Project

General

Profile

Actions
Copy link

Bug #11664

closed

Openvpn-Client (2.5) connected but not communicating with the remote network

Added by Victor França Machado de Araújo over 4 years ago. Updated over 4 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
OpenVPN
Target version:
-
Start date:
03/12/2021
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.5.0
Affected Architecture:
amd64

Description

I have openvpn 2.5 clients that normally connect to the tunnel I created, however even with the green openvpn-gui connection in the notification area, I cannot communicate with the remote network. This happens randomly, however I noticed that pfsense is not taking down the vpn user in case of a reconnection.

Obs1: There is a route to the remote network on the client side, checked by the routing table

Obs2: I noticed that if I go to the client and disconnect, it remains as Connected in Status - Openvpn

Obs3: This problem started to happen after upgrading to version 2.5.0

my server configuration is below

dev ovpns2
verb 3
dev-type tun
dev-node /dev/tun2
writepid /var/run/openvpn_server2.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 3600
ping-timer-rem
persist-tun
persist-key
proto udp4
auth SHA256
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
client-connect /usr/local/sbin/openvpn.attributes.sh
client-disconnect /usr/local/sbin/openvpn.attributes.sh
multihome
engine rdrand
tls-server
server 10.90.102.0 255.255.255.0
client-config-dir /var/etc/openvpn/server2/csc
verify-client-cert none
username-as-common-name
plugin /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so /usr/local/sbin/ovpn_auth_verify_async user R0FOLVBEQyxHQU4tQUREUzEsTG9jYWwgRGF0YWJhc2U= false server2 1198
tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'CERT-OPENVPN-GCM' 1"
lport 1198
management /var/etc/openvpn/server2/sock unix
push "route 192.168.1.0 255.255.255.0"
push "route 192.168.2.0 255.255.255.0"
push "dhcp-option DOMAIN MY-DOMAIN.local"
push "dhcp-option DNS 192.168.1.250"
push "dhcp-option DNS 192.168.1.254"
push "register-dns"
capath /var/etc/openvpn/server2/ca
cert /var/etc/openvpn/server2/cert
key /var/etc/openvpn/server2/key
dh /etc/dh-parameters.2048
tls-auth /var/etc/openvpn/server2/tls-auth 0
data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
data-ciphers-fallback AES-256-CBC
allow-compression no
topology subnet
float

My Client configuration is below

dev tun
persist-tun
persist-key
data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
data-ciphers-fallback AES-256-CBC
auth SHA256
tls-client
client
resolv-retry infinite
remote link1.ddns.net 1198 udp4
remote link2.ddns.net 1198 udp
auth-user-pass
remote-cert-tls server
float
auth-nocache
#reneg-sec 0
<ca>
-----BEGIN CERTIFICATE-----
CERT INFORMATION
-----END CERTIFICATE-----
</ca>
setenv CLIENT_CERT 0
key-direction 1
<tls-auth> #
  1. 2048 bit OpenVPN static key #
    -----BEGIN OpenVPN Static key V1-----
    CERT INFORMATION
    -----END OpenVPN Static key V1-----
    </tls-auth>
Actions
Copy link
 #1

Updated by Jim Pingle over 4 years ago

  • Status changed from New to Duplicate

Likely a duplicate of #11575

This site is not for support or diagnostic discussion.

For assistance in solving problems, please post on the Netgate Forum or the pfSense Subreddit .

See Reporting Issues with pfSense Software for more information.

Actions
Copy link

Also available in: Atom PDF