Netgate SG-1000 microFirewall

Author Topic: Issues setting up OpenVPN with TigerVPN  (Read 633 times)

0 Members and 1 Guest are viewing this topic.

Offline jbradshw

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Issues setting up OpenVPN with TigerVPN
« on: April 10, 2017, 02:44:47 pm »
Alix 2d3 with pfSense 2.3.2-p1
1 WAN
1 LAN

So I'm trying to incorporate the OpenVPN directly in the pfsense router vs on the client itself. I've followed several config guides, including this one to assist getting it applied to an interface, along with setting up the gateway on the LAN interface.

https://forum.pfsense.org/index.php?topic=76015.0

But after all of that, when I hit any site (like what's my IP sites), it's seeing my real IP, and not the VPN IP. If I do a ping test from the router (Diagnostics/Ping) and choose the VPN interface, it's successful. So I'm not sure what I'm missing here.





The client sent me this to use for the openvpn config:

client
remote nyc.tigervpn.com 1194 udp
remote nyc.tigervpn.com 443 tcp-client

pull
auth-user-pass
comp-lzo adaptive
ca ca.crt
dev tun
tls-client
script-security 2
cipher AES-256-CBC
mute 10

route-delay 5
redirect-gateway def1
resolv-retry infinite
#dhcp-renew
#dhcp-release
persist-key
persist-tun
remote-cert-tls server
mssfix

I've since combined these with the current settings from where I set it up (in GUI) and this is the current client1.conf file (I commented out duplicate stuff and moved it to the bottom):

dev ovpnc1
verb 4
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_client1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-256-CBC
auth SHA1
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 73.82.XX.XX (hiding my IP address)
engine cryptodev
tls-client
client
lport 0
management /var/etc/openvpn/client1.sock unix
remote nyc.tigervpn.com 1194
auth-user-pass /var/etc/openvpn/client1.up
ca /var/etc/openvpn/client1.ca
cert /var/etc/openvpn/client1.cert
key /var/etc/openvpn/client1.key
tls-auth /var/etc/openvpn/client1.tls-auth 1
comp-lzo adaptive
resolv-retry infinite

remote nyc.tigervpn.com 443 tcp-client
auth-user-pass /etc/openvpn-password.txt  <- this was the only way i could get authentication to work, else I got a different error

pull
script-security 2
route-delay 5
redirect-gateway def1
remote-cert-tls server
mssfix


#client
#remote nyc.tigervpn.com 1194 udp
#auth-user-pass
#comp-lzo adaptive
#ca ca.crt
#dev tun
#tls-client
#cipher AES-256-CBC
#mute 10
#resolv-retry infinite
#dhcp-renew
#dhcp-release
#persist-key
#persist-tun


The connection is always in a "Down" state and this is the OpenVPN logs (newest first):

Apr 10 15:26:05   openvpn   74479   TLS Error: cannot locate HMAC in incoming packet from [AF_INET]162.220.220.26:1194
Apr 10 15:26:05   openvpn   74479   TLS: Initial packet from [AF_INET]162.220.220.26:1194, sid=03a84775 77171301
Apr 10 15:26:04   openvpn   74479   MANAGEMENT: Client disconnected
Apr 10 15:26:04   openvpn   74479   MANAGEMENT: CMD 'state 1'
Apr 10 15:26:04   openvpn   74479   MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Apr 10 15:26:01   openvpn   74479   TLS Error: cannot locate HMAC in incoming packet from [AF_INET]162.220.220.26:1194
Apr 10 15:26:01   openvpn   74479   TLS: Initial packet from [AF_INET]162.220.220.26:1194, sid=03a84775 77171301
Apr 10 15:25:59   openvpn   74479   TLS Error: cannot locate HMAC in incoming packet from [AF_INET]162.220.220.26:1194
Apr 10 15:25:59   openvpn   74479   TLS: Initial packet from [AF_INET]162.220.220.26:1194, sid=03a84775 77171301
Apr 10 15:25:59   openvpn   74479   UDPv4 link remote: [AF_INET]162.220.220.26:1194
Apr 10 15:25:59   openvpn   74479   UDPv4 link local (bound): [AF_INET]73.82.XX.XX
Apr 10 15:25:59   openvpn   74479   Expected Remote Options hash (VER=V4): '162b04de'
Apr 10 15:25:59   openvpn   74479   Local Options hash (VER=V4): '9e7066d2'
Apr 10 15:25:59   openvpn   74479   Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Apr 10 15:25:59   openvpn   74479   Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Apr 10 15:25:59   openvpn   74479   Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:143 ET:0 EL:3 AF:3/1 ]
Apr 10 15:25:59   openvpn   74479   Socket Buffers: R=[42080->42080] S=[57344->57344]
Apr 10 15:25:59   openvpn   74479   Control Channel MTU parms [ L:1558 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Apr 10 15:25:59   openvpn   74479   LZO compression initialized
Apr 10 15:25:59   openvpn   74479   Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Apr 10 15:25:59   openvpn   74479   Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Apr 10 15:25:59   openvpn   74479   Control Channel Authentication: using '/var/etc/openvpn/client1.tls-auth' as a OpenVPN static key file
Apr 10 15:25:59   openvpn   74479   Initializing OpenSSL support for engine 'cryptodev'
Apr 10 15:25:59   openvpn   74479   NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Apr 10 15:25:59   openvpn   74479   MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
Apr 10 15:25:59   openvpn   74413   WARNING: file '/etc/openvpn-password.txt' is group or others accessible
Apr 10 15:25:59   openvpn   74413   library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
Apr 10 15:25:59   openvpn   74413   OpenVPN 2.3.11 i386-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on May 16 2016
Apr 10 15:25:59   openvpn   74413   auth_user_pass_file = '/etc/openvpn-password.txt'
Apr 10 15:25:59   openvpn   74413   pull = ENABLED
Apr 10 15:25:59   openvpn   74413   client = ENABLED
Apr 10 15:25:59   openvpn   74413   port_share_port = 0
Apr 10 15:25:59   openvpn   74413   port_share_host = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   auth_user_pass_verify_script_via_file = DISABLED
Apr 10 15:25:59   openvpn   74413   auth_user_pass_verify_script = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   max_routes_per_client = 256
Apr 10 15:25:59   openvpn   74413   max_clients = 1024
Apr 10 15:25:59   openvpn   74413   cf_per = 0
Apr 10 15:25:59   openvpn   74413   cf_max = 0
Apr 10 15:25:59   openvpn   74413   duplicate_cn = DISABLED
Apr 10 15:25:59   openvpn   74413   enable_c2c = DISABLED
Apr 10 15:25:59   openvpn   74413   push_ifconfig_ipv6_remote = ::
Apr 10 15:25:59   openvpn   74413   push_ifconfig_ipv6_local = ::/0
Apr 10 15:25:59   openvpn   74413   push_ifconfig_ipv6_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   push_ifconfig_remote_netmask = 0.0.0.0
Apr 10 15:25:59   openvpn   74413   push_ifconfig_local = 0.0.0.0
Apr 10 15:25:59   openvpn   74413   push_ifconfig_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   tmp_dir = '/tmp'
Apr 10 15:25:59   openvpn   74413   ccd_exclusive = DISABLED
Apr 10 15:25:59   openvpn   74413   client_config_dir = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   client_disconnect_script = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   learn_address_script = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   client_connect_script = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   virtual_hash_size = 256
Apr 10 15:25:59   openvpn   74413   real_hash_size = 256
Apr 10 15:25:59   openvpn   74413   tcp_queue_limit = 64
Apr 10 15:25:59   openvpn   74413   n_bcast_buf = 256
Apr 10 15:25:59   openvpn   74413   ifconfig_ipv6_pool_netbits = 0
Apr 10 15:25:59   openvpn   74413   ifconfig_ipv6_pool_base = ::
Apr 10 15:25:59   openvpn   74413   ifconfig_ipv6_pool_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   ifconfig_pool_persist_refresh_freq = 600
Apr 10 15:25:59   openvpn   74413   ifconfig_pool_persist_filename = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   ifconfig_pool_netmask = 0.0.0.0
Apr 10 15:25:59   openvpn   74413   ifconfig_pool_end = 0.0.0.0
Apr 10 15:25:59   openvpn   74413   ifconfig_pool_start = 0.0.0.0
Apr 10 15:25:59   openvpn   74413   ifconfig_pool_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   server_bridge_pool_end = 0.0.0.0
Apr 10 15:25:59   openvpn   74413   server_bridge_pool_start = 0.0.0.0
Apr 10 15:25:59   openvpn   74413   server_bridge_netmask = 0.0.0.0
Apr 10 15:25:59   openvpn   74413   server_bridge_ip = 0.0.0.0
Apr 10 15:25:59   openvpn   74413   server_netbits_ipv6 = 0
Apr 10 15:25:59   openvpn   74413   server_network_ipv6 = ::
Apr 10 15:25:59   openvpn   74413   server_netmask = 0.0.0.0
Apr 10 15:25:59   openvpn   74413   server_network = 0.0.0.0
Apr 10 15:25:59   openvpn   74413   tls_auth_file = '/var/etc/openvpn/client1.tls-auth'
Apr 10 15:25:59   openvpn   74413   tls_exit = DISABLED
Apr 10 15:25:59   openvpn   74413   push_peer_info = DISABLED
Apr 10 15:25:59   openvpn   74413   single_session = DISABLED
Apr 10 15:25:59   openvpn   74413   transition_window = 3600
Apr 10 15:25:59   openvpn   74413   handshake_window = 60
Apr 10 15:25:59   openvpn   74413   renegotiate_seconds = 3600
Apr 10 15:25:59   openvpn   74413   renegotiate_packets = 0
Apr 10 15:25:59   openvpn   74413   renegotiate_bytes = 0
Apr 10 15:25:59   openvpn   74413   tls_timeout = 2
Apr 10 15:25:59   openvpn   74413   ssl_flags = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_eku = 'TLS Web Server Authentication'
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 0
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 136
Apr 10 15:25:59   openvpn   74413   remote_cert_ku = 160
Apr 10 15:25:59   openvpn   74413   ns_cert_type = 0
Apr 10 15:25:59   openvpn   74413   crl_file = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   verify_x509_name = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   verify_x509_type = 0
Apr 10 15:25:59   openvpn   74413   tls_export_cert = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   tls_verify = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   cipher_list = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   pkcs12_file = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   priv_key_file = '/var/etc/openvpn/client1.key'
Apr 10 15:25:59   openvpn   74413   extra_certs_file = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   cert_file = '/var/etc/openvpn/client1.cert'
Apr 10 15:25:59   openvpn   74413   dh_file = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   ca_path = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   ca_file = '/var/etc/openvpn/client1.ca'
Apr 10 15:25:59   openvpn   74413   key_method = 2
Apr 10 15:25:59   openvpn   74413   tls_client = ENABLED
Apr 10 15:25:59   openvpn   74413   tls_server = DISABLED
Apr 10 15:25:59   openvpn   74413   test_crypto = DISABLED
Apr 10 15:25:59   openvpn   74413   use_iv = ENABLED
Apr 10 15:25:59   openvpn   74413   packet_id_file = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   replay_time = 15
Apr 10 15:25:59   openvpn   74413   replay_window = 64
Apr 10 15:25:59   openvpn   74413   mute_replay_warnings = DISABLED
Apr 10 15:25:59   openvpn   74413   replay = ENABLED
Apr 10 15:25:59   openvpn   74413   engine = ENABLED
Apr 10 15:25:59   openvpn   74413   keysize = 0
Apr 10 15:25:59   openvpn   74413   prng_nonce_secret_len = 16
Apr 10 15:25:59   openvpn   74413   prng_hash = 'SHA1'
Apr 10 15:25:59   openvpn   74413   authname = 'SHA1'
Apr 10 15:25:59   openvpn   74413   authname_defined = ENABLED
Apr 10 15:25:59   openvpn   74413   ciphername = 'AES-256-CBC'
Apr 10 15:25:59   openvpn   74413   ciphername_defined = ENABLED
Apr 10 15:25:59   openvpn   74413   key_direction = 2
Apr 10 15:25:59   openvpn   74413   shared_secret_file = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   management_flags = 256
Apr 10 15:25:59   openvpn   74413   management_client_group = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   management_client_user = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   management_write_peer_info_file = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   management_echo_buffer_size = 100
Apr 10 15:25:59   openvpn   74413   management_log_history_cache = 250
Apr 10 15:25:59   openvpn   74413   management_user_pass = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   management_port = 0
Apr 10 15:25:59   openvpn   74413   management_addr = '/var/etc/openvpn/client1.sock'
Apr 10 15:25:59   openvpn   74413   [redirect_default_gateway local=0]
Apr 10 15:25:59   openvpn   74413   allow_pull_fqdn = DISABLED
Apr 10 15:25:59   openvpn   74413   max_routes = 100
Apr 10 15:25:59   openvpn   74413   route_gateway_via_dhcp = DISABLED
Apr 10 15:25:59   openvpn   74413   route_nopull = DISABLED
Apr 10 15:25:59   openvpn   74413   route_delay_defined = ENABLED
Apr 10 15:25:59   openvpn   74413   route_delay_window = 30
Apr 10 15:25:59   openvpn   74413   route_delay = 5
Apr 10 15:25:59   openvpn   74413   route_noexec = DISABLED
Apr 10 15:25:59   openvpn   74413   route_default_metric = 0
Apr 10 15:25:59   openvpn   74413   route_default_gateway = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   route_script = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   lzo = 7
Apr 10 15:25:59   openvpn   74413   fast_io = DISABLED
Apr 10 15:25:59   openvpn   74413   sockflags = 0
Apr 10 15:25:59   openvpn   74413   sndbuf = 0
Apr 10 15:25:59   openvpn   74413   rcvbuf = 0
Apr 10 15:25:59   openvpn   74413   occ = ENABLED
Apr 10 15:25:59   openvpn   74413   status_file_update_freq = 60
Apr 10 15:25:59   openvpn   74413   status_file_version = 1
Apr 10 15:25:59   openvpn   74413   status_file = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   gremlin = 0
Apr 10 15:25:59   openvpn   74413   mute = 0
Apr 10 15:25:59   openvpn   74413   verbosity = 4
Apr 10 15:25:59   openvpn   74413   nice = 0
Apr 10 15:25:59   openvpn   74413   suppress_timestamps = DISABLED
Apr 10 15:25:59   openvpn   74413   log = DISABLED
Apr 10 15:25:59   openvpn   74413   inetd = 0
Apr 10 15:25:59   openvpn   74413   daemon = ENABLED
Apr 10 15:25:59   openvpn   74413   up_delay = DISABLED
Apr 10 15:25:59   openvpn   74413   up_restart = DISABLED
Apr 10 15:25:59   openvpn   74413   down_pre = DISABLED
Apr 10 15:25:59   openvpn   74413   down_script = '/usr/local/sbin/ovpn-linkdown'
Apr 10 15:25:59   openvpn   74413   up_script = '/usr/local/sbin/ovpn-linkup'
Apr 10 15:25:59   openvpn   74413   writepid = '/var/run/openvpn_client1.pid'
Apr 10 15:25:59   openvpn   74413   cd_dir = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   chroot_dir = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   groupname = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   username = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   resolve_retry_seconds = 1000000000
Apr 10 15:25:59   openvpn   74413   passtos = DISABLED
Apr 10 15:25:59   openvpn   74413   persist_key = ENABLED
Apr 10 15:25:59   openvpn   74413   persist_remote_ip = DISABLED
Apr 10 15:25:59   openvpn   74413   persist_local_ip = DISABLED
Apr 10 15:25:59   openvpn   74413   persist_tun = ENABLED
Apr 10 15:25:59   openvpn   74413   remap_sigusr1 = 0
Apr 10 15:25:59   openvpn   74413   ping_timer_remote = ENABLED
Apr 10 15:25:59   openvpn   74413   ping_rec_timeout_action = 2
Apr 10 15:25:59   openvpn   74413   ping_rec_timeout = 60
Apr 10 15:25:59   openvpn   74413   ping_send_timeout = 10
Apr 10 15:25:59   openvpn   74413   inactivity_timeout = 0
Apr 10 15:25:59   openvpn   74413   keepalive_timeout = 60
Apr 10 15:25:59   openvpn   74413   keepalive_ping = 10
Apr 10 15:25:59   openvpn   74413   mlock = DISABLED
Apr 10 15:25:59   openvpn   74413   mtu_test = 0
Apr 10 15:25:59   openvpn   74413   shaper = 0
Apr 10 15:25:59   openvpn   74413   ifconfig_ipv6_remote = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   ifconfig_ipv6_netbits = 0
Apr 10 15:25:59   openvpn   74413   ifconfig_ipv6_local = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   ifconfig_nowarn = DISABLED
Apr 10 15:25:59   openvpn   74413   ifconfig_noexec = DISABLED
Apr 10 15:25:59   openvpn   74413   ifconfig_remote_netmask = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   ifconfig_local = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   tun_ipv6 = DISABLED
Apr 10 15:25:59   openvpn   74413   topology = 1
Apr 10 15:25:59   openvpn   74413   lladdr = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   dev_node = '/dev/tun1'
Apr 10 15:25:59   openvpn   74413   dev_type = 'tun'
Apr 10 15:25:59   openvpn   74413   dev = 'ovpnc1'
Apr 10 15:25:59   openvpn   74413   ipchange = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   remote_random = DISABLED
Apr 10 15:25:59   openvpn   74413   Connection profiles END
Apr 10 15:25:59   openvpn   74413   explicit_exit_notification = 0
Apr 10 15:25:59   openvpn   74413   mssfix = 1450
Apr 10 15:25:59   openvpn   74413   fragment = 0
Apr 10 15:25:59   openvpn   74413   mtu_discover_type = -1
Apr 10 15:25:59   openvpn   74413   tun_mtu_extra_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   tun_mtu_extra = 0
Apr 10 15:25:59   openvpn   74413   link_mtu_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   link_mtu = 1500
Apr 10 15:25:59   openvpn   74413   tun_mtu_defined = ENABLED
Apr 10 15:25:59   openvpn   74413   tun_mtu = 1500
Apr 10 15:25:59   openvpn   74413   socks_proxy_retry = DISABLED
Apr 10 15:25:59   openvpn   74413   socks_proxy_port = 0
Apr 10 15:25:59   openvpn   74413   socks_proxy_server = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   connect_retry_max = 0
Apr 10 15:25:59   openvpn   74413   connect_timeout = 10
Apr 10 15:25:59   openvpn   74413   connect_retry_seconds = 5
Apr 10 15:25:59   openvpn   74413   bind_local = ENABLED
Apr 10 15:25:59   openvpn   74413   bind_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   remote_float = DISABLED
Apr 10 15:25:59   openvpn   74413   remote_port = 443
Apr 10 15:25:59   openvpn   74413   remote = 'nyc.tigervpn.com'
Apr 10 15:25:59   openvpn   74413   local_port = 0
Apr 10 15:25:59   openvpn   74413   local = '73.82.XX.XX'
Apr 10 15:25:59   openvpn   74413   proto = tcp-client
Apr 10 15:25:59   openvpn   74413   Connection profiles [1]:
Apr 10 15:25:59   openvpn   74413   explicit_exit_notification = 0
Apr 10 15:25:59   openvpn   74413   mssfix = 1450
Apr 10 15:25:59   openvpn   74413   fragment = 0
Apr 10 15:25:59   openvpn   74413   mtu_discover_type = -1
Apr 10 15:25:59   openvpn   74413   tun_mtu_extra_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   tun_mtu_extra = 0
Apr 10 15:25:59   openvpn   74413   link_mtu_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   link_mtu = 1500
Apr 10 15:25:59   openvpn   74413   tun_mtu_defined = ENABLED
Apr 10 15:25:59   openvpn   74413   tun_mtu = 1500
Apr 10 15:25:59   openvpn   74413   socks_proxy_retry = DISABLED
Apr 10 15:25:59   openvpn   74413   socks_proxy_port = 0
Apr 10 15:25:59   openvpn   74413   socks_proxy_server = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   connect_retry_max = 0
Apr 10 15:25:59   openvpn   74413   connect_timeout = 10
Apr 10 15:25:59   openvpn   74413   connect_retry_seconds = 5
Apr 10 15:25:59   openvpn   74413   bind_local = ENABLED
Apr 10 15:25:59   openvpn   74413   bind_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   remote_float = DISABLED
Apr 10 15:25:59   openvpn   74413   remote_port = 1194
Apr 10 15:25:59   openvpn   74413   remote = 'nyc.tigervpn.com'
Apr 10 15:25:59   openvpn   74413   local_port = 0
Apr 10 15:25:59   openvpn   74413   local = '73.82.XX.XX'
Apr 10 15:25:59   openvpn   74413   proto = udp
Apr 10 15:25:59   openvpn   74413   Connection profiles
  • :

Apr 10 15:25:59   openvpn   74413   explicit_exit_notification = 0
Apr 10 15:25:59   openvpn   74413   mssfix = 1450
Apr 10 15:25:59   openvpn   74413   fragment = 0
Apr 10 15:25:59   openvpn   74413   mtu_discover_type = -1
Apr 10 15:25:59   openvpn   74413   tun_mtu_extra_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   tun_mtu_extra = 0
Apr 10 15:25:59   openvpn   74413   link_mtu_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   link_mtu = 1500
Apr 10 15:25:59   openvpn   74413   tun_mtu_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   tun_mtu = 1500
Apr 10 15:25:59   openvpn   74413   socks_proxy_retry = DISABLED
Apr 10 15:25:59   openvpn   74413   socks_proxy_port = 0
Apr 10 15:25:59   openvpn   74413   socks_proxy_server = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   connect_retry_max = 0
Apr 10 15:25:59   openvpn   74413   connect_timeout = 10
Apr 10 15:25:59   openvpn   74413   connect_retry_seconds = 5
Apr 10 15:25:59   openvpn   74413   bind_local = ENABLED
Apr 10 15:25:59   openvpn   74413   bind_defined = DISABLED
Apr 10 15:25:59   openvpn   74413   remote_float = DISABLED
Apr 10 15:25:59   openvpn   74413   remote_port = 1194
Apr 10 15:25:59   openvpn   74413   remote = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   local_port = 0
Apr 10 15:25:59   openvpn   74413   local = '73.82.XX.XX'
Apr 10 15:25:59   openvpn   74413   proto = udp
Apr 10 15:25:59   openvpn   74413   Connection profiles [default]:
Apr 10 15:25:59   openvpn   74413   show_tls_ciphers = DISABLED
Apr 10 15:25:59   openvpn   74413   key_pass_file = '[UNDEF]'
Apr 10 15:25:59   openvpn   74413   genkey = DISABLED
Apr 10 15:25:59   openvpn   74413   show_engines = DISABLED
Apr 10 15:25:59   openvpn   74413   show_digests = DISABLED
Apr 10 15:25:59   openvpn   74413   show_ciphers = DISABLED
Apr 10 15:25:59   openvpn   74413   mode = 0
Apr 10 15:25:59   openvpn   74413   config = '/var/etc/openvpn/client1.conf'
Apr 10 15:25:59   openvpn   74413   Current Parameter Settings:

Offline jelter

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: Issues setting up OpenVPN with TigerVPN
« Reply #1 on: October 09, 2017, 07:36:24 pm »
Just wondering if you ever got this working.  I have been struggling and have tried much of the same.

Offline jbradshw

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: Issues setting up OpenVPN with TigerVPN
« Reply #2 on: January 12, 2018, 03:02:04 pm »
Just wondering if you ever got this working.  I have been struggling and have tried much of the same.

I actually did get this working, as far as the VPN interface getting an IP address (if you need these settings, PM me), but I can not route anything through it to the outside.

My goal is to define specific LAN traffic to go out the interface.

Current setup:

WAN (Comcast): 73.82.XX.XX

LAN: 10.0.0.0/24

VPN IP: 100.97.0.40   Remote IP: 162.250.2.18
Note the VPN IP changes very often, maybe once every 5 mins. Probably normal but I figured I would mention.

I've looked over several guides on how to set up routing (created manual NAT rules, etc), but when I tell it to route all LAN traffic through the VPN interface, nothing goes out.

When I do ping tests from withing pfSense (Diagnostics/Ping):

WAN->VPN IP success
LAN->VPN IP success
VPN->WAN IP success
VPN->LAN gateway success

VPN->any internet IP fails
VPN->Remote IP fails

(Should the above two lines work?)


Rules:

Tiger_VPN
Protocol: IPv4
Source: *
Port: *
Destination: *
Port: *
Gateway: *


OpenVPN:
Same as above except:
Source: LAN net
Gateway: TIGER_VPN_VPNV4


WAN/LAN rules: Currently nothing involving VPN

Pending rule added to top of the list (which doesn't work - no net traffic goes out the VPN interface):

LAN
Protocol: IPv4 TCP
Source: *
Port: *
Destination: *
Port: *
Gateway: TIGER_VPN_VPNV4

It seems a lot of people are getting stuck at this point where nothing routes through the VPN interface to the internet. Just seeing if I'm missing any rules here.