PFsense with Open VPN

I followed Tom OpenVPN setup on youtube and it works well on my iPhone. However, when I use the Client Export feature in PFsense and used the Current Windows Installers (2.5.0) in the file and when I connect on my Windows pc it spits back this error

Error Message :
Open VPN General Information :

Cryptographic Settings 1:
Cryptographic Settings 2:

Tunnel Settings :

Client Settings / Ping Settings :

Advance Configuration :

Please let me know what I did wrong. I Deleted my original post as I posted it in the wrong sub channel

In Crypto settings 2, do you need to add AES-128-CBC to the right pane?

The error message says, data cipher currently -GCM but it would like -CBC.

Just a thought.

I tried that it didn’t work. Do I need to update my client settings, like re-export it?

I assume you are but, I have to ask. Are you trying to tunnel into a network you are already on or are you really off your internal network from a different public IP?

1 Like

Your ciphers don’t match, you’ve picked the wrong one.

I suggest you to Enable NCP (Enable Negotiable Cryptographic Parameters) and stick with AES-xx-CBC because CBC is most compatible for support of Hardware Crypto Offload.

Yes just to test it before I travel tomorrow.

So my next question is, Since I’m doing authentication by username, why does my phone and laptop get the same IP, I did my subnet as but it both devices will do .2 and it will kick one device off. Do I need to make another user for like JHarrison-iPhone to connect with?

each device that will connect need a different client cert :slight_smile:

No need of client certificate.

I just connect 2 pc’s open vpn to pfsense, and my tunnels was and
Open VPN , client export, just user auth. Added the users in user manager.

BTW, 150.150.. is South Korea, you should use private subnets for vpn tunnels.

1 Like