danioj 1 Posted ... Hello All, I was hoping someone could help me setup my connection. I have recently moved from an ASUS router to pfsense but am unable to get the client to connect. I am trying to connect to the same server I have been using for a long time now in Singapore. Being based on Australia, it is the closest one: AirVPN_SG-Singapore_Triangulum_UDP-443 I have setup my Certificates fine. I have created a client and input my settings BUT I can't take another step as the client just doesn't connect or grab an IP. The log's aren't helpful (to me - but this might be my uneducated view) either. For want of clarity, my complete advanced settings (as you can't see it from the screen shots) are: resolv-retry infinite persist-key persist-tun auth-nocache route-delay 5 verb 3 explicit-exit-notify 5 push-peer-info remote-cert-tls server comp-lzo no proto udp key-direction 1 I am sure I am doing something wrong and it is obvious but this has been an all day activity now and I need to throw the hand up for some help. Please. Screenshots of my settings, status's and logs are attached to hopefully allow some eagle eye expert to be able to spot what the issue might be. Thanks for your time in advance. D Quote Share this post Link to post
Wolke68 5 Posted ... Take a Look at this https://nguvu.org/pfsense/pfsense-baseline-setup/#create vpn this config is a bit different from yours Quote Share this post Link to post
danioj 1 Posted ... 2 hours ago, Wolke68 said: Take a Look at this https://nguvu.org/pfsense/pfsense-baseline-setup/#create vpn this config is a bit different from yours Thanks, I was only off on a couple of settings. I have now mirrored that config exactly and no joy. It now times out. I am at a complete loss. Now my log looks like this: Aug 11 19:12:04 openvpn 79705 OpenVPN 2.4.9 amd64-portbld-freebsd11.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on May 4 2020 Aug 11 19:12:04 openvpn 79705 library versions: OpenSSL 1.0.2u-freebsd 20 Dec 2019, LZO 2.10 Aug 11 19:12:04 openvpn 79810 mlockall call succeeded Aug 11 19:12:04 openvpn 79810 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Aug 11 19:12:04 openvpn 79810 Initializing OpenSSL support for engine 'rdrand' Aug 11 19:12:04 openvpn 79810 TCP/UDP: Preserving recently used remote address: [AF_INET]185.200.116.130:443 Aug 11 19:12:04 openvpn 79810 UDPv4 link local (bound): [AF_INET]<IP ADDRESS>:0 Aug 11 19:12:04 openvpn 79810 UDPv4 link remote: [AF_INET]185.200.116.130:443 Aug 11 19:12:34 openvpn 79810 [UNDEF] Inactivity timeout (--ping-restart), restarting Aug 11 19:12:34 openvpn 79810 SIGUSR1[soft,ping-restart] received, process restarting Quote Share this post Link to post
Casper31 73 Posted ... Can not find the dns info in the logfiles.Just a quicky. Gr,Casper Quote Share this post Link to post
Wolke68 5 Posted ... Let us see your config or More from the whole log Quote Share this post Link to post
go558a83nk 364 Posted ... You're using the wrong entry IP. You're setting up to use tls-crypt so you need to use entry IP 3 or 4 and make sure you have a tls-crypt config for the proper tls key. For Triangulum that's 185.200.116.133 and 185.200.116.134. I'd also leave key direction at default, use AES-256-GCM, set comp-lzo yes though compression will be turned off via the push from the server, turn on UDP fast I/O, turn on explicit exit notify, and increase the send and receive buffers from default. Quote Share this post Link to post