I followed Tom OpenVPN setup on youtube and it works well on my iPhone. However, when I use the Client Export feature in PFsense and used the Current Windows Installers (2.5.0) in the file and when I connect on my Windows pc it spits back this error
Error Message : https://i.imgur.com/f1L8ZYz.png
Open VPN General Information : https://i.imgur.com/Eq8fXkT.png
Cryptographic Settings 1: https://i.imgur.com/bE5KjC8.png
Cryptographic Settings 2: https://i.imgur.com/TGsvd0L.png
Tunnel Settings : https://i.imgur.com/LoU5td1.png
Client Settings / Ping Settings : https://i.imgur.com/BGGjc2n.png
Advance Configuration : https://i.imgur.com/DZyCeNx.png
Please let me know what I did wrong. I Deleted my original post as I posted it in the wrong sub channel
In Crypto settings 2, do you need to add AES-128-CBC to the right pane?
The error message says, data cipher currently -GCM but it would like -CBC.
Just a thought.
I tried that it didn’t work. Do I need to update my client settings, like re-export it?
I assume you are but, I have to ask. Are you trying to tunnel into a network you are already on or are you really off your internal network from a different public IP?
Your ciphers don’t match, you’ve picked the wrong one.
I suggest you to Enable NCP (Enable Negotiable Cryptographic Parameters) and stick with AES-xx-CBC because CBC is most compatible for support of Hardware Crypto Offload.
Yes just to test it before I travel tomorrow.
So my next question is, Since I’m doing authentication by username, why does my phone and laptop get the same IP, I did my subnet as 192.168.210.0/24 but it both devices will do .2 and it will kick one device off. Do I need to make another user for like JHarrison-iPhone to connect with?
each device that will connect need a different client cert
No need of client certificate.
I just connect 2 pc’s open vpn to pfsense, and my tunnels was 126.96.36.199 and 188.8.131.52.
Open VPN , client export, just user auth. Added the users in user manager.
BTW, 150.150.. is South Korea, you should use private subnets for vpn tunnels.