OpenVPN on pfSense

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Locked
spower66
OpenVpn Newbie
Posts: 2
Joined: Fri Oct 28, 2022 4:55 pm

OpenVPN on pfSense

Post by spower66 » Fri Oct 28, 2022 7:15 pm

Hi
I'm trying to connect a OpenVPN Client (on pfSense) to an external OpenVPN Server (also on pfSense) through a Sonicwall !
The client is configured to use 172.16.2.0/24 as the IPv4 Tunnel Network
The Internal network on the OpenVPN Server site is 10.102.10.0/24
The Internal network on the OpenVPN Client site is 192.168.1.0/24

The OpenVPN Server accepts connections from another site that I configured for testing, but there is no Sonicwall in the way there, and everything works there as expected.

Sonicwall has the following Rules/NAT:
Sonicwall Rules:
Name: OVPN-OUT
From: LAN
To: WAN
Source: LAN Subnets
Destin: Any
Service: OpenVPN-1195
Action: Allow

Name: OVPN-IN
From: WAN
To: LAN
Source: Any
Destin: Internal_pfSense
Service: OpenVPN-1195
Action: Allow

NAT Policy:
Name: OVPN
Source Original: Any
Source Translated: Original
Destination Original: WAN Interface IP
Destination Translated: Internal_pfSense
Service Original: OpenVPN-1195
Service Translated: Original
The problem is that when the OpenVPN Client attempts to connect, the connection never gets established, and I don't kow enough about Sonicwall to go messing around too much!!

The log entries from pfSense are as follows:

Code: Select all

openvpn	33905	/usr/local/sbin/ovpn-linkdown ovpnc2 1500 1572 172.16.2.2 172.16.2.1 init
openvpn	33905	SIGTERM[hard,] received, process exiting
openvpn	91530	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
openvpn	91530   openVPN 2.5.4 amd64-portbld-freebsd12.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jan 12 2022
openvpn	91530	library versions: OpenSSL 1.1.1l-freebsd 24 Aug 2021, LZO 2.10
openvpn	91658	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
openvpn	91658	TUN/TAP device ovpnc2 exists previously, keep at program end
openvpn	91658	TUN/TAP device /dev/tun2 opened
openvpn	91658	TCP/UDP: Preserving recently used remote address: [AF_INET]XX.XX.XX.XX:1195
openvpn	91658	UDPv4 link local (bound): [AF_INET]89.100.202.218:1195
openvpn	91658	UDPv4 link remote: [AF_INET]XX.XX.XX.XX:1195
openvpn	91658	/sbin/ifconfig ovpnc2 172.16.2.2 172.16.2.1 mtu 1500 netmask 255.255.255.255 up
openvpn	91658	/usr/local/sbin/ovpn-linkup ovpnc2 1500 1572 172.16.2.2 172.16.2.1 init
Anyone got any ideas on how to get this working??
Cheers

User avatar
Pippin
Forum Team
Posts: 1200
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: OpenVPN on pfSense

Post by Pippin » Fri Oct 28, 2022 7:33 pm

Hi,

I moved your previous topic to Off Topic for a reason...!
viewtopic.php?t=34945

Configuring Sonicwall is not in scope of this forum.
If other users have experience configuring Sonicwall they are of course welcome to help you out in the linked topic.

Moved this to Off Topic and lock.

Thanks.
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp

Locked