Page 1 of 1

remote connection cannot connect

Posted: Mon Dec 31, 2018 5:12 am
by carl66757
Hello to all, I have setup a openvpn on Pfsense 2.4.4 on a vm on my dell poweredge server running ESXI 5.1, Im retaining my Internet from a different location VIA wireless bridge, so my pfsense wan is getting a lan ip from the other router....and i am not possible to put the main router into bridge mode to obtain a actual WAN ip for pfsesne. here is a picture i mapped out Image


I can port foward from the hitron cable modem but in pfsense it shows a connection for vpn but there isn't any routes?
I have replaced my email and ip with generic

Sun Dec 30 20:39:18 2018 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Sun Dec 30 20:39:18 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Sun Dec 30 20:39:18 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Enter Management Password:
Sun Dec 30 20:39:25 2018 WARNING: No server certificate verification method has been enabled.
Sun Dec 30 20:39:25 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Sun Dec 30 20:39:25 2018 UDP link local (bound): [AF_INET][undef]:1194
Sun Dec 30 20:39:25 2018 UDP link remote: [AF_INET]x.x.x.x:1194
Sun Dec 30 20:39:25 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Dec 30 20:39:26 2018 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=US, ST=Kansas, L=mytown, O=Carl's MediaServer, emailAddress=me.at.myemailatgoogle, CN=mediaserverclient, OU=Plex
Sun Dec 30 20:39:26 2018 OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Sun Dec 30 20:39:26 2018 TLS_ERROR: BIO read tls_read_plaintext error
Sun Dec 30 20:39:26 2018 TLS Error: TLS object -> incoming plaintext read error
Sun Dec 30 20:39:26 2018 TLS Error: TLS handshake failed
Sun Dec 30 20:39:26 2018 SIGUSR1[soft,tls-error] received, process restarting
Sun Dec 30 20:39:31 2018 WARNING: No server certificate verification method has been enabled.
Sun Dec 30 20:39:31 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Sun Dec 30 20:39:31 2018 UDP link local (bound): [AF_INET][undef]:1194
Sun Dec 30 20:39:31 2018 UDP link remote: [AF_INET]x.x.x.x:1194
Sun Dec 30 20:39:31 2018 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=US, ST=Kansas, L=mytown, O=Carl's MediaServer, emailAddress=me.at.myemailatgoogle, CN=mediaserverclient, OU=Plex
Sun Dec 30 20:39:31 2018 OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Sun Dec 30 20:39:31 2018 TLS_ERROR: BIO read tls_read_plaintext error
Sun Dec 30 20:39:31 2018 TLS Error: TLS object -> incoming plaintext read error
Sun Dec 30 20:39:31 2018 TLS Error: TLS handshake failed
Sun Dec 30 20:39:31 2018 SIGUSR1[soft,tls-error] received, process restarting
Sun Dec 30 20:39:36 2018 WARNING: No server certificate verification method has been enabled.
Sun Dec 30 20:39:36 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Sun Dec 30 20:39:36 2018 UDP link local (bound): [AF_INET][undef]:1194
Sun Dec 30 20:39:36 2018 UDP link remote: [AF_INET]x.x.x.x:1194
Sun Dec 30 20:39:36 2018 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Sun Dec 30 20:39:38 2018 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Sun Dec 30 20:39:38 2018 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Sun Dec 30 20:39:41 2018 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Sun Dec 30 20:39:42 2018 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Sun Dec 30 20:39:46 2018 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Sun Dec 30 20:39:50 2018 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Sun Dec 30 20:39:57 2018 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Sun Dec 30 20:40:02 2018 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Sun Dec 30 20:40:06 2018 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Sun Dec 30 20:40:36 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Dec 30 20:40:36 2018 TLS Error: TLS handshake failed
Sun Dec 30 20:40:36 2018 SIGUSR1[soft,tls-error] received, process restarting


any more info needed just ask, im new to this thanks

Re: remote connection cannot connect

Posted: Mon Dec 31, 2018 4:51 pm
by carl66757
sorry the link to the picture isnt working this should work https://photos.app.goo.gl/kC7ePv5neSaBdvhGA

Re: remote connection cannot connect

Posted: Mon Dec 31, 2018 5:13 pm
by TinCanTech

Re: remote connection cannot connect

Posted: Tue Jan 08, 2019 10:39 am
by Steven Brown
Thanks for sharing the link its really helpful knowledge

Re: remote connection cannot connect

Posted: Tue Jan 08, 2019 1:14 pm
by TinCanTech
carl66757 wrote:
Mon Dec 31, 2018 5:12 am
Sun Dec 30 20:39:26 2018 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=US, ST=Kansas, L=mytown, O=Carl's MediaServer, emailAddress=me.at.myemailatgoogle, CN=mediaserverclient, OU=Plex
This looks like your client certificate has not been correctly created.