Jump to content
Not connected, Your IP: 18.191.192.113
AirVPN
Sign in to follow this  
Followers 0
447di3894

AirVPN and pfsense

By 447di3894, ... in Troubleshooting and Problems

Recommended Posts

447di3894    0

447di3894
Posted ...

For the life of me, I can't get this working.  I've tried following the lengthy guide for setting up AirVPN on pfsense, but after setting up the client it never seems to get an IP address.  Here's the log entries I see for the OpenVPN client:

 

Nov 21 02:43:34 	openvpn[84236]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov 21 02:43:34 	openvpn[84236]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Nov 21 02:43:34 	openvpn[84236]: UDPv4 link local (bound): [AF_INET]192.168.1.101
Nov 21 02:43:34 	openvpn[84236]: UDPv4 link remote: [AF_INET]46.19.137.114:443
Nov 21 02:44:24 	openvpn[18824]: [UNDEF] Inactivity timeout (--ping-restart), restarting
Nov 21 02:44:24 	openvpn[18824]: TCP/UDP: Closing socket
Nov 21 02:44:24 	openvpn[18824]: SIGUSR1[soft,ping-restart] received, process restarting
Nov 21 02:44:24 	openvpn[18824]: Restart pause, 2 second(s)
Nov 21 02:44:26 	openvpn[18824]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov 21 02:44:26 	openvpn[18824]: Re-using SSL/TLS context
Nov 21 02:44:26 	openvpn[18824]: LZO compression initialized
Nov 21 02:44:26 	openvpn[18824]: Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Nov 21 02:44:26 	openvpn[18824]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Nov 21 02:44:26 	openvpn[18824]: Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Nov 21 02:44:26 	openvpn[18824]: Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Nov 21 02:44:26 	openvpn[18824]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Nov 21 02:44:26 	openvpn[18824]: Local Options hash (VER=V4): '9e7066d2'
Nov 21 02:44:26 	openvpn[18824]: Expected Remote Options hash (VER=V4): '162b04de'
Nov 21 02:44:26 	openvpn[18824]: UDPv4 link local (bound): [AF_INET]192.168.1.101
Nov 21 02:44:26 	openvpn[18824]: UDPv4 link remote: [AF_INET]46.19.137.114:443
Nov 21 02:44:34 	openvpn[84236]: [UNDEF] Inactivity timeout (--ping-restart), restarting
Nov 21 02:44:34 	openvpn[84236]: SIGUSR1[soft,ping-restart] received, process restarting
Nov 21 02:44:34 	openvpn[84236]: Restart pause, 2 second(s)
Nov 21 02:44:36 	openvpn[84236]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov 21 02:44:36 	openvpn[84236]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Nov 21 02:44:36 	openvpn[84236]: UDPv4 link local (bound): [AF_INET]192.168.1.101
Nov 21 02:44:36 	openvpn[84236]: UDPv4 link remote: [AF_INET]46.19.137.114:443
Nov 21 02:45:26 	openvpn[18824]: [UNDEF] Inactivity timeout (--ping-restart), restarting
Nov 21 02:45:26 	openvpn[18824]: TCP/UDP: Closing socket
Nov 21 02:45:26 	openvpn[18824]: SIGUSR1[soft,ping-restart] received, process restarting
Nov 21 02:45:26 	openvpn[18824]: Restart pause, 2 second(s)
Nov 21 02:45:28 	openvpn[18824]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov 21 02:45:28 	openvpn[18824]: Re-using SSL/TLS context
Nov 21 02:45:28 	openvpn[18824]: LZO compression initialized
Nov 21 02:45:28 	openvpn[18824]: Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Nov 21 02:45:28 	openvpn[18824]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Nov 21 02:45:28 	openvpn[18824]: Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Nov 21 02:45:28 	openvpn[18824]: Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Nov 21 02:45:28 	openvpn[18824]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Nov 21 02:45:28 	openvpn[18824]: Local Options hash (VER=V4): '9e7066d2'
Nov 21 02:45:28 	openvpn[18824]: Expected Remote Options hash (VER=V4): '162b04de'
Nov 21 02:45:28 	openvpn[18824]: UDPv4 link local (bound): [AF_INET]192.168.1.101
Nov 21 02:45:28 	openvpn[18824]: UDPv4 link remote: [AF_INET]46.19.137.114:443
Nov 21 02:45:36 	openvpn[84236]: [UNDEF] Inactivity timeout (--ping-restart), restarting
Nov 21 02:45:36 	openvpn[84236]: SIGUSR1[soft,ping-restart] received, process restarting
Nov 21 02:45:36 	openvpn[84236]: Restart pause, 2 second(s)
Nov 21 02:45:38 	openvpn[84236]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov 21 02:45:38 	openvpn[84236]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Nov 21 02:45:38 	openvpn[84236]: UDPv4 link local (bound): [AF_INET]192.168.1.101
Nov 21 02:45:38 	openvpn[84236]: UDPv4 link remote: [AF_INET]46.19.137.114:443

Any ideas?  I don't even know where to begin with debugging this.

Share this post

Link to post

Wolf666    17

Wolf666
Posted ...

I have airvpn working on pfSense 2.2. Post screenshots of client setup I will look into it.

BTW the advanced configurations should be:

 

remote-cert-tls server;comp-lzo no;verb 4;explicit-exit-notify 5;route-nopull;key-direction 1;auth SHA1;keysize 256;key-method 2;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA;

 

 

Sent from my iPad using Tapatalk

- Router/Firewall pfSense 23.01 (11th Gen Intel(R) Core(TM) i5-11320H @ 3.20GHz)

- Switch Cisco SG350-10

- AP Netgear RAX200 (Stock FW)

- NAS Synology DS1621+ (5 x 5TB WD Red)

- ISP: Fiber 1000/300 (PPPoE)

 

Share this post

Link to post

447di3894    0

447di3894
Posted ...

I have airvpn working on pfSense 2.2. Post screenshots of client setup I will look into it.

BTW the advanced configurations should be:

 

remote-cert-tls server;comp-lzo no;verb 4;explicit-exit-notify 5;route-nopull;key-direction 1;auth SHA1;keysize 256;key-method 2;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA;

 

 

Sent from my iPad using Tapatalk

Sorry for the delayed response. Heres screenshots:

 

T4N3UEO.png

 

ax9qmbw.png

 

let me know if you need anything else

Share this post

Link to post

Dr5GF7mKcX    1

Dr5GF7mKcX
Posted ...

I've got a question that others may also be interested in.

 

if you choose 'de.airvpn.org' to connect to, you get a connection to a German server obviously - but how does the client decide which one?

 

Ideally one could use europe.airvpn.org to connect to any European server but know that the server you connect to has the lowest latency from your location and is also the least busy (as regards the number of users).

 

Is the desired functionality above what actually happens? I ask as when I used europe.airvpn.org I would find myself connected to Ukrainian servers despite being physically in Switzerland; it seems unlikely that those boxes will be lower latency than a server in Germany, Switzerland, or France.

Share this post

Link to post

Staff    10014

Staff
Posted ...

Hello!

 

.airvpn.org resolves into all the possible entry-IP addresses of VPN servers on that country, so the choice is random and performed by your OS.

 

For a more accurate selection you can use .vpn.airdns.org (for example "de.vpn.airdns.org") which resolves into one IP address, i.e. the IP address of the VPN server with the best rating in that country.

 

For the most accurate selection according to latency our client Eddie is recommended, or you should look at the real time servers monitor on our web site (click "Status" from the upper menu of our web site).

 

About the rating method please see here (the last part of the post):

https://airvpn.org/topic/12671-upgrades-for-eddie/?do=findComment&comment=21663

 

Kind regards

Share this post

Link to post

Lee47    23

Lee47
Posted ...

Was going to suggest trying the Airs server directly instead of the server host you are currently using, head over to client section>config generator and pick your desired air server once its downloaded you can open the ovpn file via notepad and copy n paste the server should look a bit like this:

remote 198.144.158.11 443

 

Try entering that and see if it connects, the air pfsense guide is working fine for the majority the only time I ever got it wrong was when I did not enter the details correctly or wanted to do something else ie add another network or network device, otherwise a pc with 2 nics or 4 nics should work fine. Sometimes its worth going over the entire guide again just one tick or setting incorrect and it won't work.

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...