pfSense: OpenVPN works OK on Android but not Windows

[rsloan]

Hi,

I'm using OpenVPN on pfSense, I have the following issue below and posted my question below on the pfSense forum but no one has offered any advice so far. Here is my issue:


I have a network on 192.168.10.0/24

My Tun VPN is using 10.0.0.0/24

When I download the config for android and import into OpenVPN Connect it works without any issues, I can ping ip addresses, resolve DNS, do a traceroute and access web servers and PC's via RDP without any issues.

On Windows, I connect OK and I can ping ip addresses, resolve DNS, do a traceroute etc. However as soon as I go to any webserver or RDP to a desktop PC, my connection to the lan is lost and I'm no longer able to ping any device on the lan.

I have tried this on two different pfSense boxes with the other at a different location having the following details:

I have a network on 10.82.116.0/24

My Tun VPN is using 10.1.1.0/24

I get the very same issue as above.

I have also found that if I try to go to any website on the internet once the VPN is connected I will then loose the VPN connection. If I try to restart the OpenVPN connection it won't let me unless I restart my PC

Any pointers would be greatly appreciated.

Details from my log file are as follows:

Fri Jan 05 07:47:36 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]A.B.C.D:1194
Fri Jan 05 07:47:36 2018 UDP link local (bound): [AF_INET][undef]:0
Fri Jan 05 07:47:36 2018 UDP link remote: [AF_INET]A.B.C.D:1194
Fri Jan 05 07:47:36 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Jan 05 07:47:37 2018 [OpenVPN-Server] Peer Connection Initiated with [AF_INET]A.B.C.D:1194
Fri Jan 05 07:47:38 2018 open_tun
Fri Jan 05 07:47:38 2018 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{0CFE69B5-ECCD-486A-8852-DB6D6EB26403}.tap
Fri Jan 05 07:47:38 2018 Set TAP-Windows TUN subnet mode network/local/netmask = 10.0.0.0/10.0.0.2/255.255.255.0 [SUCCEEDED]
Fri Jan 05 07:47:38 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.0.0.2/255.255.255.0 on interface {0CFE69B5-ECCD-486A-8852-DB6D6EB26403} [DHCP-serv: 10.0.0.254, lease-time: 31536000]
Fri Jan 05 07:47:38 2018 Successful ARP Flush on interface [2] {0CFE69B5-ECCD-486A-8852-DB6D6EB26403}
Fri Jan 05 07:47:38 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Jan 05 07:47:38 2018 Blocking outside dns using service succeeded.
Fri Jan 05 07:47:43 2018 Initialization Sequence Completed
Fri Jan 05 07:47:43 2018 Register_dns request sent to the service

When connection drops, it tries to restart but fails.

Fri Jan 05 07:48:47 2018 [OpenVPN-Server] Inactivity timeout (--ping-restart), restarting
Fri Jan 05 07:48:47 2018 Unblocking outside dns using service succeeded.
Fri Jan 05 07:48:47 2018 SIGUSR1[soft,ping-restart] received, process restarting
Fri Jan 05 07:48:52 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]A.B.C.D:1194
Fri Jan 05 07:48:52 2018 UDP link local (bound): [AF_INET][undef]:0
Fri Jan 05 07:48:52 2018 UDP link remote: [AF_INET]A.B.C.D:1194
Fri Jan 05 07:49:52 2018 [UNDEF] Inactivity timeout (--ping-restart), restarting
Fri Jan 05 07:49:52 2018 Unblocking outside dns using service succeeded.
Fri Jan 05 07:49:52 2018 SIGUSR1[soft,ping-restart] received, process restarting
Fri Jan 05 07:49:57 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]A.B.C.D:1194
Fri Jan 05 07:49:57 2018 UDP link local (bound): [AF_INET][undef]:0
Fri Jan 05 07:49:57 2018 UDP link remote: [AF_INET]A.B.C.D:1194

Regards,

Robert.

[TinCanTech]

Please see:
HOWTO: Request Help ! {2}

In other words:

• server config
• server log @ verb 4
• client config
• client log @ verb 4

Also note: we don't support pfSense, so if that is the problem we can't really help.