Project

General

Profile

Actions
Copy link

Bug #9225

closed

Gateway group routing not updated on OpenVPN client reconnect

Added by Alexey Ab almost 6 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Multi-WAN
Target version:
-
Start date:
12/26/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.4_1
Affected Architecture:
amd64

Description

Setup: PFSense 2.3.5 p1, or PFSense 2.4.4-p1

WAN1 - (PPPOE)
WAN2 - VPNV4 - Openvpn client in TUN mode connected via WAN1

Gateway group: Test_Group (VPNV4 - Tier1, WAN1 - Tier2)

Everything works as expected until WAN1 disconnect.

If I disconnect WAN1, WAN2 goes offline too in a minute or two.
When i reconnect WAN1, gateway group is updated (/tmp/rules.debug) with following:

GWWAN1_PPPOE = " route-to ( pppoe0 11.22.33.44 ) "
GWVPN_VPNV4 = " "
GWTest_Group = " route-to { ( pppoe0 11.22.33.44 ) } "

Then in several second OpenVPN goes online, but /tmp/rulse.debug contains following:

GWWAN1_PPPOE = " route-to ( pppoe0 11.22.33.44 ) "
GWVPN_VPNV4 = " route-to ( ovpnc3 10.8.0.5 ) "
GWTest_Group = " route-to { ( pppoe0 11.22.33.44 ) } " //!!! wrong: should be ovpnc3 10.8.0.5 (Tier1)

This is the final state, no matter how long you will wait. All gateways in gateway group are green (online), but routing goes through Tier2 gateway.

If i udpate ANY (even non related to this gateway group) firewall rule, or restart OpenVPN service then routing becomes correct:

GWWAN1_PPPOE = " route-to ( pppoe0 11.22.33.44 ) "
GWVPN_VPNV4 = " route-to ( ovpnc3 10.8.0.5 ) "
GWTest_Group = " route-to ( ovpnc3 10.8.0.5 ) "

So it seems then something is not updated when openvpn reconnects automatically (without restarting it's service).

(posted to forum, but no response: https://forum.netgate.com/topic/136937/pfsense-2-3-5-p1-gateway-group-not-updated-on-openvpn-client-reconnect )

Actions
Copy link
 #1

Updated by Jim Pingle over 5 years ago

  • Target version changed from 48 to 2.5.0
Actions
Copy link
 #2

Updated by Riccardo Di Sarcina over 5 years ago

I too have this exact problem, on multiple installations...

The problem exists with two PPPoE connections too.
Haven't tried with two static public IPs.

Actions
Copy link
 #3

Updated by Jim Pingle over 5 years ago

  • Category changed from Routing to Multi-WAN
Actions
Copy link
 #4

Updated by Viktor Gurov almost 5 years ago

no such issue on pfSense 2.5.0.a.20200119.2335

After disabling/enabling PPPoE link, it set group GW to GWTest_Group=" route-to { ( pppoe0 x.x.x.x ) } ", then, after OpenVPN client is up, it set it to GWTest_Group=" route-to ( ovpnc1 y.y.y.y ) "

Actions
Copy link
 #5

Updated by Jim Pingle almost 5 years ago

  • Status changed from New to Closed
Actions
Copy link
 #6

Updated by Jim Pingle about 4 years ago

  • Target version deleted (2.5.0)
Actions
Copy link
 #7

Updated by Alexey Ab almost 4 years ago

Testing 2.4.5-Release P1.

Automactic switching on reconnecting WAN: working good
Manual switching default gateway and clicking apply: incorrect routing in /tmp/rules.debug, but fixed by applying any firewall rule.
Manual changing gateway groups and clicking apply: incorrect routing in /tmp/rules.debug, but by applying any firewall rule.

Actions
Copy link
 #8

Updated by Viktor Gurov almost 4 years ago

Alexey Ab wrote:

Testing 2.4.5-Release P1.

Automactic switching on reconnecting WAN: working good
Manual switching default gateway and clicking apply: incorrect routing in /tmp/rules.debug, but fixed by applying any firewall rule.
Manual changing gateway groups and clicking apply: incorrect routing in /tmp/rules.debug, but by applying any firewall rule.

no such issues on 2.5.0.a.20201213.0250
Please use the latest 2.5-DEVEL snapshot for testing

see also #10716

Actions
Copy link
 #9

Updated by Alexey Ab almost 4 years ago

Sorry, but it is impossible to use beta product in production environment.

Actions
Copy link

Also available in: Atom PDF