OpenVPN Server Service showing offline but can still connect.
-
Yesterday out of the blue I noticed that one of my OpenVPN server services on the dashboard stated that it wasn't responding but I was still able to connect. I am in a CARP configuration.
NOTE of concern: when I disabled the OpenVPN server, disabled the rules, AND deleted the states associated with that OpenVPN port, not only did the clients reconnect but their static routes were still viable.
Things I did:
Made sure that everyone disconnected their OpenVPN connections
Rebooted the backup
Failed over to backup and rebooted master
disabled the OpenVPN server
disabled related firewall rules.After turning on the OpenVPN server again, I changed the interface from the WAN CARP VIP to the DMZ CARP VIP. Connections are still allowed but the dashboard and the log is till stating there is an issue.
Maximum of 13 people can connect without issue (normal # is 4-6).
Also, not sure if this is relevant, but prior to this issue occurring, I downloaded the config with the management option checkbox checked and downloaded the Win6-x64 and installed with not issues. It was after this (~ 30 mins later) that I noticed the dashboard service having issues. Management interface is pretty nice.
Assistance would be GREATLY appreciated as soon as possible.
Here is the OpenVPN log w/ logging level 6
Nov 2 08:25:36 openvpn 86068 Exiting due to fatal error Nov 2 08:25:36 openvpn 86068 Cannot open TUN/TAP dev /dev/tun2: Device busy (errno=16) Nov 2 08:25:36 openvpn 86068 TUN/TAP device ovpns2 exists previously, keep at program end Nov 2 08:25:36 openvpn 86068 Socket Buffers: R=[42080->42080] S=[57344->57344] Nov 2 08:25:36 openvpn 86068 TLS-Auth MTU parms [ L:1559 D:1172 EF:78 EB:0 ET:0 EL:3 ] Nov 2 08:25:36 openvpn 86068 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication Nov 2 08:25:36 openvpn 86068 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication Nov 2 08:25:36 openvpn 86068 Control Channel Authentication: using '/var/etc/openvpn/server2.tls-auth' as a OpenVPN static key file Nov 2 08:25:36 openvpn 86068 Diffie-Hellman initialized with 2048 bit key Nov 2 08:25:36 openvpn 86068 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Nov 2 08:25:36 openvpn 86068 MANAGEMENT: unix domain socket listening on /var/etc/openvpn/server2.sock Nov 2 08:25:36 openvpn 86036 library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09 Nov 2 08:25:36 openvpn 86036 OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Jul 19 2016 Nov 2 08:25:36 openvpn 86036 auth_user_pass_file = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 pull = DISABLED Nov 2 08:25:36 openvpn 86036 client = DISABLED Nov 2 08:25:36 openvpn 86036 port_share_port = 0 Nov 2 08:25:36 openvpn 86036 port_share_host = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 auth_user_pass_verify_script_via_file = DISABLED Nov 2 08:25:36 openvpn 86036 auth_user_pass_verify_script = '/usr/local/sbin/ovpn_auth_verify user 'Local Database' false server2' Nov 2 08:25:36 openvpn 86036 max_routes_per_client = 256 Nov 2 08:25:36 openvpn 86036 max_clients = 14 Nov 2 08:25:36 openvpn 86036 cf_per = 0 Nov 2 08:25:36 openvpn 86036 cf_max = 0 Nov 2 08:25:36 openvpn 86036 duplicate_cn = DISABLED Nov 2 08:25:36 openvpn 86036 enable_c2c = DISABLED Nov 2 08:25:36 openvpn 86036 push_ifconfig_ipv6_remote = :: Nov 2 08:25:36 openvpn 86036 push_ifconfig_ipv6_local = ::/0 Nov 2 08:25:36 openvpn 86036 push_ifconfig_ipv6_defined = DISABLED Nov 2 08:25:36 openvpn 86036 push_ifconfig_remote_netmask = 0.0.0.0 Nov 2 08:25:36 openvpn 86036 push_ifconfig_local = 0.0.0.0 Nov 2 08:25:36 openvpn 86036 push_ifconfig_defined = DISABLED Nov 2 08:25:36 openvpn 86036 tmp_dir = '/tmp' Nov 2 08:25:36 openvpn 86036 ccd_exclusive = DISABLED Nov 2 08:25:36 openvpn 86036 client_config_dir = '/var/etc/openvpn-csc/server2' Nov 2 08:25:36 openvpn 86036 client_disconnect_script = '/usr/local/sbin/openvpn.attributes.sh' Nov 2 08:25:36 openvpn 86036 learn_address_script = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 client_connect_script = '/usr/local/sbin/openvpn.attributes.sh' Nov 2 08:25:36 openvpn 86036 virtual_hash_size = 256 Nov 2 08:25:36 openvpn 86036 real_hash_size = 256 Nov 2 08:25:36 openvpn 86036 tcp_queue_limit = 64 Nov 2 08:25:36 openvpn 86036 n_bcast_buf = 256 Nov 2 08:25:36 openvpn 86036 ifconfig_ipv6_pool_netbits = 0 Nov 2 08:25:36 openvpn 86036 ifconfig_ipv6_pool_base = :: Nov 2 08:25:36 openvpn 86036 ifconfig_ipv6_pool_defined = DISABLED Nov 2 08:25:36 openvpn 86036 ifconfig_pool_persist_refresh_freq = 600 Nov 2 08:25:36 openvpn 86036 ifconfig_pool_persist_filename = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 ifconfig_pool_netmask = 255.255.255.0 Nov 2 08:25:36 openvpn 86036 ifconfig_pool_end = 192.168.251.253 Nov 2 08:25:36 openvpn 86036 ifconfig_pool_start = 192.168.251.2 Nov 2 08:25:36 openvpn 86036 ifconfig_pool_defined = ENABLED Nov 2 08:25:36 openvpn 86036 push_entry = 'ping-restart 60' Nov 2 08:25:36 openvpn 86036 push_entry = 'ping 10' Nov 2 08:25:36 openvpn 86036 push_entry = 'topology subnet' Nov 2 08:25:36 openvpn 86036 push_entry = 'route-gateway 192.168.251.1' Nov 2 08:25:36 openvpn 86036 push_entry = 'register-dns' Nov 2 08:25:36 openvpn 86036 push_entry = 'route 172.16.3.244 255.255.255.255' Nov 2 08:25:36 openvpn 86036 push_entry = 'route 172.16.3.26 255.255.255.255' Nov 2 08:25:36 openvpn 86036 push_entry = 'route 172.16.1.143 255.255.255.255' Nov 2 08:25:36 openvpn 86036 push_entry = 'route 172.16.3.100 255.255.255.255' Nov 2 08:25:36 openvpn 86036 push_entry = 'route 172.16.3.101 255.255.255.255' Nov 2 08:25:36 openvpn 86036 push_entry = 'route 172.16.2.164 255.255.255.255' Nov 2 08:25:36 openvpn 86036 server_bridge_pool_end = 0.0.0.0 Nov 2 08:25:36 openvpn 86036 server_bridge_pool_start = 0.0.0.0 Nov 2 08:25:36 openvpn 86036 server_bridge_netmask = 0.0.0.0 Nov 2 08:25:36 openvpn 86036 server_bridge_ip = 0.0.0.0 Nov 2 08:25:36 openvpn 86036 server_netbits_ipv6 = 0 Nov 2 08:25:36 openvpn 86036 server_network_ipv6 = :: Nov 2 08:25:36 openvpn 86036 server_netmask = 255.255.255.0 Nov 2 08:25:36 openvpn 86036 server_network = 192.168.251.0 Nov 2 08:25:36 openvpn 86036 tls_auth_file = '/var/etc/openvpn/server2.tls-auth' Nov 2 08:25:36 openvpn 86036 tls_exit = DISABLED Nov 2 08:25:36 openvpn 86036 push_peer_info = DISABLED Nov 2 08:25:36 openvpn 86036 single_session = DISABLED Nov 2 08:25:36 openvpn 86036 transition_window = 3600 Nov 2 08:25:36 openvpn 86036 handshake_window = 60 Nov 2 08:25:36 openvpn 86036 renegotiate_seconds = 3600 Nov 2 08:25:36 openvpn 86036 renegotiate_packets = 0 Nov 2 08:25:36 openvpn 86036 renegotiate_bytes = 0 Nov 2 08:25:36 openvpn 86036 tls_timeout = 2 Nov 2 08:25:36 openvpn 86036 ssl_flags = 2 Nov 2 08:25:36 openvpn 86036 remote_cert_eku = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 remote_cert_ku[i] = 0 Nov 2 08:25:36 openvpn 86036 ns_cert_type = 0 Nov 2 08:25:36 openvpn 86036 crl_file = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 verify_x509_name = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 verify_x509_type = 0 Nov 2 08:25:36 openvpn 86036 tls_export_cert = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 tls_verify = '/usr/local/sbin/ovpn_auth_verify tls 'XXXX_1195' 1' Nov 2 08:25:36 openvpn 86036 cipher_list = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 pkcs12_file = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 priv_key_file = '/var/etc/openvpn/server2.key' Nov 2 08:25:36 openvpn 86036 extra_certs_file = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 cert_file = '/var/etc/openvpn/server2.cert' Nov 2 08:25:36 openvpn 86036 dh_file = '/etc/dh-parameters.2048' Nov 2 08:25:36 openvpn 86036 ca_path = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 ca_file = '/var/etc/openvpn/server2.ca' Nov 2 08:25:36 openvpn 86036 key_method = 2 Nov 2 08:25:36 openvpn 86036 tls_client = DISABLED Nov 2 08:25:36 openvpn 86036 tls_server = ENABLED Nov 2 08:25:36 openvpn 86036 test_crypto = DISABLED Nov 2 08:25:36 openvpn 86036 use_iv = ENABLED Nov 2 08:25:36 openvpn 86036 packet_id_file = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 replay_time = 15 Nov 2 08:25:36 openvpn 86036 replay_window = 64 Nov 2 08:25:36 openvpn 86036 mute_replay_warnings = DISABLED Nov 2 08:25:36 openvpn 86036 replay = ENABLED Nov 2 08:25:36 openvpn 86036 engine = DISABLED Nov 2 08:25:36 openvpn 86036 keysize = 0 Nov 2 08:25:36 openvpn 86036 prng_nonce_secret_len = 16 Nov 2 08:25:36 openvpn 86036 prng_hash = 'SHA1' Nov 2 08:25:36 openvpn 86036 authname = 'SHA256' Nov 2 08:25:36 openvpn 86036 authname_defined = ENABLED Nov 2 08:25:36 openvpn 86036 ciphername = 'AES-256-CFB' Nov 2 08:25:36 openvpn 86036 ciphername_defined = ENABLED Nov 2 08:25:36 openvpn 86036 key_direction = 1 Nov 2 08:25:36 openvpn 86036 shared_secret_file = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 management_flags = 256 Nov 2 08:25:36 openvpn 86036 management_client_group = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 management_client_user = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 management_write_peer_info_file = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 management_echo_buffer_size = 100 Nov 2 08:25:36 openvpn 86036 management_log_history_cache = 250 Nov 2 08:25:36 openvpn 86036 management_user_pass = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 management_port = 0 Nov 2 08:25:36 openvpn 86036 management_addr = '/var/etc/openvpn/server2.sock' Nov 2 08:25:36 openvpn 86036 allow_pull_fqdn = DISABLED Nov 2 08:25:36 openvpn 86036 max_routes = 100 Nov 2 08:25:36 openvpn 86036 route_gateway_via_dhcp = DISABLED Nov 2 08:25:36 openvpn 86036 route_nopull = DISABLED Nov 2 08:25:36 openvpn 86036 route_delay_defined = DISABLED Nov 2 08:25:36 openvpn 86036 route_delay_window = 30 Nov 2 08:25:36 openvpn 86036 route_delay = 0 Nov 2 08:25:36 openvpn 86036 route_noexec = DISABLED Nov 2 08:25:36 openvpn 86036 route_default_metric = 0 Nov 2 08:25:36 openvpn 86036 route_default_gateway = '192.168.251.2' Nov 2 08:25:36 openvpn 86036 route_script = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 lzo = 7 Nov 2 08:25:36 openvpn 86036 fast_io = DISABLED Nov 2 08:25:36 openvpn 86036 sockflags = 0 Nov 2 08:25:36 openvpn 86036 sndbuf = 0 Nov 2 08:25:36 openvpn 86036 rcvbuf = 0 Nov 2 08:25:36 openvpn 86036 occ = ENABLED Nov 2 08:25:36 openvpn 86036 status_file_update_freq = 60 Nov 2 08:25:36 openvpn 86036 status_file_version = 1 Nov 2 08:25:36 openvpn 86036 status_file = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 gremlin = 0 Nov 2 08:25:36 openvpn 86036 mute = 0 Nov 2 08:25:36 openvpn 86036 verbosity = 6 Nov 2 08:25:36 openvpn 86036 nice = 0 Nov 2 08:25:36 openvpn 86036 suppress_timestamps = DISABLED Nov 2 08:25:36 openvpn 86036 log = DISABLED Nov 2 08:25:36 openvpn 86036 inetd = 0 Nov 2 08:25:36 openvpn 86036 daemon = ENABLED Nov 2 08:25:36 openvpn 86036 up_delay = DISABLED Nov 2 08:25:36 openvpn 86036 up_restart = DISABLED Nov 2 08:25:36 openvpn 86036 down_pre = DISABLED Nov 2 08:25:36 openvpn 86036 down_script = '/usr/local/sbin/ovpn-linkdown' Nov 2 08:25:36 openvpn 86036 up_script = '/usr/local/sbin/ovpn-linkup' Nov 2 08:25:36 openvpn 86036 writepid = '/var/run/openvpn_server2.pid' Nov 2 08:25:36 openvpn 86036 cd_dir = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 chroot_dir = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 groupname = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 username = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 resolve_retry_seconds = 1000000000 Nov 2 08:25:36 openvpn 86036 passtos = DISABLED Nov 2 08:25:36 openvpn 86036 persist_key = ENABLED Nov 2 08:25:36 openvpn 86036 persist_remote_ip = ENABLED Nov 2 08:25:36 openvpn 86036 persist_local_ip = DISABLED Nov 2 08:25:36 openvpn 86036 persist_tun = ENABLED Nov 2 08:25:36 openvpn 86036 remap_sigusr1 = 0 Nov 2 08:25:36 openvpn 86036 ping_timer_remote = ENABLED Nov 2 08:25:36 openvpn 86036 ping_rec_timeout_action = 2 Nov 2 08:25:36 openvpn 86036 ping_rec_timeout = 120 Nov 2 08:25:36 openvpn 86036 ping_send_timeout = 10 Nov 2 08:25:36 openvpn 86036 inactivity_timeout = 0 Nov 2 08:25:36 openvpn 86036 keepalive_timeout = 60 Nov 2 08:25:36 openvpn 86036 keepalive_ping = 10 Nov 2 08:25:36 openvpn 86036 mlock = DISABLED Nov 2 08:25:36 openvpn 86036 mtu_test = 0 Nov 2 08:25:36 openvpn 86036 shaper = 0 Nov 2 08:25:36 openvpn 86036 ifconfig_ipv6_remote = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 ifconfig_ipv6_netbits = 0 Nov 2 08:25:36 openvpn 86036 ifconfig_ipv6_local = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 ifconfig_nowarn = DISABLED Nov 2 08:25:36 openvpn 86036 ifconfig_noexec = DISABLED Nov 2 08:25:36 openvpn 86036 ifconfig_remote_netmask = '255.255.255.0' Nov 2 08:25:36 openvpn 86036 ifconfig_local = '192.168.251.1' Nov 2 08:25:36 openvpn 86036 tun_ipv6 = DISABLED Nov 2 08:25:36 openvpn 86036 topology = 3 Nov 2 08:25:36 openvpn 86036 lladdr = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 dev_node = '/dev/tun2' Nov 2 08:25:36 openvpn 86036 dev_type = 'tun' Nov 2 08:25:36 openvpn 86036 dev = 'ovpns2' Nov 2 08:25:36 openvpn 86036 ipchange = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 remote_random = DISABLED Nov 2 08:25:36 openvpn 86036 Connection profiles END Nov 2 08:25:36 openvpn 86036 explicit_exit_notification = 0 Nov 2 08:25:36 openvpn 86036 mssfix = 1450 Nov 2 08:25:36 openvpn 86036 fragment = 0 Nov 2 08:25:36 openvpn 86036 mtu_discover_type = -1 Nov 2 08:25:36 openvpn 86036 tun_mtu_extra_defined = DISABLED Nov 2 08:25:36 openvpn 86036 tun_mtu_extra = 0 Nov 2 08:25:36 openvpn 86036 link_mtu_defined = DISABLED Nov 2 08:25:36 openvpn 86036 link_mtu = 1500 Nov 2 08:25:36 openvpn 86036 tun_mtu_defined = ENABLED Nov 2 08:25:36 openvpn 86036 tun_mtu = 1500 Nov 2 08:25:36 openvpn 86036 socks_proxy_retry = DISABLED Nov 2 08:25:36 openvpn 86036 socks_proxy_port = 0 Nov 2 08:25:36 openvpn 86036 socks_proxy_server = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 connect_retry_max = 0 Nov 2 08:25:36 openvpn 86036 connect_timeout = 10 Nov 2 08:25:36 openvpn 86036 connect_retry_seconds = 5 Nov 2 08:25:36 openvpn 86036 bind_local = ENABLED Nov 2 08:25:36 openvpn 86036 bind_defined = DISABLED Nov 2 08:25:36 openvpn 86036 remote_float = ENABLED Nov 2 08:25:36 openvpn 86036 remote_port = 1194 Nov 2 08:25:36 openvpn 86036 remote = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 local_port = 1195 Nov 2 08:25:36 openvpn 86036 local = '172.16.1.3' Nov 2 08:25:36 openvpn 86036 proto = udp Nov 2 08:25:36 openvpn 86036 Connection profiles [default]: Nov 2 08:25:36 openvpn 86036 show_tls_ciphers = DISABLED Nov 2 08:25:36 openvpn 86036 key_pass_file = '[UNDEF]' Nov 2 08:25:36 openvpn 86036 genkey = DISABLED Nov 2 08:25:36 openvpn 86036 show_engines = DISABLED Nov 2 08:25:36 openvpn 86036 show_digests = DISABLED Nov 2 08:25:36 openvpn 86036 show_ciphers = DISABLED Nov 2 08:25:36 openvpn 86036 mode = 1 Nov 2 08:25:36 openvpn 86036 config = '/var/etc/openvpn/server2.conf' Nov 2 08:25:36 openvpn 86036 Current Parameter Settings: [/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i]