From owner-freebsd-questions@freebsd.org Mon Sep 4 18:10:44 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E2CA9E1546B for ; Mon, 4 Sep 2017 18:10:44 +0000 (UTC) (envelope-from freebsd@fongaboo.com) Received: from h4lix.wtfayla.net (helix.wtfayla.net [64.246.134.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BD5E28030C for ; Mon, 4 Sep 2017 18:10:44 +0000 (UTC) (envelope-from freebsd@fongaboo.com) Received: from localhost (localhost [127.0.0.1]) by h4lix.wtfayla.net (Postfix) with ESMTP id B882182B26D; Mon, 4 Sep 2017 14:10:40 -0400 (EDT) Received: from h4lix.wtfayla.net ([127.0.0.1]) by localhost (h4lix.wtfayla.net [127.0.0.1]) (maiad, port 10024) with ESMTP id 61693-01; Mon, 4 Sep 2017 14:10:40 -0400 (EDT) Received: from h4lix.wtfayla.net (h4lix.wtfayla.net [64.246.134.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by h4lix.wtfayla.net (Postfix) with ESMTPS id 4DC0982B256; Mon, 4 Sep 2017 14:10:40 -0400 (EDT) Date: Mon, 4 Sep 2017 14:10:39 -0400 (EDT) From: Fongaboo X-X-Sender: fongaboo@h4lix.wtfayla.net To: FreeBSD Mailing List cc: Ian Smith Subject: Re: STUMPED: Setting up OpenVPN server on FreeBSD (self.freebsd) In-Reply-To: Message-ID: References: <20170827164229.W23641@sola.nimnet.asn.au> <20170828150306.R23641@sola.nimnet.asn.au> <20170828150926.U23641@sola.nimnet.asn.au> User-Agent: Alpine 2.20 (BSF 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Sep 2017 18:10:45 -0000 Sorry I faded away there... This issue dragged on long enough that life started setting different priorities. I got a bare metal machine to try it on, but that brought further complexities... as the ports/pkgs for OpenVPN and EasyRSA greatly differed between FreeBSD 10.2 and 11.1. I put this on the back burner for now, as I was able to set up SSH tunnel to the bare metal box and then use an app called Proxifier to route my traffic on my PC and Mac. But it brings to mind a question... Why are SSH tunnels pretty turnkey to setup, and OpenVPN takes so much configuration (of both the app and the host OS's networking)? When I tunnel SSH, it 'just works' and my client machine uses the FreeBSD machine's gateway as its own. Thank you to everyone that provided very meaningful troubleshooting. I plan to dig back into this when I have more time. On Mon, 28 Aug 2017, Ultima wrote: >> It should do, though I'm not familiar with the AWS setup you're using re >> inside and outside interfaces, whether bridging as well, etc. I think >> Richard (Ultima) has and can provide much more useful advice about that. > > Want to note that I have zero experience with ipfw, natd as well as Amazon > AWS. My knowledge is assuming that FreeBSD pf and OpenVPN will run as > they would on a bare metal. Have used digital ocean with a similar > configuration > successfully as well. > > Hope this helps, > Richard Gallamore > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >