search

kylemanna / docker-openvpn

🔒 OpenVPN server in a Docker container complete with an EasyRSA PKI CA
https://hub.docker.com/r/kylemanna/openvpn/
MIT License
8.62k stars 2.37k forks source link

need help for pfsense client configuration #706

Open HrRobert opened 1 year ago

HrRobert commented 1 year ago

Hi there, i am followed the standard instructions to set up the openvpn docker on my vps and everything works perfectly fine when I import the .ovpn configuration to my Android mobile phone.

However, on my netgate appliance with pfsense 2.5 installed, I am importing the .ovpn file via client import. And I am just not able to establish a connection.

In the docker log I can see that there is some problem with the TLS authentication :

Authenticate/Decrypt packet error: packet HMAC authentication failed TLS Error: incoming packet authentication failed

I spend already hours to find the right configuration but no success. I hope that someone can give me a hint what could be wrong.

I made some screenshots of my crucial configuration settings :

image image image image

Any help would be highly appreciated!

mousta0x commented 1 year ago

What worked for me was changing Fallback Data Encryption Algorithm to AES-256-GCM then updating the server's cipher and hmac algos in /etc/openvpn.conf

auth SHA256
cipher AES-256-GCM

Also you might want to look into crypto acceleration (assuming AES-NI is supported by your hw). Good Luck!