Jump to content
Not connected, Your IP: 52.14.204.52
clevoir

Setting up OpenVPN on pfSense

Recommended Posts

Hi I am new to pfSense and am having some probelms in setting up an Open VPN connection to Air VPN

I have followed the guide here https://airvpn.org/topic/11245-how-to-set-up-pfsense-21-for-airvpn/?hl=pfsense for a 2 NIC set up and can't get an internet connection.

On checking the OpenVPN log I get:-

Dec 6 12:20:15    openvpn[19851]: auth_user_pass_file = '[uNDEF]'
Dec 6 12:20:15    openvpn[19851]: OpenVPN 2.3.3 i386-portbld-freebsd8.3 [sSL (OpenSSL)] [LZO] [MH] [iPv6] built on Aug 15 2014
Dec 6 12:20:15    openvpn[19851]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
Dec 6 12:20:15    openvpn[19851]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 6 12:20:15    openvpn[19851]: Control Channel Authentication: using '/var/etc/openvpn/client1.tls-auth' as a OpenVPN static key file
Dec 6 12:20:15    openvpn[19851]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 6 12:20:15    openvpn[19851]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 6 12:20:15    openvpn[19851]: LZO compression initialized
Dec 6 12:20:15    openvpn[19851]: Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Dec 6 12:20:15    openvpn[19851]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Dec 6 12:20:15    openvpn[19851]: Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Dec 6 12:20:15    openvpn[19851]: Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Dec 6 12:20:15    openvpn[19851]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Dec 6 12:20:15    openvpn[19851]: Local Options hash (VER=V4): '9e7066d2'
Dec 6 12:20:15    openvpn[19851]: Expected Remote Options hash (VER=V4): '162b04de'
Dec 6 12:20:15    openvpn[20471]: UDPv4 link local (bound): [AF_INET]192.168.1.250
Dec 6 12:20:15    openvpn[20471]: UDPv4 link remote: [AF_INET]95.211.186.93:443
Dec 6 12:20:15    openvpn[20471]: TLS: Initial packet from [AF_INET]95.211.186.93:443, sid=b5eb191f 1533b96f
Dec 6 12:20:15    openvpn[20471]: VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
Dec 6 12:20:15    openvpn[20471]: Validating certificate key usage
Dec 6 12:20:15    openvpn[20471]: ++ Certificate has key usage 00a0, expects 00a0
Dec 6 12:20:15    openvpn[20471]: VERIFY KU OK
Dec 6 12:20:15    openvpn[20471]: Validating certificate extended key usage
Dec 6 12:20:15    openvpn[20471]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Dec 6 12:20:15    openvpn[20471]: VERIFY EKU OK
Dec 6 12:20:15    openvpn[20471]: VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
Dec 6 12:20:21    openvpn[20471]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Dec 6 12:20:21    openvpn[20471]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 6 12:20:21    openvpn[20471]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Dec 6 12:20:21    openvpn[20471]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 6 12:20:21    openvpn[20471]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
Dec 6 12:20:21    openvpn[20471]: [server] Peer Connection Initiated with [AF_INET]95.211.186.93:443
Dec 6 12:20:24    openvpn[20471]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Dec 6 12:20:24    openvpn[20471]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.51.250 10.4.51.249'
Dec 6 12:20:24    openvpn[20471]: Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS])
Dec 6 12:20:24    openvpn[20471]: Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
Dec 6 12:20:24    openvpn[20471]: Options error: option 'route' cannot be used in this context ([PUSH-OPTIONS])
Dec 6 12:20:24    openvpn[20471]: OPTIONS IMPORT: timers and/or timeouts modified
Dec 6 12:20:24    openvpn[20471]: OPTIONS IMPORT: LZO parms modified
Dec 6 12:20:24    openvpn[20471]: OPTIONS IMPORT: --ifconfig/up options modified
Dec 6 12:20:24    openvpn[20471]: TUN/TAP device ovpnc1 exists previously, keep at program end
Dec 6 12:20:24    openvpn[20471]: TUN/TAP device /dev/tun1 opened
Dec 6 12:20:24    openvpn[20471]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 6 12:20:24    openvpn[20471]: /sbin/ifconfig ovpnc1 10.4.51.250 10.4.51.249 mtu 1500 netmask 255.255.255.255 up
Dec 6 12:20:24    openvpn[20471]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1558 10.4.51.250 10.4.51.249 init
Dec 6 12:20:24    openvpn[20471]: Initialization Sequence Completed
Dec 6 12:20:32    openvpn[20471]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Dec 6 12:20:32    openvpn[20471]: MANAGEMENT: CMD 'state 1'
Dec 6 12:20:32    openvpn[20471]: MANAGEMENT: CMD 'status 2'
Dec 6 12:20:32    openvpn[20471]: MANAGEMENT: Client disconnected

The OpenVPN interface is green and shown the correct IP address, and under "Status" to AirVPN Gateway is also shown in green, however I can not get an internet connection. I notice the entry Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS]) and assume that there is a gateway problem. Under the firewall rules created under the guide, if a select the WAN gateway instead I do get an internet connection.

After some detective work I deleted the route-nopull item from the advanced confifuration in setting up the OpenVPN client, and on restarting the OpenVPN service now get the following in the log:-

Dec 6 12:33:34    openvpn[33997]: pull = ENABLED
Dec 6 12:33:34    openvpn[33997]: auth_user_pass_file = '[uNDEF]'
Dec 6 12:33:34    openvpn[33997]: OpenVPN 2.3.3 i386-portbld-freebsd8.3 [sSL (OpenSSL)] [LZO] [MH] [iPv6] built on Aug 15 2014
Dec 6 12:33:34    openvpn[33997]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
Dec 6 12:33:34    openvpn[33997]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 6 12:33:34    openvpn[33997]: Control Channel Authentication: using '/var/etc/openvpn/client1.tls-auth' as a OpenVPN static key file
Dec 6 12:33:34    openvpn[33997]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 6 12:33:34    openvpn[33997]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 6 12:33:34    openvpn[33997]: LZO compression initialized
Dec 6 12:33:34    openvpn[33997]: Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Dec 6 12:33:34    openvpn[33997]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Dec 6 12:33:34    openvpn[33997]: Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Dec 6 12:33:34    openvpn[33997]: Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Dec 6 12:33:34    openvpn[33997]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Dec 6 12:33:34    openvpn[33997]: Local Options hash (VER=V4): '9e7066d2'
Dec 6 12:33:34    openvpn[33997]: Expected Remote Options hash (VER=V4): '162b04de'
Dec 6 12:33:34    openvpn[34020]: UDPv4 link local (bound): [AF_INET]192.168.1.250
Dec 6 12:33:34    openvpn[34020]: UDPv4 link remote: [AF_INET]95.211.186.93:443
Dec 6 12:33:34    openvpn[34020]: TLS: Initial packet from [AF_INET]95.211.186.93:443, sid=84cd97ee 9a52d3de
Dec 6 12:33:34    openvpn[34020]: VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
Dec 6 12:33:34    openvpn[34020]: Validating certificate key usage
Dec 6 12:33:34    openvpn[34020]: ++ Certificate has key usage 00a0, expects 00a0
Dec 6 12:33:34    openvpn[34020]: VERIFY KU OK
Dec 6 12:33:34    openvpn[34020]: Validating certificate extended key usage
Dec 6 12:33:34    openvpn[34020]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Dec 6 12:33:34    openvpn[34020]: VERIFY EKU OK
Dec 6 12:33:34    openvpn[34020]: VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
Dec 6 12:33:39    openvpn[34020]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Dec 6 12:33:39    openvpn[34020]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 6 12:33:39    openvpn[34020]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Dec 6 12:33:39    openvpn[34020]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 6 12:33:39    openvpn[34020]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
Dec 6 12:33:39    openvpn[34020]: [server] Peer Connection Initiated with [AF_INET]95.211.186.93:443
Dec 6 12:33:41    openvpn[34020]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Dec 6 12:33:41    openvpn[34020]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.51.250 10.4.51.249'
Dec 6 12:33:41    openvpn[34020]: OPTIONS IMPORT: timers and/or timeouts modified
Dec 6 12:33:41    openvpn[34020]: OPTIONS IMPORT: LZO parms modified
Dec 6 12:33:41    openvpn[34020]: OPTIONS IMPORT: --ifconfig/up options modified
Dec 6 12:33:41    openvpn[34020]: OPTIONS IMPORT: route options modified
Dec 6 12:33:41    openvpn[34020]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Dec 6 12:33:41    openvpn[34020]: Could not retrieve default gateway from route socket:: No such process (errno=3)
Dec 6 12:33:41    openvpn[34020]: ROUTE: default_gateway=UNDEF
Dec 6 12:33:41    openvpn[34020]: TUN/TAP device ovpnc1 exists previously, keep at program end
Dec 6 12:33:41    openvpn[34020]: TUN/TAP device /dev/tun1 opened
Dec 6 12:33:41    openvpn[34020]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 6 12:33:41    openvpn[34020]: /sbin/ifconfig ovpnc1 10.4.51.250 10.4.51.249 mtu 1500 netmask 255.255.255.255 up
Dec 6 12:33:41    openvpn[34020]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1558 10.4.51.250 10.4.51.249 init
Dec 6 12:33:41    openvpn[34020]: NOTE: unable to redirect default gateway -- Cannot read current default gateway from system
Dec 6 12:33:41    openvpn[34020]: /sbin/route add -net 10.4.0.1 10.4.51.249 255.255.255.255
Dec 6 12:33:41    openvpn[34020]: Initialization Sequence Completed

I am still unable to get an internet connection, and notice the heading : Could not retrieve default gateway from route socket:: No such process (errno=3)

I would be very grateful of some assistance as I am new I am lost doing anything which is not on a guide

Share this post


Link to post

Thanks I am using the following in the advanced configuration, the items in bold are taken from the OpenVPN config downloaded from AirVPN, the items underlined are taken from the guide in the first link

 

remote-cert-tls server;verb 3;explicit-exit-notify 5;key-direction 1;auth SHA1;keysize 256;key-method 2;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA;persist-tun; persist-key, persist-tun

 

In the second link I have been advised to take out persist-tun but don't know why

 

When I first set up the pfSense box I was using the same subnet for WAN and LAN, this has now been corrected and are now on seperate subnets

 

I haven't had a chance to try AirVPN again on pfSense, but could this be the reason why I am having problems?
 

Share this post


Link to post

I have airvpn working in pfSense 2.2, just followed the guide by pfSensefan.

 

It seems you have some outbound nat problem or firewall wrong rule. I would stay with route-nopull option and manage routing policy.

Please post firewall rules and outbound nat rules.

 

 

Sent from my iPad using Tapatalk


- Router/Firewall pfSense 23.01 (11th Gen Intel(R) Core(TM) i5-11320H @ 3.20GHz)

- Switch Cisco SG350-10

- AP Netgear RAX200 (Stock FW)

- NAS Synology DS1621+ (5 x 5TB WD Red)

- ISP: Fiber 1000/300 (PPPoE)

 

Share this post


Link to post

I noticed that AirVPN blocks connections using UDP ports where a proxy is being used, as I am using Snort, Squid and HTTP Anti Virus proxy, I thought that this must be the reason whyI can't connect.

 

I tried this morning using TCP 443 and 80 and still have the same problem, below is the OpenVPN log

 

Dec 14 10:11:50     openvpn[11670]: ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
Dec 14 10:11:50     openvpn[11670]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 14 10:11:50     openvpn[11670]: /sbin/ifconfig ovpnc1 10.5.14.90 10.5.14.89 mtu 1500 netmask 255.255.255.255 up
Dec 14 10:11:50     openvpn[11670]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1559 10.5.14.90 10.5.14.89 init
Dec 14 10:11:50     openvpn[11670]: /sbin/route add -net 37.48.81.11 192.168.2.1 255.255.255.255
Dec 14 10:11:50     openvpn[11670]: /sbin/route add -net 0.0.0.0 10.5.14.89 128.0.0.0
Dec 14 10:11:50     openvpn[11670]: /sbin/route add -net 128.0.0.0 10.5.14.89 128.0.0.0
Dec 14 10:11:50     openvpn[11670]: /sbin/route add -net 10.5.0.1 10.5.14.89 255.255.255.255
Dec 14 10:11:50     openvpn[11670]: Initialization Sequence Completed
Dec 14 10:13:52     openvpn[11670]: Connection reset, restarting [0]
Dec 14 10:13:52     openvpn[11670]: SIGUSR1[soft,connection-reset] received, process restarting
Dec 14 10:13:52     openvpn[11670]: Restart pause, 5 second(s)
Dec 14 10:13:57     openvpn[11670]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 14 10:13:57     openvpn[11670]: Socket Buffers: R=[65228->65536] S=[65228->65536]
Dec 14 10:13:57     openvpn[11670]: Attempting to establish TCP connection with [AF_INET]37.48.81.11:443 [nonblock]
Dec 14 10:13:58     openvpn[11670]: TCP connection established with [AF_INET]37.48.81.11:443
Dec 14 10:13:58     openvpn[11670]: TCPv4_CLIENT link local (bound): [AF_INET]192.168.2.200
Dec 14 10:13:58     openvpn[11670]: TCPv4_CLIENT link remote: [AF_INET]37.48.81.11:443
Dec 14 10:13:58     openvpn[11670]: TLS: Initial packet from [AF_INET]37.48.81.11:443, sid=7f752825 a08fa24f
Dec 14 10:13:58     openvpn[11670]: VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
Dec 14 10:13:58     openvpn[11670]: Validating certificate key usage
Dec 14 10:13:58     openvpn[11670]: ++ Certificate has key usage 00a0, expects 00a0
Dec 14 10:13:58     openvpn[11670]: VERIFY KU OK
Dec 14 10:13:58     openvpn[11670]: Validating certificate extended key usage
Dec 14 10:13:58     openvpn[11670]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Dec 14 10:13:58     openvpn[11670]: VERIFY EKU OK
Dec 14 10:13:58     openvpn[11670]: VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
Dec 14 10:14:02     openvpn[11670]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Dec 14 10:14:02     openvpn[11670]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 14 10:14:02     openvpn[11670]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Dec 14 10:14:02     openvpn[11670]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 14 10:14:02     openvpn[11670]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
Dec 14 10:14:02     openvpn[11670]: [server] Peer Connection Initiated with [AF_INET]37.48.81.11:443
Dec 14 10:14:04     openvpn[11670]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Dec 14 10:14:04     openvpn[11670]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.5.0.1,comp-lzo no,route 10.5.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.5.14.90 10.5.14.89'
Dec 14 10:14:04     openvpn[11670]: OPTIONS IMPORT: timers and/or timeouts modified
Dec 14 10:14:04     openvpn[11670]: OPTIONS IMPORT: LZO parms modified
Dec 14 10:14:04     openvpn[11670]: OPTIONS IMPORT: --ifconfig/up options modified
Dec 14 10:14:04     openvpn[11670]: OPTIONS IMPORT: route options modified
Dec 14 10:14:04     openvpn[11670]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Dec 14 10:14:04     openvpn[11670]: Preserving previous TUN/TAP instance: ovpnc1
Dec 14 10:14:04     openvpn[11670]: Initialization Sequence Completed
Dec 14 10:16:19     openvpn[11670]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Dec 14 10:16:19     openvpn[11670]: MANAGEMENT: CMD 'state 1'
Dec 14 10:16:19     openvpn[11670]: MANAGEMENT: CMD 'status 2'
Dec 14 10:16:19     openvpn[11670]: MANAGEMENT: Client disconnected
Dec 14 10:26:19     openvpn[11670]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Dec 14 10:26:19     openvpn[11670]: MANAGEMENT: CMD 'state 1'
Dec 14 10:26:19     openvpn[11670]: MANAGEMENT: CMD 'status 2'
Dec 14 10:26:19     openvpn[11670]: MANAGEMENT: Client disconnected

 

Adanced Configurations in OpenVPN client are

 

remote-cert-tls server;verb 3;key-direction 1;auth SHA1;keysize 256;key-method 2;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA;persist-tun; persist-key

 

Firewire NAT Outgoing rules have been set to Manual Outbound NAT rule generations, but no addtional rules have been set up.

 

LAN Firewire rules are set as:-

 

Action=Pass

Interface=LAN

TCP/IP Version=IP4v

Proticol=any

Source=LAN net

Destrination=any

Gateway = AirVPN gateway (Dynamic)

Note that I have edited the Default allow LAN to any rule settings to the above
 

Dashboard Settings show an AirVPN connection 10.5.14.90 in green

 

AirVPN Gateway settings show gateway 10.5.14.89 Monitor 10.4.0.1. in green

Share this post


Link to post

Firewall is ok, Outgoing Nat seems to be the problem.

You should put:

 

AIRVPN_WAN 192.168.2.0/24 * * * AIRVPN_WAN address * NO

 

where AIRVPN_WAN is the iterface, 192.168.2.0/24 is what you want to route (in my config I have an entire subnet) and so on.

 

According to your info AirVPN is on and working, it is just a matter of allowing outbound.

 

 

 

 

 

 

Sent from my iPad using Tapatalk


- Router/Firewall pfSense 23.01 (11th Gen Intel(R) Core(TM) i5-11320H @ 3.20GHz)

- Switch Cisco SG350-10

- AP Netgear RAX200 (Stock FW)

- NAS Synology DS1621+ (5 x 5TB WD Red)

- ISP: Fiber 1000/300 (PPPoE)

 

Share this post


Link to post

Thanks I seem to have resolved matters and got it working using TCP

 

In the first instance I did use the guide, but I was getting no connection, thought that there may be an erorr somewhere

 

It was not until I studied the AirVPN website in detail did I find that they do not allow UDP connections if a proxy is present

Share this post


Link to post

Thanks I seem to have resolved matters and got it working using TCP

 

In the first instance I did use the guide, but I was getting no connection, thought that there may be an erorr somewhere

 

It was not until I studied the AirVPN website in detail did I find that they do not allow UDP connections if a proxy is present

 

Hello!

 

We do not block anything! It's only that any socks and http proxy work in TCP, they do not and can not support UDP.

 

Kind regards

Share this post


Link to post

So to clarify, can I use UDP 443 direct using pfSense running Snort, Squid and HAVP anitivirus?

 

I was having connectivity issues, and understand that you do not allow the use of proxies on UDP 443 based on the information of the OpenVPN config generator page?

 

Thought that as Squid is a proxy server and HAVP antinvirus uses a HTTP proxy, that was the reason that I could connect, and as such I moved to TCP

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...