Use deferred client connections in OpenVPN
New in OpenVPN 2.5 is the ability to use deferred client-connect. See
"The --client-connect option and the connect plugin API allow asynchronous/deferred return of the configuration file in the same way as the auth-plugin."
This eliminates micro-outages on new client connections by deferring the connect script to another process. See:
Details to implement this new functionality are outlined here; see
Updated by Marcos M about 2 years ago
Updated by Ryan Coleman over 1 year ago
Marcos Mendoza wrote in #note-10:
New MR, see: https://redmine.pfsense.org/issues/12267#note-16
Tested this with 22.01 and verified it resolved traffic passing between client 1 and the firewall.
Mar 29 22:38:42 firewall openvpn: 220.127.116.11:45804 [username] Peer Connection Initiated with [AF_INET]18.104.22.168:45804 Mar 29 22:38:42 firewall openvpn: user 'username' authenticated Mar 29 22:38:42 firewall openvpn: username/22.214.171.124:45804 MULTI_sva: pool returned IPv4=10.199.1.3, IPv6=(Not enabled) Mar 29 22:38:42 firewall openvpn: openvpn server 'ovpns2' user 'username' address '126.96.36.199:45804' - connecting Mar 29 22:38:42 firewall openvpn: openvpn server 'ovpns2' user 'username' address '188.8.131.52:45804' - connected