Search the Community

Hi, I've seen several threads on this subject but none with any definitive answers or solutions. I'm on pfSense 2.4.5, and I've setup a remote port forward for 40756 I've setup an NAT port forwarding rule on pfSense as described here. Here's the rule... The TCP test on AirVPN stays grey and never turns green. I've tried deleting the remote post and creating a new on several times, I've never managed to get this to work. I have set the same port in my Torrent client, which is always reported as being closed. I wouldn't say I'm hugely technically savvy but I can usually mange to figure things out by googling for hours and reading A LOT but I'm drawing a blank here. Why doesn't this work? Here's a packet capture I did from pfSense while running the TCP test, I set it level of detail to "Full": 20:00:06.108044 AF IPv4 (2), length 80: (tos 0x0, ttl 54, id 10076, offset 0, flags [DF], proto UDP (17), length 76) 188.166.175.60.59010 > XX.XX.XXX.XX.40756: [udp sum ok] UDP, length 48 20:00:11.284073 AF IPv4 (2), length 64: (tos 0x0, ttl 54, id 5974, offset 0, flags [DF], proto TCP (6), length 60) 188.166.175.60.53688 > XX.XX.XXX.XX.40756: Flags , cksum 0xb10f (correct), seq 1850573718, win 29200, options [mss 1285,nop,nop,TS val 1356960960 ecr 0,nop,wscale 6], length 0 20:00:12.308635 AF IPv4 (2), length 64: (tos 0x0, ttl 54, id 5975, offset 0, flags [DF], proto TCP (6), length 60) 188.166.175.60.53688 > XX.XX.XXX.XX.40756: Flags , cksum 0xb00f (correct), seq 1850573718, win 29200, options [mss 1285,nop,nop,TS val 1356961216 ecr 0,nop,wscale 6], length 0 20:00:14.323413 AF IPv4 (2), length 64: (tos 0x0, ttl 54, id 5976, offset 0, flags [DF], proto TCP (6), length 60) 188.166.175.60.53688 > XX.XX.XXX.XX.40756: Flags , cksum 0xae17 (correct), seq 1850573718, win 29200, options [mss 1285,nop,nop,TS val 1356961720 ecr 0,nop,wscale 6], length 0 Anyone have any ideas?

Dear community, I am having troubles to configure a VPN on pfSense 2.4.5p1. It never connects. Sadly the logs don't really give me a hint on where I screwed myself (or I can't interpret the logs correctly). The OpenVPN Status shows me: AirVPN Client (DE) UDP4 down (pending) (pending) 0 B 0 B The logs state: Jul 17 22:29:59 openvpn 16773 Restart pause, 5 second(s) Jul 17 22:29:59 openvpn 16773 SIGUSR1[soft,ping-restart] received, process restarting Jul 17 22:29:59 openvpn 16773 [UNDEF] Inactivity timeout (--ping-restart), restarting Jul 17 22:29:40 openvpn 16773 MANAGEMENT: Client disconnected Jul 17 22:29:40 openvpn 16773 MANAGEMENT: CMD 'state 1' Jul 17 22:29:40 openvpn 16773 MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock Jul 17 22:29:29 openvpn 16773 UDPv4 link remote: [AF_INET]141.98.102.242:443 Jul 17 22:29:29 openvpn 16773 UDPv4 link local (bound): [AF_INET]10.0.2.3:0 Jul 17 22:29:29 openvpn 16773 Socket Buffers: R=[42080->524288] S=[57344->524288] Jul 17 22:29:29 openvpn 16773 TCP/UDP: Preserving recently used remote address: [AF_INET]141.98.102.242:443 Jul 17 22:29:29 openvpn 16773 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication Jul 17 22:29:29 openvpn 16773 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key Jul 17 22:29:29 openvpn 16773 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication Jul 17 22:29:29 openvpn 16773 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key Jul 17 22:29:29 openvpn 16773 Initializing OpenSSL support for engine 'cryptodev' Jul 17 22:29:29 openvpn 16773 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Jul 17 22:29:29 openvpn 16773 mlockall call succeeded Jul 17 22:29:29 openvpn 16773 MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock Jul 17 22:29:29 openvpn 16455 library versions: OpenSSL 1.0.2u-freebsd 20 Dec 2019, LZO 2.10 Jul 17 22:29:29 openvpn 16455 OpenVPN 2.4.9 amd64-portbld-freebsd11.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on May 4 2020 A screenshot of my current OpenVPN config is can be found here. Allthough I should state that I've already tried multiple options in the "Custom options" field. (I.e. the examples given in the linked guides below) In general I've used these how-to guides for guidance:https://nguvu.org/pfsense/pfsense-baseline-setup/#create vpn Any help would be greatly appreciated! Edit 1: Replaced attached image with a higher resolution external link Edit 2: I've increased the loglevel from 3 (default) to 7 and the only interessting bit I could spot hints at a hard reset: Jul 17 23:10:44 openvpn 89741 UDPv4 WRITE [54] to [AF_INET]141.98.102.242:443: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=1119 DATA len=40 Jul 17 23:10:36 openvpn 89741 UDPv4 WRITE [54] to [AF_INET]141.98.102.242:443: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=863 DATA len=40 Jul 17 23:10:32 openvpn 89741 UDPv4 WRITE [54] to [AF_INET]141.98.102.242:443: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=607 DATA len=40 Jul 17 23:10:30 openvpn 89741 UDPv4 WRITE [54] to [AF_INET]141.98.102.242:443: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=351 DATA len=40 As far as I know my ISP is allowing VPN traffic and a quick test with desktop or mobile clients seems to work flawlessly. What is resetting the connection?! Edit 3: Here is a complete log (verbosity 11) in the correct order (newest bottom) for reference: https://pastebin.com/xTG6BF47