Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Having to manually restart openvpn client after each pfsense reboot

    Scheduled Pinned Locked Moved OpenVPN
    8 Posts 4 Posters 2.9k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      johnha
      last edited by

      When ever I reboot the pfsense server, the openvpn client establishes a connection with the vpn server just fine but traffic does not route through the vpn connection until I login to pfsense -> status -> OpenVPN -> restart.

      what do I need to configure so that a reboot of the server doesn't require manual intervention to route traffic through the vpn ?

      I 1 Reply Last reply Reply Quote 0
      • johnpozJ Online
        johnpoz LAYER 8 Global Moderator
        last edited by johnpoz

        If I had to guess - prob has something to do with your dns... How do you have that setup? Possible unbound starts before the vpn comes up.. Or maybe the other way around - but that would be my guess something hanging up with that process.

        You prob be better off setting unbound to only use localhost for outbound - this way it shouldn't have any issues binding to interface once vpn is up traffic should flow through your vpn for dns, etc.

        On a side note - how often are you rebooting pfsense? Mine has been up for

        148 Days 01 Hour 30 Minutes 32 Seconds

        Which was when I updated it to to 2.4.5p1 ;)

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

        1 Reply Last reply Reply Quote 0
        • J Offline
          johnha
          last edited by

          currently I have my dns/dhcp offloaded to another system, a raspberry pi running pi-hole. I will probably migrate from the pi to pfsense in the future but I have not just yet.

          I just started using surricata on the pfsense so more reboots than I expected, until I get surricata tuned.

          the OpenVPN session with the remote server establishes just fine after a reboot so I don't think it is a dns issue.

          1 Reply Last reply Reply Quote 0
          • johnpozJ Online
            johnpoz LAYER 8 Global Moderator
            last edited by

            Ok if your running your dns off pfsense.. Then that shouldn't be related no..

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

            1 Reply Last reply Reply Quote 0
            • PippinP Offline
              Pippin
              last edited by

              See if adding

              route-delay 5

              to the advanced options box helps...

              I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
              Halton Arp

              1 Reply Last reply Reply Quote 0
              • J Offline
                johnha
                last edited by

                @Pippin said in Having to manually restart openvpn client after each pfsense reboot:

                route-delay 5

                I assumed you meant to add it to the openvpn configuration options box. tried adding "route-delay 5" and rebooting.

                Traffic still routes directly out the WAN connection until I manually restart the OpenVPN service/interface.

                1 Reply Last reply Reply Quote 0
                • J Offline
                  johnha
                  last edited by

                  not sure why but I disabled all the openvpn client interfaces / suricata interfaces / toggled the network adapter offloads / edited the firewall lan rules and then rebooted.

                  added everything back in and rebooted. now everything seems to be coming up in the expected state.

                  1 Reply Last reply Reply Quote 0
                  • I Offline
                    ipguy @johnha
                    last edited by

                    This post is deleted!
                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.