clevoir 3 Posted ... Hi I am new to pfSense and am having some probelms in setting up an Open VPN connection to Air VPNI have followed the guide here https://airvpn.org/topic/11245-how-to-set-up-pfsense-21-for-airvpn/?hl=pfsense for a 2 NIC set up and can't get an internet connection.On checking the OpenVPN log I get:-Dec 6 12:20:15 openvpn[19851]: auth_user_pass_file = '[uNDEF]'Dec 6 12:20:15 openvpn[19851]: OpenVPN 2.3.3 i386-portbld-freebsd8.3 [sSL (OpenSSL)] [LZO] [MH] [iPv6] built on Aug 15 2014Dec 6 12:20:15 openvpn[19851]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sockDec 6 12:20:15 openvpn[19851]: NOTE: the current --script-security setting may allow this configuration to call user-defined scriptsDec 6 12:20:15 openvpn[19851]: Control Channel Authentication: using '/var/etc/openvpn/client1.tls-auth' as a OpenVPN static key fileDec 6 12:20:15 openvpn[19851]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authenticationDec 6 12:20:15 openvpn[19851]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authenticationDec 6 12:20:15 openvpn[19851]: LZO compression initializedDec 6 12:20:15 openvpn[19851]: Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]Dec 6 12:20:15 openvpn[19851]: Socket Buffers: R=[42080->65536] S=[57344->65536]Dec 6 12:20:15 openvpn[19851]: Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]Dec 6 12:20:15 openvpn[19851]: Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'Dec 6 12:20:15 openvpn[19851]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'Dec 6 12:20:15 openvpn[19851]: Local Options hash (VER=V4): '9e7066d2'Dec 6 12:20:15 openvpn[19851]: Expected Remote Options hash (VER=V4): '162b04de'Dec 6 12:20:15 openvpn[20471]: UDPv4 link local (bound): [AF_INET]192.168.1.250Dec 6 12:20:15 openvpn[20471]: UDPv4 link remote: [AF_INET]95.211.186.93:443Dec 6 12:20:15 openvpn[20471]: TLS: Initial packet from [AF_INET]95.211.186.93:443, sid=b5eb191f 1533b96fDec 6 12:20:15 openvpn[20471]: VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.orgDec 6 12:20:15 openvpn[20471]: Validating certificate key usageDec 6 12:20:15 openvpn[20471]: ++ Certificate has key usage 00a0, expects 00a0Dec 6 12:20:15 openvpn[20471]: VERIFY KU OKDec 6 12:20:15 openvpn[20471]: Validating certificate extended key usageDec 6 12:20:15 openvpn[20471]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server AuthenticationDec 6 12:20:15 openvpn[20471]: VERIFY EKU OKDec 6 12:20:15 openvpn[20471]: VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.orgDec 6 12:20:21 openvpn[20471]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyDec 6 12:20:21 openvpn[20471]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationDec 6 12:20:21 openvpn[20471]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyDec 6 12:20:21 openvpn[20471]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationDec 6 12:20:21 openvpn[20471]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSADec 6 12:20:21 openvpn[20471]: [server] Peer Connection Initiated with [AF_INET]95.211.186.93:443Dec 6 12:20:24 openvpn[20471]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)Dec 6 12:20:24 openvpn[20471]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.51.250 10.4.51.249'Dec 6 12:20:24 openvpn[20471]: Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS])Dec 6 12:20:24 openvpn[20471]: Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])Dec 6 12:20:24 openvpn[20471]: Options error: option 'route' cannot be used in this context ([PUSH-OPTIONS])Dec 6 12:20:24 openvpn[20471]: OPTIONS IMPORT: timers and/or timeouts modifiedDec 6 12:20:24 openvpn[20471]: OPTIONS IMPORT: LZO parms modifiedDec 6 12:20:24 openvpn[20471]: OPTIONS IMPORT: --ifconfig/up options modifiedDec 6 12:20:24 openvpn[20471]: TUN/TAP device ovpnc1 exists previously, keep at program endDec 6 12:20:24 openvpn[20471]: TUN/TAP device /dev/tun1 openedDec 6 12:20:24 openvpn[20471]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0Dec 6 12:20:24 openvpn[20471]: /sbin/ifconfig ovpnc1 10.4.51.250 10.4.51.249 mtu 1500 netmask 255.255.255.255 upDec 6 12:20:24 openvpn[20471]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1558 10.4.51.250 10.4.51.249 initDec 6 12:20:24 openvpn[20471]: Initialization Sequence CompletedDec 6 12:20:32 openvpn[20471]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sockDec 6 12:20:32 openvpn[20471]: MANAGEMENT: CMD 'state 1'Dec 6 12:20:32 openvpn[20471]: MANAGEMENT: CMD 'status 2'Dec 6 12:20:32 openvpn[20471]: MANAGEMENT: Client disconnectedThe OpenVPN interface is green and shown the correct IP address, and under "Status" to AirVPN Gateway is also shown in green, however I can not get an internet connection. I notice the entry Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS]) and assume that there is a gateway problem. Under the firewall rules created under the guide, if a select the WAN gateway instead I do get an internet connection.After some detective work I deleted the route-nopull item from the advanced confifuration in setting up the OpenVPN client, and on restarting the OpenVPN service now get the following in the log:-Dec 6 12:33:34 openvpn[33997]: pull = ENABLEDDec 6 12:33:34 openvpn[33997]: auth_user_pass_file = '[uNDEF]'Dec 6 12:33:34 openvpn[33997]: OpenVPN 2.3.3 i386-portbld-freebsd8.3 [sSL (OpenSSL)] [LZO] [MH] [iPv6] built on Aug 15 2014Dec 6 12:33:34 openvpn[33997]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sockDec 6 12:33:34 openvpn[33997]: NOTE: the current --script-security setting may allow this configuration to call user-defined scriptsDec 6 12:33:34 openvpn[33997]: Control Channel Authentication: using '/var/etc/openvpn/client1.tls-auth' as a OpenVPN static key fileDec 6 12:33:34 openvpn[33997]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authenticationDec 6 12:33:34 openvpn[33997]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authenticationDec 6 12:33:34 openvpn[33997]: LZO compression initializedDec 6 12:33:34 openvpn[33997]: Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]Dec 6 12:33:34 openvpn[33997]: Socket Buffers: R=[42080->65536] S=[57344->65536]Dec 6 12:33:34 openvpn[33997]: Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]Dec 6 12:33:34 openvpn[33997]: Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'Dec 6 12:33:34 openvpn[33997]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'Dec 6 12:33:34 openvpn[33997]: Local Options hash (VER=V4): '9e7066d2'Dec 6 12:33:34 openvpn[33997]: Expected Remote Options hash (VER=V4): '162b04de'Dec 6 12:33:34 openvpn[34020]: UDPv4 link local (bound): [AF_INET]192.168.1.250Dec 6 12:33:34 openvpn[34020]: UDPv4 link remote: [AF_INET]95.211.186.93:443Dec 6 12:33:34 openvpn[34020]: TLS: Initial packet from [AF_INET]95.211.186.93:443, sid=84cd97ee 9a52d3deDec 6 12:33:34 openvpn[34020]: VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.orgDec 6 12:33:34 openvpn[34020]: Validating certificate key usageDec 6 12:33:34 openvpn[34020]: ++ Certificate has key usage 00a0, expects 00a0Dec 6 12:33:34 openvpn[34020]: VERIFY KU OKDec 6 12:33:34 openvpn[34020]: Validating certificate extended key usageDec 6 12:33:34 openvpn[34020]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server AuthenticationDec 6 12:33:34 openvpn[34020]: VERIFY EKU OKDec 6 12:33:34 openvpn[34020]: VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.orgDec 6 12:33:39 openvpn[34020]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyDec 6 12:33:39 openvpn[34020]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationDec 6 12:33:39 openvpn[34020]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyDec 6 12:33:39 openvpn[34020]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationDec 6 12:33:39 openvpn[34020]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSADec 6 12:33:39 openvpn[34020]: [server] Peer Connection Initiated with [AF_INET]95.211.186.93:443Dec 6 12:33:41 openvpn[34020]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)Dec 6 12:33:41 openvpn[34020]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.51.250 10.4.51.249'Dec 6 12:33:41 openvpn[34020]: OPTIONS IMPORT: timers and/or timeouts modifiedDec 6 12:33:41 openvpn[34020]: OPTIONS IMPORT: LZO parms modifiedDec 6 12:33:41 openvpn[34020]: OPTIONS IMPORT: --ifconfig/up options modifiedDec 6 12:33:41 openvpn[34020]: OPTIONS IMPORT: route options modifiedDec 6 12:33:41 openvpn[34020]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modifiedDec 6 12:33:41 openvpn[34020]: Could not retrieve default gateway from route socket:: No such process (errno=3)Dec 6 12:33:41 openvpn[34020]: ROUTE: default_gateway=UNDEFDec 6 12:33:41 openvpn[34020]: TUN/TAP device ovpnc1 exists previously, keep at program endDec 6 12:33:41 openvpn[34020]: TUN/TAP device /dev/tun1 openedDec 6 12:33:41 openvpn[34020]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0Dec 6 12:33:41 openvpn[34020]: /sbin/ifconfig ovpnc1 10.4.51.250 10.4.51.249 mtu 1500 netmask 255.255.255.255 upDec 6 12:33:41 openvpn[34020]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1558 10.4.51.250 10.4.51.249 initDec 6 12:33:41 openvpn[34020]: NOTE: unable to redirect default gateway -- Cannot read current default gateway from systemDec 6 12:33:41 openvpn[34020]: /sbin/route add -net 10.4.0.1 10.4.51.249 255.255.255.255Dec 6 12:33:41 openvpn[34020]: Initialization Sequence CompletedI am still unable to get an internet connection, and notice the heading : Could not retrieve default gateway from route socket:: No such process (errno=3)I would be very grateful of some assistance as I am new I am lost doing anything which is not on a guide Quote Share this post Link to post
clevoir 3 Posted ... I have now tried another method of setup and still can't have an internet connection See the bottom of this page https://forum.pfsense.org/index.php?topic=29944.135 Any help would be very welcolme Quote Share this post Link to post
zhang888 1066 Posted ... Did you add the additional commands in the advanced config section? Please send a screenshot of your OpenVPN configuration page Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
clevoir 3 Posted ... Thanks I am using the following in the advanced configuration, the items in bold are taken from the OpenVPN config downloaded from AirVPN, the items underlined are taken from the guide in the first link remote-cert-tls server;verb 3;explicit-exit-notify 5;key-direction 1;auth SHA1;keysize 256;key-method 2;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA;persist-tun; persist-key, persist-tun In the second link I have been advised to take out persist-tun but don't know why When I first set up the pfSense box I was using the same subnet for WAN and LAN, this has now been corrected and are now on seperate subnets I haven't had a chance to try AirVPN again on pfSense, but could this be the reason why I am having problems? Quote Share this post Link to post
Wolf666 17 Posted ... I have airvpn working in pfSense 2.2, just followed the guide by pfSensefan. It seems you have some outbound nat problem or firewall wrong rule. I would stay with route-nopull option and manage routing policy.Please post firewall rules and outbound nat rules. Sent from my iPad using Tapatalk Quote Hide Wolf666's signature Hide all signatures - Router/Firewall pfSense 23.01 (11th Gen Intel(R) Core(TM) i5-11320H @ 3.20GHz) - Switch Cisco SG350-10 - AP Netgear RAX200 (Stock FW) - NAS Synology DS1621+ (5 x 5TB WD Red) - ISP: Fiber 1000/300 (PPPoE) Share this post Link to post
clevoir 3 Posted ... I noticed that AirVPN blocks connections using UDP ports where a proxy is being used, as I am using Snort, Squid and HTTP Anti Virus proxy, I thought that this must be the reason whyI can't connect. I tried this morning using TCP 443 and 80 and still have the same problem, below is the OpenVPN log Dec 14 10:11:50 openvpn[11670]: ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)Dec 14 10:11:50 openvpn[11670]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0Dec 14 10:11:50 openvpn[11670]: /sbin/ifconfig ovpnc1 10.5.14.90 10.5.14.89 mtu 1500 netmask 255.255.255.255 upDec 14 10:11:50 openvpn[11670]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1559 10.5.14.90 10.5.14.89 initDec 14 10:11:50 openvpn[11670]: /sbin/route add -net 37.48.81.11 192.168.2.1 255.255.255.255Dec 14 10:11:50 openvpn[11670]: /sbin/route add -net 0.0.0.0 10.5.14.89 128.0.0.0Dec 14 10:11:50 openvpn[11670]: /sbin/route add -net 128.0.0.0 10.5.14.89 128.0.0.0Dec 14 10:11:50 openvpn[11670]: /sbin/route add -net 10.5.0.1 10.5.14.89 255.255.255.255Dec 14 10:11:50 openvpn[11670]: Initialization Sequence CompletedDec 14 10:13:52 openvpn[11670]: Connection reset, restarting [0]Dec 14 10:13:52 openvpn[11670]: SIGUSR1[soft,connection-reset] received, process restartingDec 14 10:13:52 openvpn[11670]: Restart pause, 5 second(s)Dec 14 10:13:57 openvpn[11670]: NOTE: the current --script-security setting may allow this configuration to call user-defined scriptsDec 14 10:13:57 openvpn[11670]: Socket Buffers: R=[65228->65536] S=[65228->65536]Dec 14 10:13:57 openvpn[11670]: Attempting to establish TCP connection with [AF_INET]37.48.81.11:443 [nonblock]Dec 14 10:13:58 openvpn[11670]: TCP connection established with [AF_INET]37.48.81.11:443Dec 14 10:13:58 openvpn[11670]: TCPv4_CLIENT link local (bound): [AF_INET]192.168.2.200Dec 14 10:13:58 openvpn[11670]: TCPv4_CLIENT link remote: [AF_INET]37.48.81.11:443Dec 14 10:13:58 openvpn[11670]: TLS: Initial packet from [AF_INET]37.48.81.11:443, sid=7f752825 a08fa24fDec 14 10:13:58 openvpn[11670]: VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.orgDec 14 10:13:58 openvpn[11670]: Validating certificate key usageDec 14 10:13:58 openvpn[11670]: ++ Certificate has key usage 00a0, expects 00a0Dec 14 10:13:58 openvpn[11670]: VERIFY KU OKDec 14 10:13:58 openvpn[11670]: Validating certificate extended key usageDec 14 10:13:58 openvpn[11670]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server AuthenticationDec 14 10:13:58 openvpn[11670]: VERIFY EKU OKDec 14 10:13:58 openvpn[11670]: VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.orgDec 14 10:14:02 openvpn[11670]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyDec 14 10:14:02 openvpn[11670]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationDec 14 10:14:02 openvpn[11670]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyDec 14 10:14:02 openvpn[11670]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationDec 14 10:14:02 openvpn[11670]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSADec 14 10:14:02 openvpn[11670]: [server] Peer Connection Initiated with [AF_INET]37.48.81.11:443Dec 14 10:14:04 openvpn[11670]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)Dec 14 10:14:04 openvpn[11670]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.5.0.1,comp-lzo no,route 10.5.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.5.14.90 10.5.14.89'Dec 14 10:14:04 openvpn[11670]: OPTIONS IMPORT: timers and/or timeouts modifiedDec 14 10:14:04 openvpn[11670]: OPTIONS IMPORT: LZO parms modifiedDec 14 10:14:04 openvpn[11670]: OPTIONS IMPORT: --ifconfig/up options modifiedDec 14 10:14:04 openvpn[11670]: OPTIONS IMPORT: route options modifiedDec 14 10:14:04 openvpn[11670]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modifiedDec 14 10:14:04 openvpn[11670]: Preserving previous TUN/TAP instance: ovpnc1Dec 14 10:14:04 openvpn[11670]: Initialization Sequence CompletedDec 14 10:16:19 openvpn[11670]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sockDec 14 10:16:19 openvpn[11670]: MANAGEMENT: CMD 'state 1'Dec 14 10:16:19 openvpn[11670]: MANAGEMENT: CMD 'status 2'Dec 14 10:16:19 openvpn[11670]: MANAGEMENT: Client disconnectedDec 14 10:26:19 openvpn[11670]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sockDec 14 10:26:19 openvpn[11670]: MANAGEMENT: CMD 'state 1'Dec 14 10:26:19 openvpn[11670]: MANAGEMENT: CMD 'status 2'Dec 14 10:26:19 openvpn[11670]: MANAGEMENT: Client disconnected Adanced Configurations in OpenVPN client are remote-cert-tls server;verb 3;key-direction 1;auth SHA1;keysize 256;key-method 2;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA;persist-tun; persist-key Firewire NAT Outgoing rules have been set to Manual Outbound NAT rule generations, but no addtional rules have been set up. LAN Firewire rules are set as:- Action=PassInterface=LANTCP/IP Version=IP4vProticol=anySource=LAN netDestrination=anyGateway = AirVPN gateway (Dynamic)Note that I have edited the Default allow LAN to any rule settings to the above Dashboard Settings show an AirVPN connection 10.5.14.90 in green AirVPN Gateway settings show gateway 10.5.14.89 Monitor 10.4.0.1. in green Quote Share this post Link to post
Wolf666 17 Posted ... Firewall is ok, Outgoing Nat seems to be the problem.You should put: AIRVPN_WAN 192.168.2.0/24 * * * AIRVPN_WAN address * NO where AIRVPN_WAN is the iterface, 192.168.2.0/24 is what you want to route (in my config I have an entire subnet) and so on. According to your info AirVPN is on and working, it is just a matter of allowing outbound. Sent from my iPad using Tapatalk Quote Hide Wolf666's signature Hide all signatures - Router/Firewall pfSense 23.01 (11th Gen Intel(R) Core(TM) i5-11320H @ 3.20GHz) - Switch Cisco SG350-10 - AP Netgear RAX200 (Stock FW) - NAS Synology DS1621+ (5 x 5TB WD Red) - ISP: Fiber 1000/300 (PPPoE) Share this post Link to post
clevoir 3 Posted ... Thanks I seem to have resolved matters and got it working using TCP In the first instance I did use the guide, but I was getting no connection, thought that there may be an erorr somewhere It was not until I studied the AirVPN website in detail did I find that they do not allow UDP connections if a proxy is present Quote Share this post Link to post
Staff 10018 Posted ... Thanks I seem to have resolved matters and got it working using TCP In the first instance I did use the guide, but I was getting no connection, thought that there may be an erorr somewhere It was not until I studied the AirVPN website in detail did I find that they do not allow UDP connections if a proxy is present Hello! We do not block anything! It's only that any socks and http proxy work in TCP, they do not and can not support UDP. Kind regards Quote Share this post Link to post
clevoir 3 Posted ... So to clarify, can I use UDP 443 direct using pfSense running Snort, Squid and HAVP anitivirus? I was having connectivity issues, and understand that you do not allow the use of proxies on UDP 443 based on the information of the OpenVPN config generator page? Thought that as Squid is a proxy server and HAVP antinvirus uses a HTTP proxy, that was the reason that I could connect, and as such I moved to TCP Quote Share this post Link to post
Wolf666 17 Posted ... I use only Snort, I am connected using UDP 443. Quote Hide Wolf666's signature Hide all signatures - Router/Firewall pfSense 23.01 (11th Gen Intel(R) Core(TM) i5-11320H @ 3.20GHz) - Switch Cisco SG350-10 - AP Netgear RAX200 (Stock FW) - NAS Synology DS1621+ (5 x 5TB WD Red) - ISP: Fiber 1000/300 (PPPoE) Share this post Link to post