Fresh install of pfSense working great. Dual WAN setup with failover - also working great. OpenVPN set up according to Tom’s video - not working great.
No matter what I do I get an error that it fails the TLS handshake, and it times out after 60 seconds. It’s set to listen on the gateway group instead of one specific WAN port. I’m hoping that isn’t the issue.
Any words of wisdom that may lead to what box I checked/should check that would make it happy?
Can you post the config screenshots (redacted appropriately), as well as the log that details the handshake failure?
Unfortunately the original description is too vague to provide any concrete advice. This error should have a more specific reason associated with it. However, it does not seem likely to be related to a dual WAN setup.
A general troubleshooting tip though: eliminate variables to narrow down your issue’s origin. For example, if you remove your dual WAN setup from the equation, are you able to make a connection?
Have a look at these videos, if i remember you change the wan ports to 127.0.0.1 and create a portforwarding rule.
Note : get it to work on one wan , following Tom’s video before changing the setup to multiwan
Setup OpenVPN MultiWAN in Pfsense 2.5.0 - YouTube
How To Setup OpenVPN On pfSense With Two WAN Internet Connections For Failover - YouTube
Instead of screenshots, post the logs here with public IP’s redacted.
My apologies for not replying sooner. I had to get out to the site to get access to the device.
I figured it out. I searched the OpenVPN log and found no mention of anything trying to connect. I then searched the firewall logs for the IP I was trying to connect from, and found them hitting the default deny rule. I added a firewall rule and now the VPN connects just fine.
I created the VPN using the wizard (twice) and made sure to check the boxes to have it automatically create the rule. Somehow it didn’t. Twice.