Project

General

Profile

Actions

Bug #11575

closed

OpenVPN clients cannot pass traffic when reconnecting using the same source port

Added by Jim Pingle over 3 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Viktor Gurov
Category:
OpenVPN Client Export
Target version:
-
Start date:
02/28/2021
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:

Description

If an OpenVPN client reconnects immediately after disconnecting, in certain cases it cannot pass traffic.

This appears to be related to the client using the same port when reconnecting. Adding nobind or lport 0 to the client configuration allows it to function as expected. This is viable for remote access clients but not all site-to-site connections which may need to use the same source port in certain cases. We do already default to lport 0 for clients on the firewall.

Initial testing doesn't show it as related to pf states or similar, since clearing the states does not affect this condition.

Since it seems to be a problem in OpenVPN itself, this is mostly for tracking and checking future versions of OpenVPN to see if they solve the problem.


Related issues

Has duplicate Todo #11574: Add "nobind" to exported OpenVPN configurations by defaultDuplicate02/28/2021

Actions
Actions

Also available in: Atom PDF