l wrote:
> Just under address pool I had 10.168.2.0/24, I'm fine with not getting /24
> with the new setup, as long as I can communicate client-to-client and of
> course resolve the issue with the quad zero gateway
That's fine, it will take /30's out of that /24 - that's
From: Jim Pingle [mailto:li...@pingle.org]
Sent: Tuesday, March 08, 2011 5:26 PM
To: support@pfsense.com
Subject: Re: [pfSense Support] OpenVPN issues
On 3/8/2011 5:21 PM, k_o_l wrote:
>> From: Jim Pingle [mailto:li...@pingle.org]
>> On 3/8/2011 3:02 PM, k_o_l wrote:
>>>
On 3/8/2011 5:21 PM, k_o_l wrote:
>> From: Jim Pingle [mailto:li...@pingle.org]
>> On 3/8/2011 3:02 PM, k_o_l wrote:
>>> I had working OpenVPN with pfsense 1.2.3, however with 2.0-RC1 the
>>> server is handing the wrong mask and no gateway to the clients, I have
>>> tried the wizard and changing d
From: Jim Pingle [mailto:li...@pingle.org]
Sent: Tuesday, March 08, 2011 3:16 PM
To: support@pfsense.com
Subject: Re: [pfSense Support] OpenVPN issues
On 3/8/2011 3:02 PM, k_o_l wrote:
> I had working OpenVPN with pfsense 1.2.3, however with 2.0-RC1 the
> server is handing the wrong mask
From: Joseph L. Casale [mailto:jcas...@activenetwerx.com]
Sent: Tuesday, March 08, 2011 4:16 PM
To: support@pfsense.com
Subject: RE: [pfSense Support] OpenVPN issues
On 3/8/2011 3:02 PM, k_o_l wrote:
> I had working OpenVPN with pfsense 1.2.3, however with 2.0-RC1 the
> server is handi
On 3/8/2011 3:02 PM, k_o_l wrote:
> I had working OpenVPN with pfsense 1.2.3, however with 2.0-RC1 the
> server is handing the wrong mask and no gateway to the clients, I have
> tried the wizard and changing different subnets, no matter what the
> server is handing out /30 instead of /32. Firewalls
On 3/8/2011 3:02 PM, k_o_l wrote:
> I had working OpenVPN with pfsense 1.2.3, however with 2.0-RC1 the
> server is handing the wrong mask and no gateway to the clients, I have
> tried the wizard and changing different subnets, no matter what the
> server is handing out /30 instead of /32. Firewalls
Chris Buechler wrote:
2 . We want our VPN users to use the 3mb link. After we configured this, VPN
with proto udp stopped working - since the DSL is now the "WAN" link it
appears that what happens is the firewall responds to an incoming udp packet
on the T1 line by sending a response over the WAN
On Fri, Oct 10, 2008 at 3:34 PM, JJB <[EMAIL PROTECTED]> wrote:
> Hello,
>
> We just migrated our vpn users to our pf sense firewall. We have dual
> firewalls (CARP) and dual wan links - a 3mbit bonded t1 link and a 10mb dsl
> link. (not load balanced - a LAN router is determining what is going to
On 10/3/06, Kyle Mott <[EMAIL PROTECTED]> wrote:
It's not required, but it is nice to have, as you can monitor traffic on
it via SNMP. Can we leave it assigned without harmful effects?
Doubt it. But it all depends on what services you use from pfSense.
Anything that uses tunX will end up biti
It's not required, but it is nice to have, as you can monitor traffic on
it via SNMP. Can we leave it assigned without harmful effects?
-Kyle
Scott Ullrich wrote:
On 9/30/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
Good afternoon,
Anyone get a chance to look at the attached and make s
On 9/30/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
Good afternoon,
Anyone get a chance to look at the attached and make sense of it?
Thanks everyone.
Yes, the documentation that was posted to our sites was incorrect.
You need to be running on the most recent snapshot and you need to
dele
Good afternoon,
Anyone get a chance to look at the attached and make sense of it?
Thanks everyone.
-W
On 9/28/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
Scott,
See attached, some good troubleshooting and very interesting
information. This is all server side (despite the name of th
Scott,
See attached, some good troubleshooting and very interesting
information. This is all server side (despite the name of the file).
This was all configuring the server side and viewing the errors,
fricin weird stuff. Let me know what else you would like to see in
the way of troubleshooti
Also,
I only get that complaint upon restart of the process, the initial
startup is fine, binds the port and all is good.
-W
On 9/28/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
Nope,
Webgui is running on TCP/81.
-W
On 9/28/06, Scott Ullrich <[EMAIL PROTECTED]> wrote:
> Use a d
Nope,
Webgui is running on TCP/81.
-W
On 9/28/06, Scott Ullrich <[EMAIL PROTECTED]> wrote:
Use a different port then if 443 is already in use (webGUI?)
Scott
On 9/28/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
> The host is up,
> PPTP (not through a proxy) works fine. Here is a
Use a different port then if 443 is already in use (webGUI?)
Scott
On 9/28/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
The host is up,
PPTP (not through a proxy) works fine. Here is an attempt with a
direct connect (no proxy). What I keep seeing on the server side is 2
things;
1. I ca
The host is up,
PPTP (not through a proxy) works fine. Here is an attempt with a
direct connect (no proxy). What I keep seeing on the server side is 2
things;
1. I cannot mod the server0.conf, I mod it and the changes don't keep
(I did disable that particulat server before I attempted to mod
This problem is related to connectivity:
Thu Sep 28 09:34:01 2006 us=993530 Attempting Basic Proxy-Authorization
Thu Sep 28 09:34:01 2006 us=993541 Send to HTTP proxy:
'Proxy-Authorization: Basic dTE0ODMwMjpuYW43RWFkYQ=='
Thu Sep 28 09:34:08 2006 us=993184 recv_line: TCP port read timeout expired
Failed on latest snapshot,
CLient side logs attached, server side coming.
-W
On 9/28/06, Scott Ullrich <[EMAIL PROTECTED]> wrote:
Try the image from the 27th. Your a day behind me.
On 9/28/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
> Scott,
> The issue remains in the snapshot l
Try the image from the 27th. Your a day behind me.
On 9/28/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
Scott,
The issue remains in the snapshot listed below. For
troubleshooting purposes I will send the server side logs and client
side logs, any other information you would like to see? I
Scott,
The issue remains in the snapshot listed below. For
troubleshooting purposes I will send the server side logs and client
side logs, any other information you would like to see? In addition
the RC2 worked fine for about 12 hours, I disconnected and then tried
to reconnect, I never could
On 9/26/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
Upon rolling back to RC2 everything works as it did before.
I fixed a cache invalidation error earlier.
Please test http://www.pfsense.com/~sullrich/1.0-SNAPSHOT-09-26-06/
Scott
Upon rolling back to RC2 everything works as it did before.
-W
On 9/26/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
Sent.
-W
On 9/26/06, Scott Ullrich <[EMAIL PROTECTED]> wrote:
> On 9/26/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
> > Yup,
> > I did, and changed the listening p
Sent.
-W
On 9/26/06, Scott Ullrich <[EMAIL PROTECTED]> wrote:
On 9/26/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
> Yup,
> I did, and changed the listening port to 443 and 80, same result.
> Keeping in mind this worked flawlessly on rc2 with no fw rules. And I
> am logging the permits
Yes,
Proto is set correctly, I will try the timeout and see if that
helps. The issue, to clarify, is that the client doesn't dissconnect,
it never connects. I will give that a shot.nope same result.
Thanks.
Wade B
On 9/26/06, Rob Terhaar <[EMAIL PROTECTED]> wrote:
On 9/26/06, Capta
On 9/26/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
Good morning all,
I upgraded from rc2 to 1.0-SNAPSHOT-09-21-06 built on Sat Sep 23
00:46:42 UTC 2006. Since that time I have seen sporadic issues
connecting to my openvpn server running on TCP/443 (I tried 80 as
well) stright connect and
On 9/26/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
Yup,
I did, and changed the listening port to 443 and 80, same result.
Keeping in mind this worked flawlessly on rc2 with no fw rules. And I
am logging the permits so I can see the traffic being permitted.
-W
Please email me /var/
Yup,
I did, and changed the listening port to 443 and 80, same result.
Keeping in mind this worked flawlessly on rc2 with no fw rules. And I
am logging the permits so I can see the traffic being permitted.
-W
On 9/26/06, Scott Ullrich <[EMAIL PROTECTED]> wrote:
On 9/26/06, Captain Babla
On 9/26/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
Thanks Scott,
So in looking closer I was actually on the
openvpn-2.0.7-gui-1.0.3 (winXP). I uninstalled and reinstalled this
and atempted to connect with the same results. Next steps;
1. anyone experienced anything like this?
2. How can
Thanks Scott,
So in looking closer I was actually on the
openvpn-2.0.7-gui-1.0.3 (winXP). I uninstalled and reinstalled this
and atempted to connect with the same results. Next steps;
1. anyone experienced anything like this?
2. How can I ncrease the logging on the daemon side?
Client log me
On 9/26/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
Good morning all,
I upgraded from rc2 to 1.0-SNAPSHOT-09-21-06 built on Sat Sep 23
00:46:42 UTC 2006. Since that time I have seen sporadic issues
connecting to my openvpn server running on TCP/443 (I tried 80 as
well) stright connect and
40 matches
Mail list logo