Solved Cannot connect OpenVPN instances

[VulcanRidr]

I am having an issue with OpenVPN. The setup used to work, but I haven't connected since early 2020. In my current confuration, I am trying to connect my FreeBSD 12.2-RELEASE-p4 laptop to my pfSense 2.5.0 vpn server. I have two servers running on the firewall. One server is on the WAN interface and is listening on 1194/UDP and the other on 1195/UDP on the wireless interface.

So I launch the vpn client on the laptop using either openvpn --config /usr/local/etc/openvpn/home or --config /usr/local/etc/openvpn/wrls depending. On either home or wireless, it tries to connect, then says

2021-03-19 23:26:43 us=685290 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2021-03-19 23:26:43 us=685341 TLS Error: TLS handshake failed

I tried to connect tonight using the wireless connection on 1195/udp, and noticed something strange. Although my config has

dev tun
proto udp
remote 192.168.1.4 1195

the log on the laptop shows

2021-03-19 23:25:43 us=372015 TCP/UDP: Preserving recently used remote address:
[AF_INET]192.168.1.4:1195
2021-03-19 23:25:43 us=372047 Socket Buffers: R=[42080->42080] S=[9216->9216]
2021-03-19 23:25:43 us=372079 UDP link local (bound): [AF_INET][undef]:1194
2021-03-19 23:25:43 us=372095 UDP link remote: [AF_INET]192.168.1.4:1195
2021-03-19 23:25:43 us=374125 TLS: Initial packet from [AF_INET]192.168.1.4:1195
, sid=6836549c e25680ee

I don't understand why the laptop is listening on port 1194, when I specified that the remote is on 1195. I even added "port 1195" to the config file, but it still says link local is bound to 1194.

Can anyone suggest what changed over the last year?

Thanks
--vr

 

[VulcanRidr]

I found the problem. It was the certificate depth. Changed it from One (client+server) to off.

I am having an issue with OpenVPN. The setup used to work, but I haven't connected since early 2020. In my current confuration, I am trying to connect my FreeBSD 12.2-RELEASE-p4 laptop to my pfSense 2.5.0 vpn server. I have two servers running on the firewall. One server is on the WAN interface and is listening on 1194/UDP and the other on 1195/UDP on the wireless interface.