https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162021-08-07T20:47:20ZpfSense bugtrackerpfSense - Bug #12232: OpenVPN status incorrect for TAP servers without a defined tunnel networkhttps://redmine.pfsense.org/issues/12232?journal_id=555442021-08-07T20:47:20ZKris Phillips
<ul></ul><p>I'm not able to reproduce this bug on 21.05.1. This may be a CE-only issue as I can see a status page in TAP mode on both the server and the client without an IPv4 tunnel network specified.</p> pfSense - Bug #12232: OpenVPN status incorrect for TAP servers without a defined tunnel networkhttps://redmine.pfsense.org/issues/12232?journal_id=555582021-08-09T08:30:02ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Confirmed</i></li><li><strong>Assignee</strong> set to <i>Jim Pingle</i></li><li><strong>Target version</strong> set to <i>2.6.0</i></li><li><strong>Plus Target Version</strong> set to <i>21.09</i></li></ul><p>I can reproduce it here using the settings from the XML file already attached on the issue.</p>
<p>Client shows connected, server shows 0 connections.</p>
<p>I'll check it out.</p> pfSense - Bug #12232: OpenVPN status incorrect for TAP servers without a defined tunnel networkhttps://redmine.pfsense.org/issues/12232?journal_id=555592021-08-09T09:20:48ZJim Pingle
<ul></ul><p>When in tap mode with an empty tunnel network, OpenVPN puts the tunnel into "point-to-point" mode which behaves like a static key tunnel or one with a subnet mask like /31 or /30. Basically it only allows one client even though it's SSL/TLS, so it isn't actually in "server" mode since the "server" directive requires a subnet on the interfafce.</p>
<p>I made some adjustments to the code to detect this case and now the status is properly reflected.</p> pfSense - Bug #12232: OpenVPN status incorrect for TAP servers without a defined tunnel networkhttps://redmine.pfsense.org/issues/12232?journal_id=555602021-08-09T09:25:18ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Confirmed</i> to <i>Feedback</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>Applied in changeset <a class="changeset" title="OpenVPN status f/tap+empty tunnel net Fixes #12232" href="https://redmine.pfsense.org/projects/pfsense/repository/2/revisions/6c3bfb7322105ea0ab6f0fa30a8f63787afbb76e">6c3bfb7322105ea0ab6f0fa30a8f63787afbb76e</a>.</p> pfSense - Bug #12232: OpenVPN status incorrect for TAP servers without a defined tunnel networkhttps://redmine.pfsense.org/issues/12232?journal_id=557362021-08-14T10:45:07ZMax Leighton
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Resolved</i></li></ul><p>Tested on:</p>
<p>2.6.0-DEVELOPMENT (amd64)<br />built on Thu Aug 12 01:16:53 EDT 2021<br />FreeBSD 12.2-STABLE</p>
<p>Looks good. I see the client status on the server now. Marking the ticket resolved.</p> pfSense - Bug #12232: OpenVPN status incorrect for TAP servers without a defined tunnel networkhttps://redmine.pfsense.org/issues/12232?journal_id=560142021-08-26T10:53:55ZJim Pingle
<ul><li><strong>Subject</strong> changed from <i>TAP server doesn't show client connection without tunnel IP configured</i> to <i>OpenVPN status incorrect for TAP servers without a defined tunnel network</i></li></ul><p>Updating subject for release notes.</p> pfSense - Bug #12232: OpenVPN status incorrect for TAP servers without a defined tunnel networkhttps://redmine.pfsense.org/issues/12232?journal_id=570772021-10-27T11:59:38ZJim Pingle
<ul><li><strong>Plus Target Version</strong> changed from <i>21.09</i> to <i>22.01</i></li></ul> pfSense - Bug #12232: OpenVPN status incorrect for TAP servers without a defined tunnel networkhttps://redmine.pfsense.org/issues/12232?journal_id=594072022-03-01T02:43:48ZViktor Gurov
<ul><li><strong>Related to</strong> <i><a class="issue tracker-8 status-3 priority-4 priority-default closed" href="/issues/12884">Regression #12884</a>: OpenVPN status display for TAP mode services shows peer-to-peer instead of client list in certain cases</i> added</li></ul>