Why Should I Use a VPN

OK, just to be clear. You should be working on the Xubuntu VM now. AirVPN should be disconnected in the host. pfSense should be connecting to AirVPN, and show as "up" in OpenVPN status. And Firefox in Xubuntu should see the Internet, and show the right AirVPN exit IP address.

Firefox in the host machine should be unable to connect to anything, unless you've disabled the Comodo rules that secure the host VPN. Then it should show your true IP address.

That looks OK. The key thing is "Initialization Sequence Completed". Unless that's followed immediately by VPN reconnection attempts, you're cool. The pfSense management stuff just means that nothing is using the connection, so pfSense is saying "WTF is this for?".

OK, to keep things simple, shut down the host's AirVPN client so it doesn't connect. And disable the Comodo VPN rules.

If you're getting OpenVPN status in pfSense as "up", and see "Initialization Sequence Completed" with no immediate VPN reconnection attempts, the VPN connection is working. So there's probably something wrong with outbound NAT and/or DNS server setup.

Open a terminal, and run "ping 4.2.2.2" (or whatever IP you'd like to ping). If you get responses, you know that outbound NAT is OK. If you get no response, kill the command with Ctrl-C, and try "ping 192.168.1.1". That has to work, because you're connecting to that IP with Firefox

If you can ping any Internet IP address, double check the DNS server setup in pfSense. Open the "System: General Setup" page. Under "DNS servers", you should have two of your favorite public Internet DNS servers, such as OpenDNS (208.67.220.220 and 208.67.222.222) or whatever, as long as they're reliable.

Both "Allow DNS server list to be overridden ..." and "Do not use the DNS Forwarder ..." should be unchecked.

Under "Firewall: NAT: Outbound", "Manual Outbound NAT rule generation" should be selected, and should have been saved when you did the setup. The middle mapping, "Auto created rule for LAN to WAN" should have been edited to "Rule for LAN to OpenVPN" by changing "Interface" from "WAN" to "OpenVPN", and saving. Basically, that tells pfSense that LAN gets to the internet through the OpenVPN tunnel, rather than through the WAN interface.

Nothing else in "Firewall" should be changed from default yet.

Under "Services", "DHCP Relay" should be disabled. "DNS Forwarder" should also be disabled.

"Services: DHCP Server" should be enabled on LAN interface, by default. The IP range should be 192.168.1.100 to 192.168.1.199 by default, but you can reduce that if you like, and also set up static mappings etc. But wait until it works before trying that.

For "DNS servers" you should have "10.4.0.1" (from the AirVPN connection log string "dhcp-option DNS 10.4.0.1"). That overrides the DNS servers entered in "System: General Setup". They get used by pfSense, but LAN clients get the AirVPN DNS server.

Everything else in "Services: DHCP Server", and all other Services, should be left using the defaults.

Sweet dreams

 

It is a lot of work, I admit. But, once you learn how to use pfSense etc router VMs, all sorts of cool tricks are easily possible.

 

well im back , damn that was a long rest , lols , anyhow gona continue , thats if pfsense lets me , lols

update :

PING 4.2.2.2 (4.2.2.2) 56(84) bytes of data.
64 bytes from 4.2.2.2: icmp_req=1 ttl=250 time=35.1 ms
64 bytes from 4.2.2.2: icmp_req=2 ttl=250 time=33.2 ms
64 bytes from 4.2.2.2: icmp_req=3 ttl=250 time=40.8 ms
64 bytes from 4.2.2.2: icmp_req=4 ttl=250 time=32.4 ms
64 bytes from 4.2.2.2: icmp_req=5 ttl=250 time=40.6 ms
64 bytes from 4.2.2.2: icmp_req=6 ttl=250 time=42.0 ms
64 bytes from 4.2.2.2: icmp_req=7 ttl=250 time=35.1 ms
64 bytes from 4.2.2.2: icmp_req=8 ttl=250 time=39.3 ms
64 bytes from 4.2.2.2: icmp_req=9 ttl=250 time=32.9 ms
64 bytes from 4.2.2.2: icmp_req=10 ttl=250 time=41.9 ms
64 bytes from 4.2.2.2: icmp_req=11 ttl=250 time=33.2 ms
64 bytes from 4.2.2.2: icmp_req=12 ttl=250 time=36.0 ms
64 bytes from 4.2.2.2: icmp_req=13 ttl=250 time=32.9 ms
64 bytes from 4.2.2.2: icmp_req=14 ttl=250 time=40.4 ms
64 bytes from 4.2.2.2: icmp_req=15 ttl=250 time=36.3 ms
64 bytes from 4.2.2.2: icmp_req=16 ttl=250 time=33.7 ms
64 bytes from 4.2.2.2: icmp_req=17 ttl=250 time=35.4 ms
64 bytes from 4.2.2.2: icmp_req=18 ttl=250 time=34.4 ms
64 bytes from 4.2.2.2: icmp_req=19 ttl=250 time=32.5 ms
64 bytes from 4.2.2.2: icmp_req=20 ttl=250 time=34.8 ms
64 bytes from 4.2.2.2: icmp_req=21 ttl=250 time=34.1 ms
64 bytes from 4.2.2.2: icmp_req=22 ttl=250 time=33.3 ms
64 bytes from 4.2.2.2: icmp_req=23 ttl=250 time=35.5 ms
64 bytes from 4.2.2.2: icmp_req=24 ttl=250 time=35.7 ms
64 bytes from 4.2.2.2: icmp_req=25 ttl=250 time=34.0 ms
64 bytes from 4.2.2.2: icmp_req=26 ttl=250 time=34.5 ms
64 bytes from 4.2.2.2: icmp_req=27 ttl=250 time=34.8 ms
64 bytes from 4.2.2.2: icmp_req=28 ttl=250 time=34.9 ms
64 bytes from 4.2.2.2: icmp_req=29 ttl=250 time=35.4 ms
64 bytes from 4.2.2.2: icmp_req=30 ttl=250 time=35.9 ms
64 bytes from 4.2.2.2: icmp_req=31 ttl=250 time=35.6 ms
64 bytes from 4.2.2.2: icmp_req=32 ttl=250 time=35.6 ms
64 bytes from 4.2.2.2: icmp_req=33 ttl=250 time=33.8 ms
64 bytes from 4.2.2.2: icmp_req=34 ttl=250 time=35.6 ms
64 bytes from 4.2.2.2: icmp_req=35 ttl=250 time=33.3 ms
64 bytes from 4.2.2.2: icmp_req=36 ttl=250 time=32.1 ms
64 bytes from 4.2.2.2: icmp_req=37 ttl=250 time=38.2 ms
64 bytes from 4.2.2.2: icmp_req=38 ttl=250 time=33.5 ms
64 bytes from 4.2.2.2: icmp_req=39 ttl=250 time=35.1 ms
64 bytes from 4.2.2.2: icmp_req=40 ttl=250 time=32.3 ms
64 bytes from 4.2.2.2: icmp_req=41 ttl=250 time=33.5 ms
64 bytes from 4.2.2.2: icmp_req=42 ttl=250 time=33.3 ms
64 bytes from 4.2.2.2: icmp_req=43 ttl=250 time=35.1 ms
^C
--- 4.2.2.2 ping statistics ---
43 packets transmitted, 43 received, 0% packet loss, time 42068ms
rtt min/avg/max/mdev = 32.185/35.350/42.018/2.568 ms



PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_req=1 ttl=64 time=0.163 ms
64 bytes from 192.168.1.1: icmp_req=2 ttl=64 time=0.154 ms
64 bytes from 192.168.1.1: icmp_req=3 ttl=64 time=0.140 ms
64 bytes from 192.168.1.1: icmp_req=4 ttl=64 time=0.137 ms
64 bytes from 192.168.1.1: icmp_req=5 ttl=64 time=0.148 ms
64 bytes from 192.168.1.1: icmp_req=6 ttl=64 time=0.135 ms
64 bytes from 192.168.1.1: icmp_req=7 ttl=64 time=0.131 ms
64 bytes from 192.168.1.1: icmp_req=8 ttl=64 time=0.138 ms
64 bytes from 192.168.1.1: icmp_req=9 ttl=64 time=0.134 ms
64 bytes from 192.168.1.1: icmp_req=10 ttl=64 time=0.136 ms
64 bytes from 192.168.1.1: icmp_req=11 ttl=64 time=0.134 ms
64 bytes from 192.168.1.1: icmp_req=12 ttl=64 time=0.146 ms
64 bytes from 192.168.1.1: icmp_req=13 ttl=64 time=0.146 ms
64 bytes from 192.168.1.1: icmp_req=14 ttl=64 time=0.143 ms
64 bytes from 192.168.1.1: icmp_req=15 ttl=64 time=0.142 ms
64 bytes from 192.168.1.1: icmp_req=16 ttl=64 time=0.142 ms
64 bytes from 192.168.1.1: icmp_req=17 ttl=64 time=0.144 ms
64 bytes from 192.168.1.1: icmp_req=18 ttl=64 time=0.144 ms
64 bytes from 192.168.1.1: icmp_req=19 ttl=64 time=0.144 ms
64 bytes from 192.168.1.1: icmp_req=20 ttl=64 time=0.139 ms
64 bytes from 192.168.1.1: icmp_req=21 ttl=64 time=0.173 ms
64 bytes from 192.168.1.1: icmp_req=22 ttl=64 time=0.141 ms
64 bytes from 192.168.1.1: icmp_req=23 ttl=64 time=0.158 ms
64 bytes from 192.168.1.1: icmp_req=24 ttl=64 time=0.161 ms
64 bytes from 192.168.1.1: icmp_req=25 ttl=64 time=0.150 ms
64 bytes from 192.168.1.1: icmp_req=26 ttl=64 time=0.150 ms
^C
--- 192.168.1.1 ping statistics ---
26 packets transmitted, 26 received, 0% packet loss, time 24998ms
rtt min/avg/max/mdev = 0.131/0.145/0.173/0.011 ms
freddy@ubuntu:~$









Jan 16 20:27:55 openvpn[60790]: client = ENABLED
Jan 16 20:27:55 openvpn[60790]: pull = ENABLED
Jan 16 20:27:55 openvpn[60790]: auth_user_pass_file = '/var/etc/openvpn/client-cred'
Jan 16 20:27:55 openvpn[60790]: OpenVPN 2.2.0 amd64-portbld-freebsd8.1 [SSL] [LZO2] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Aug 11 2011
Jan 16 20:27:55 openvpn[60790]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
Jan 16 20:27:55 openvpn[60790]: WARNING: file '/var/etc/openvpn/client-cred' is group or others accessible
Jan 16 20:27:55 openvpn[60790]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jan 16 20:27:55 openvpn[60790]: LZO compression initialized
Jan 16 20:27:55 openvpn[60790]: Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:0 ]
Jan 16 20:27:55 openvpn[60790]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Jan 16 20:27:55 openvpn[60790]: Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Jan 16 20:27:55 openvpn[60790]: Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Jan 16 20:27:55 openvpn[60790]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Jan 16 20:27:55 openvpn[60790]: Local Options hash (VER=V4): 'cec76cab'
Jan 16 20:27:55 openvpn[60790]: Expected Remote Options hash (VER=V4): '0baf0d68'
Jan 16 20:27:55 openvpn[61001]: UDPv4 link local (bound): [AF_INET]10.0.2.15
Jan 16 20:27:55 openvpn[61001]: UDPv4 link remote: [AF_INET]94.185.85.170:443
Jan 16 20:27:55 openvpn[61001]: TLS: Initial packet from [AF_INET]94.185.85.170:443, sid=7669ff8e 2f195602
Jan 16 20:27:55 openvpn[61001]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jan 16 20:27:55 openvpn[61001]: VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org
Jan 16 20:27:55 openvpn[61001]: VERIFY OK: nsCertType=SERVER
Jan 16 20:27:55 openvpn[61001]: VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org
Jan 16 20:27:56 openvpn[61001]: WARNING: 'keydir' is present in local config but missing in remote config, local='keydir 0'
Jan 16 20:27:56 openvpn[61001]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Jan 16 20:27:56 openvpn[61001]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 16 20:27:56 openvpn[61001]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Jan 16 20:27:56 openvpn[61001]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 16 20:27:56 openvpn[61001]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jan 16 20:27:56 openvpn[61001]: [server] Peer Connection Initiated with [AF_INET]94.185.85.170:443
Jan 16 20:27:58 openvpn[61001]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Jan 16 20:27:58 openvpn[61001]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.6.38 10.4.6.37'
Jan 16 20:27:58 openvpn[61001]: OPTIONS IMPORT: timers and/or timeouts modified
Jan 16 20:27:58 openvpn[61001]: OPTIONS IMPORT: LZO parms modified
Jan 16 20:27:58 openvpn[61001]: OPTIONS IMPORT: --ifconfig/up options modified
Jan 16 20:27:58 openvpn[61001]: OPTIONS IMPORT: route options modified
Jan 16 20:27:58 openvpn[61001]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Jan 16 20:27:58 openvpn[61001]: ROUTE default_gateway=10.0.2.2
Jan 16 20:27:58 openvpn[61001]: TUN/TAP device /dev/tun1 opened
Jan 16 20:27:58 openvpn[61001]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Jan 16 20:27:58 openvpn[61001]: /sbin/ifconfig ovpnc1 10.4.6.38 10.4.6.37 mtu 1500 netmask 255.255.255.255 up
Jan 16 20:27:58 openvpn[61001]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1558 10.4.6.38 10.4.6.37 init
Jan 16 20:27:58 openvpn[61001]: /sbin/route add -net 94.185.85.170 10.0.2.2 255.255.255.255
Jan 16 20:27:58 openvpn[61001]: /sbin/route add -net 0.0.0.0 10.4.6.37 128.0.0.0
Jan 16 20:27:58 openvpn[61001]: /sbin/route add -net 128.0.0.0 10.4.6.37 128.0.0.0
Jan 16 20:27:58 openvpn[61001]: /sbin/route add -net 10.4.0.1 10.4.6.37 255.255.255.255
Jan 16 20:27:58 openvpn[61001]: Initialization Sequence Completed
Jan 16 20:28:02 openvpn[61001]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Jan 16 20:28:02 openvpn[61001]: MANAGEMENT: CMD 'state 1'
Jan 16 20:28:02 openvpn[61001]: MANAGEMENT: CMD 'status 2'
Jan 16 20:28:02 openvpn[61001]: MANAGEMENT: Client disconnected


ok so ive disabled comodo vpn rules , now my host uses my real ip ,ive set the dns to 8.8.8.8 in my physical network adapter on my host, still no success on connecting to firefox in ubuntu vm , damn this is harder than it suppose to be


currently set to private browsing and ive did all the instructed things , still no internet on firefox, if it matters ive set my physical adapter and tap adapter to public and disabled netbios on both

my physical adapters ip is static and my gateway is a non default ip ive setup in my router

 

OK, that tells me that the AirVPN tunnel is up, and that you can ping through it. If you can't resolve any URLs, DNS lookup must not be working right.

Do one other check, from Firefox in your Ubuntu VM. Try accessing Google, using one of its numeric IP addresses:

If that works, open pfSense "Services: DHCP Server", and try replacing the AirVPN DNS server ("10.4.0.1") with one of your favorite public DNS servers.

Getting it to work the first time is hard, I admit. And sometimes, with some VPN providers, it just won't work. But I know that it works with AirVPN, because I've done it.

You're really close, so don't despair

 

god damn it

www.google.com has address 173.194.70.103
www.google.com has address 173.194.70.106
www.google.com has address 173.194.70.147
www.google.com has address 173.194.70.105
www.google.com has address 173.194.70.99
www.google.com has address 173.194.70.104


all work , just everything else like selecting wilders from search wont, wtf?

public dns , like wich one 8.8.8.8?

 

OK, so it clearly is a DNS problem.

Sure. Use any one you want. Except for your ISP's, of course

 

still not working ive just tried 8.8.8.8 no luck , jesus


Jan 16 20:28:02 openvpn[61001]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Jan 16 20:28:02 openvpn[61001]: MANAGEMENT: CMD 'state 1'
Jan 16 20:28:02 openvpn[61001]: MANAGEMENT: CMD 'status 2'
Jan 16 20:28:02 openvpn[61001]: MANAGEMENT: Client disconnected
Jan 16 20:39:26 openvpn[61001]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Jan 16 20:39:26 openvpn[61001]: MANAGEMENT: CMD 'state 1'
Jan 16 20:39:26 openvpn[61001]: MANAGEMENT: CMD 'status 2'
Jan 16 20:39:26 openvpn[61001]: MANAGEMENT: Client disconnected
Jan 16 19:58:29 openvpn[61001]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Jan 16 19:58:29 openvpn[61001]: MANAGEMENT: CMD 'state 1'
Jan 16 19:58:29 openvpn[61001]: MANAGEMENT: CMD 'status 2'
Jan 16 19:58:29 openvpn[61001]: MANAGEMENT: Client disconnected
Jan 16 20:28:01 openvpn[61001]: TLS: soft reset sec=0 bytes=77561/0 pkts=821/0
Jan 16 20:28:01 openvpn[61001]: VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org
Jan 16 20:28:01 openvpn[61001]: VERIFY OK: nsCertType=SERVER
Jan 16 20:28:01 openvpn[61001]: VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org
Jan 16 20:28:07 openvpn[61001]: WARNING: 'keydir' is present in local config but missing in remote config, local='keydir 0'
Jan 16 20:28:07 openvpn[61001]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Jan 16 20:28:07 openvpn[61001]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 16 20:28:07 openvpn[61001]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Jan 16 20:28:07 openvpn[61001]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 16 20:28:07 openvpn[61001]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jan 16 20:47:12 openvpn[61001]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Jan 16 20:47:12 openvpn[61001]: MANAGEMENT: CMD 'state 1'
Jan 16 20:47:12 openvpn[61001]: MANAGEMENT: CMD 'status 2'
Jan 16 20:47:12 openvpn[61001]: MANAGEMENT: Client disconnected
Jan 16 21:05:52 openvpn[61001]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Jan 16 21:05:52 openvpn[61001]: MANAGEMENT: CMD 'state 1'
Jan 16 21:05:52 openvpn[61001]: MANAGEMENT: CMD 'status 2'
Jan 16 21:05:52 openvpn[61001]: MANAGEMENT: Client disconnected

 

That's odd. We know that Firefox in the Ubuntu VM can connect to Google IP addresses. But DNS resolution isn't working, even with a public DNS server.

OK, try this:

What IP address does it report? AirVPN's or your ISP?

 

nope both dont work get a server not found notification

 

Huh?

So, you said that 173.194.70.103 gives you Google, right?

But 67.203.139.148 and 66.80.82.69 give you nothing?

If that's so, then I need to think about this some.

 

yeah , ive never been this mindboggled in a while -.-'

 

I don't know what's messed up. Rather than ask many questions, it would be very helpful if you could email some screenshots to me. And make sure to obscure anything too private in them! What I'd like are these pages from the pfSense web GUI:

System: Certificate Authority Manager: CAs
System: Certificate Authority Manager: Certificates
System: General Setup
Firewall: NAT: Outbound
Firewall: Rules: WAN
Firewall: Rules: LAN
Firewall: Rules: OpenVPN
Services: DHCP server
Services: DNS forwarder
OpenVPN: Client (after opening client to edit)

Just ZIP them, and send the ZIP archive to <mirimir@vmail.me>.

 

ok ill do that asap
update>


ive just sent you the package

 

OK, thanks, got it.

I'll report later tonight.

But hey, contratulations -- you're almost there. It's just some silly little thing, I'm sure.

 

hope your right

 

Hey just wondering if you got a response from us? If not, please do let me know You can e-mail me directly at reuben [a] bolehvpn dot net

 

Hi Reuben, I did get response and I've found that you and Chris have been very helpful and I did pay for a week trial but after a couple of days I just felt that a VPN wasn't for me. Your willingness to be help was the main reason I did pick Boleh.

 

@happyyarou666

Hey, I got distracted last night. I'll review the screenshots soon.

 

@happyyarou666

I found my old AirVPN notes, and see a few things to change.

In the Advanced box in OpenVPN client, remove the "auth-user-pass /var/etc/openvpn client-cred" string. You can also delete the "client-cred" file from /var/etc/openvpn if you want. I forgot that AirVPN doesn't use password authentication.

Also remove the "key-direction 1" string, and add "explicit-exit-notify 5" (using ";" as string separator).

In "Services | DHCP server" use 10.4.0.1 as DNS server. My notes say that it worked.

Also, try connecting to other AirVPN servers. Maybe you picked one that was wedged or maxed out.

Other than that, everything else matches my old working configuration.

 

no i dont select servers that are wedged or maxed out mirimir -.- ,theyre far from maxed or anything else , how do i know, cause air has live server bandwith monitoring to make sure people get what they pay for , and they always do, anyhow gona go and continue this


btw airvpn does use a username and password for signing in in its openvpn client , then from there you select a server , just saying


btw this is how advanced under openvpn client looks like


ns-cert-type server;explicit-exit-notify 5;redirect-gateway def1;verb 5



Jan 18 00:33:19 openvpn[23734]: Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:0 ]
Jan 18 00:33:19 openvpn[23734]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Jan 18 00:33:19 openvpn[23734]: Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Jan 18 00:33:19 openvpn[23734]: Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Jan 18 00:33:19 openvpn[23734]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Jan 18 00:33:19 openvpn[23734]: Local Options hash (VER=V4): '22188c5b'
Jan 18 00:33:19 openvpn[23734]: Expected Remote Options hash (VER=V4): 'a8f55717'
Jan 18 00:33:19 openvpn[23912]: UDPv4 link local (bound): [AF_INET]10.0.2.15
Jan 18 00:33:19 openvpn[23912]: UDPv4 link remote: [AF_INET]94.185.85.170:443
Jan 18 00:33:19 openvpn[23912]: TLS: Initial packet from [AF_INET]94.185.85.170:443, sid=8ee62df5 739c012c
Jan 18 00:33:19 openvpn[23912]: VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org
Jan 18 00:33:19 openvpn[23912]: VERIFY OK: nsCertType=SERVER
Jan 18 00:33:19 openvpn[23912]: VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org
Jan 18 00:33:20 openvpn[23912]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Jan 18 00:33:20 openvpn[23912]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 18 00:33:20 openvpn[23912]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Jan 18 00:33:20 openvpn[23912]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 18 00:33:20 openvpn[23912]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jan 18 00:33:20 openvpn[23912]: [server] Peer Connection Initiated with [AF_INET]94.185.85.170:443
Jan 18 00:33:22 openvpn[23912]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Jan 18 00:33:22 openvpn[23912]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.6.38 10.4.6.37'
Jan 18 00:33:22 openvpn[23912]: OPTIONS IMPORT: timers and/or timeouts modified
Jan 18 00:33:22 openvpn[23912]: OPTIONS IMPORT: LZO parms modified
Jan 18 00:33:22 openvpn[23912]: OPTIONS IMPORT: --ifconfig/up options modified
Jan 18 00:33:22 openvpn[23912]: OPTIONS IMPORT: route options modified
Jan 18 00:33:22 openvpn[23912]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Jan 18 00:33:22 openvpn[23912]: ROUTE default_gateway=10.0.2.2
Jan 18 00:33:22 openvpn[23912]: TUN/TAP device /dev/tun1 opened
Jan 18 00:33:22 openvpn[23912]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Jan 18 00:33:22 openvpn[23912]: /sbin/ifconfig ovpnc1 10.4.6.38 10.4.6.37 mtu 1500 netmask 255.255.255.255 up
Jan 18 00:33:22 openvpn[23912]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1558 10.4.6.38 10.4.6.37 init
Jan 18 00:33:22 openvpn[23912]: /sbin/route add -net 94.185.85.170 10.0.2.2 255.255.255.255
Jan 18 00:33:22 openvpn[23912]: /sbin/route add -net 0.0.0.0 10.4.6.37 128.0.0.0
Jan 18 00:33:22 openvpn[23912]: /sbin/route add -net 128.0.0.0 10.4.6.37 128.0.0.0
Jan 18 00:33:22 openvpn[23912]: /sbin/route add -net 10.4.0.1 10.4.6.37 255.255.255.255
Jan 18 00:33:22 openvpn[23912]: Initialization Sequence Completed
Jan 18 00:33:29 openvpn[23912]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Jan 18 00:33:29 openvpn[23912]: MANAGEMENT: CMD 'state 1'
Jan 18 00:33:29 openvpn[23912]: MANAGEMENT: CMD 'status 2'
Jan 18 00:33:29 openvpn[23912]: MANAGEMENT: Client disconnected
Jan 18 00:36:16 openvpn[23912]: event_wait : Interrupted system call (code=4)
Jan 18 00:36:16 openvpn[23912]: SIGTERM received, sending exit notification to peer
Jan 18 00:36:21 openvpn[23912]: TCP/UDP: Closing socket
Jan 18 00:36:21 openvpn[23912]: /sbin/route delete -net 10.4.0.1 10.4.6.37 255.255.255.255
Jan 18 00:36:21 openvpn[23912]: /sbin/route delete -net 94.185.85.170 10.0.2.2 255.255.255.255
Jan 18 00:36:21 openvpn[23912]: /sbin/route delete -net 0.0.0.0 10.4.6.37 128.0.0.0
Jan 18 00:36:21 openvpn[23912]: /sbin/route delete -net 128.0.0.0 10.4.6.37 128.0.0.0
Jan 18 00:36:21 openvpn[23912]: Closing TUN/TAP interface
Jan 18 00:36:21 openvpn[23912]: /usr/local/sbin/ovpn-linkdown ovpnc1 1500 1558 10.4.6.38 10.4.6.37 init
Jan 18 00:36:21 openvpn[23912]: SIGTERM[soft,exit-with-notification] received, process exiting




little problem now im getting net access, but the wrong one , its my real ip !

with openvpn client set to enabled and double checked it running in status it was up

 

OK. But still, it might be worth checking other servers. At least, use one that works on your host machine. I presume that you did that

 

lols i am using airvpn as we speak all the time with its dns set in my physical adapter and my vpn tap adapter rules running , thats unless i have to deactivate it in order to use in the vm , wich as said is kinda not working as above

screenshots, lemme know ill send some if you want,

 

update> my bad , dont know what was up , but its still the same as yesterday , not working not connecting to anything else than


www.google.com has address 173.194.70.103
www.google.com has address 173.194.70.106
www.google.com has address 173.194.70.147
www.google.com has address 173.194.70.105
www.google.com has address 173.194.70.99
www.google.com has address 173.194.70.104


it does work when i disable the vm openvpn client thou , lols , since it then uses my host machine vpn connection, ive been able to observe

 

OK, I found an old AirVPN pfSense VM. I don't have an account, but I know that it worked fine when I did. And there's definitely no "auth-user-pass /var/etc/openvpn client-cred" string in the client Advanced, and no "client-cred" in /var/etc/openvpn. The Windows GUI may have a password, but I've never used it.

That's what I've got.

That should never happen, once you edit outbound NAT. LAN can't get to WAN except through the OpenVPN client. Check the virtual adapter setup in your Ubuntu VM. It sould be connected to the pfSense-hosted internal network.

It seems like some networking thing is broken in your pfSense VM. At this point, it may be best to start again with a fresh pfSense install.

One last thing, though. Please go to "Diagnostics: Edit file", browse to /var/etc/openvpn, and open "client1.conf". Copy the contents, and paste into a text file. Then compress and email to me <mirimir@vmail.me>.

 

OK, are you 100% sure that you're not connected to AirVPN in the host when you're testing the pfSense setup?