Bug #8142
closed
OpenVPN client does not remove static route for custom monitor IP
0%
Description
Since upgrading from 2.3.4 to 2.4.2 I've had this problem with my OpenVPN clients that specify a custom monitoring IP address. The client connects fine, but if the client is restarted or disconnects and attempts to restart, etc. it will fail to restart:
/sbin/ifconfig ovpnc3 10.6.0.50 10.6.0.1 mtu 1500 netmask 255.255.0.0 up
This is the command that always fails in the ovpn logs on the restart attempt. The only way to get the tunnel to reconnect is to reboot pfSense.
I've tracked it down to the fact that the static route that is created based on the monitor IP setting for the gateway is not removed. I tried to manually remove the route from the command line (after the tunnel has been disconnected and all the other routes associated with the tunnel have been successfully removed) and it will not delete:
route delete 10.6.0.1 route: writing to routing socket: Address already in use delete host 10.6.0.1 fib 0: gateway uses the same route
In 2.3.x this worked fine with specifying a monitoring IP. My workaround for now is to not specify a monitoring IP for my OVPN gateways. As long as I don't then when the tunnel is disconnected, the route table updates as expected and the tunnel can reconnect without issue. The downside, of course, is that my gateway monitoring is not accurate (as it ends up monitoring its own IP address).
Updated by 
Updated by 
Updated by Anonymous 
Updated by