ANSWERED PFsense suddenly cannot connect to any servers - RESOLVED.

[Monkeh 0]

So this is weird

My pfsense openvpn connection stopped working this morning, I have not made any changes for well over a week, and I cannot see what is causing it to fail, I have increased the logging to max  but cannot see anything that indicates what the issue is?  I have rebooted it, and the non-VPN connection is running perfectly.
I do use snort and PFBlocker, which are both not reporting they are blocking and cleared all blocked hosts in snort just to check,

I thought my subscription had ended but there is still 250 days left

Does anyone know if there is any other logging I can enable that can provide more info?

VPN custom config entries:
remote 89.249.74.212 443
remote 89.249.74.213 443
remote 89.249.74.217 443
remote 94.229.74.90 443
remote 185.103.96.130 443
remote 185.103.96.131 443
remote 185.103.96.132 443
remote 185.103.96.133 443
remote 185.103.96.134 443
remote 141.98.101.132 443
tun-mtu 1492;
keepalive 10 60;
client; persist-key; persist-tun; remote-cert-tls server; prng sha256 64; mlock; auth-nocache;



 

openvpn_log.txt

Edited ... by Monkeh
resolved

[Monkeh 0]

ok digging into this the following seems to be the only thing I can find in the logs to indicate the issue

openvpn    7836    TLS Warning: no data channel send key available: [key#0 state=S_PRE_START id=0 sid=00000000 00000000] [key#1 state=S_UNDEF id=0 sid=00000000 00000000] [key#2 state=S_UNDEF id=0 sid=00000000 00000000]

TLS, ca and cert keys are ok and have regenerated them and they are all correct.

[Monkeh 0]

figured it out. it for some reason could not connect to the ip address 141.98.101.244 in the TLS config generated and was using the alternate server addresses, which were copied from my pre-TSL config file, which do not appears to support TLS 1.2