OpenVPN AS behind Pfsense

[KTFO|SGTmoody]

Hello

 

I am having issues with getting a VPN connection to a OpenVPN AS server thats sitting behind a PFsense router.

I have forwarded the ports in NAT and they are permitted in the firewall (ports 443 TCP and 1194 UDP ) I can connect to the VPN server web panel and download the client.

But when connecting I just get "openvpn could not establish connection with vpn server"

 

I have another OpenVPN AS server sitting behind a Cisco router in NAT and I can connect to that fine from the same PC and essentialy the nat forwarding is exactly the same as well, (just in cisco language )

ip nat inside source static tcp 192.168.1.5 443 5.102.20.44 443 extendableip nat inside source static udp 192.168.1.5 1194 5.102.20.44 1194 extendable

See....

 

So I can only assume that PFsense is blocking something somewhere but I just dont know what,  Has anyone else had this issue before ?

 

 

I have attatched my nat forwarding just as a visual refferance.

 

 

Also Im not looking to setup PFsesne to do the OpenVPN server as I have a spercific need for doing it this way.

 

My last option is to just install another cisco router but I dont want to do that just yet (trying to save power here)

 

Any insight in to the strange goings on would be grate

[unijab]

Have you heard of wireshark?

Use that to figure out how you missed.

[KTFO|SGTmoody]

Have you heard of wireshark?

Use that to figure out how you missed.

Yes, And i have been trying to figure it out with that and am currently failing

[Alef]

In the OpenVPN Configuration >  Server Network Settings  did you fill the "Hostname or IP Address" box with an external address?  Also if your trying to connect within the same network it won't work unless you put in a internal IP Address in that same space or have the client OpenVPN config with the remote opinion pointing to the internal address.

[KTFO|SGTmoody]

In the OpenVPN Configuration >  Server Network Settings  did you fill the "Hostname or IP Address" box with an external address?  Also if your trying to connect within the same network it won't work unless you put in a internal IP Address in that same space or have the client OpenVPN config with the remote opinion pointing to the internal address.

yes  Hostname or IP address is filled in with the correct external IP. the server is listerning on the correct IP and port on the correct Vswitch  And I am connecting over the internet to the remote OpenVPN server.

[KTFO|SGTmoody]

I figured it out.

 

Im such a twat,  192.168.0.108 should have been 192.168.1.108.   FFS

 

Hours have been spent staring at the NAT page. HOURS

 

It works now