Jump to content

Help: Getting LE container validated through VPN tunnel

2 posts in this topic Last Reply

Recommended Posts



I am trying to get over my cgnat problem and people suggested  online  to  VPN  tunnel to  a  server  with a public IP. Now,  I was able to  connect from  my  pfSense  to the  raspberry  pi with  PiVPN. How can  I  make  the  duckdns validation? 





dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/cert.crt
key /etc/openvpn/easy-rsa/pki/private/key.key
dh none
topology subnet
# Set your primary domain name server address for clients
#site  to site vpn
push "route"
client-config-dir /etc/openvpn/client
push "dhcp-option DNS"
#push "dhcp-option DNS"
#push "dhcp-option DNS"
# Prevent DNS leaks on Windows
push "block-outside-dns"
# Override the Client default gateway by using and
# rather than This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
keepalive 1800 3600
remote-cert-tls client
tls-version-min 1.2
tls-crypt /etc/openvpn/easy-rsa/pki/ta.key
cipher AES-256-CBC
auth SHA256
user nobody
group nogroup
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
verb 3
#DuplicateCNs allow access control on a less-granular, per user basis.
#Remove # if you will manage access by user instead of device.
# Generated for use by PiVPN.io


push "route"


Sometimes I  can  ping  the  pfSense from the PiVPN  but not  vise  versa. Should better opt to try SSH tunnel instead of  OpenVPN site to site?

If  you  need  more information just let  me  know. All suggestions will help!







Edited by emersonicus

Share this post

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now