OK, so I'm trying to setup a tunnel between two PfSense boxes using OpenVPN because IPSec, well, I just won't go there. Anyhow so I used the guide on http://doc.pfsense.org/index.php/VPN_Capability_OpenVPN#Certificates_on_pfSense
and instead of setting up a xp machine to connect to the server I used the client option on the client PfSense box to connect to the server. I put the ca.crt, server.crt, server.key and DH key where it's supposed to be on the server and put the ca.crt, client.crt and client.key on the client box but it's erroring out and I'm hoping I can get some help here.
Here is the errors....
openvpn: 64.xxx.xxx.xxx:13058 TLS Error: TLS handshake failed
Oct 28 22:49:12 openvpn: 64.xxx.xxx.xxx:13058 TLS Error: TLS object -> incoming plaintext read error
Oct 28 22:49:12 openvpn: 64.xxx.xxx.xxx9:13058 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
Oct 28 22:49:10 openvpn: SIGUSR1[soft,ping-restart] received, process restarting
Oct 28 22:49:10 openvpn: [server] Inactivity timeout (--ping-restart), restarting
Oct 28 22:48:09 openvpn: UDPv4 link remote: 204.xxx.xxx.xxx:1194
Oct 28 22:48:09 openvpn: UDPv4 link local: [undef]
Oct 28 22:48:09 openvpn: LZO compression initialized
Oct 28 22:48:09 openvpn: WARNING: file '/var/etc/openvpn_client1.key' is group or others accessible
Oct 28 22:48:09 openvpn: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm
for more info.
Oct 28 22:48:09 openvpn: WARNING: using --pull/--client and --ifconfig together is probably not what you want
Oct 28 22:48:09 openvpn: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Oct 28 22:48:09 openvpn: OpenVPN 2.0.6 i386-portbld-freebsd7.2 [SSL] [LZO] built on Sep 18 2009
Configuration is as such:
Address pool 192.168.5.0/24
Local Network 192.168.0.0/24
Client-to-client VPN (Ticked)
Cryptography BY-CBC (128-bit)
Authentication method PKI (Public Key Infrastructure)
DHCP-Opt.: Disable NetBIOS (Ticked)
LZO compression (Ticked)
Server IP is 192.168.0.0
OpenVPN DHCP is 192.168.5.0
Client IP is 10.0.0.0
Help? What am I doing wrong here?