Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Site to Site OpenVPN stops working after upgrade to 22.05

    OpenVPN
    2
    10
    697
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      solarhacker
      last edited by

      Upgraded to pfsense 22.05, fully functional site to site OpenVPN stop working after upgrade.
      Using Peer to Peer (SSL/TLS)
      IPv4 Tunnel Network 10.0.6.0/24
      IPv4 Remote network(s) 192.168.1.40/24

      Seeing

      OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.1.40
      OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options

      Did save configuration before upgrading

      OpenVPN to work stopped working
      OpenVPN connection to PureVPN for port forwarding around CGNAT works fine after upgrade.

      What do I need to change to make OpenVPN work again

      R 1 Reply Last reply Reply Quote 0
      • R
        rcoleman-netgate Netgate @solarhacker
        last edited by

        @solarhacker said in Site to Site OpenVPN stops working after upgrade to 22.05:

        What do I need to change to make OpenVPN work again

        What do the logs say is happening?

        Ryan
        Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
        Requesting firmware for your Netgate device? https://go.netgate.com
        Switching: Mikrotik, Netgear, Extreme
        Wireless: Aruba, Ubiquiti

        S 1 Reply Last reply Reply Quote 0
        • S
          solarhacker @rcoleman-netgate
          last edited by

          @rcoleman-netgate

          No configuration items were changed after upgrading to 22.05

          OpenVPN log

          Screenshot from 2022-12-26 17-52-15.png

          R 1 Reply Last reply Reply Quote 0
          • R
            rcoleman-netgate Netgate @solarhacker
            last edited by

            @solarhacker You haven't mentioned what version you were upgrading to 22.05 from.

            I suspect the log file here is telling you exactly what you're missing.

            Ryan
            Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
            Requesting firmware for your Netgate device? https://go.netgate.com
            Switching: Mikrotik, Netgear, Extreme
            Wireless: Aruba, Ubiquiti

            S 1 Reply Last reply Reply Quote 0
            • S
              solarhacker @rcoleman-netgate
              last edited by

              @rcoleman-netgate
              Upgraded from 21.05
              I read the update notes before upgrading, because my OpenVPN was already using TLS I didn't think I would have any issues

              R 1 Reply Last reply Reply Quote 0
              • R
                rcoleman-netgate Netgate @solarhacker
                last edited by

                @solarhacker The log you shared suggests you have a config issue.

                Bump the logging verbosity from "default" to "3" and reattempt your connection, see what additional info it provides and move forward from there.

                Ryan
                Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
                Requesting firmware for your Netgate device? https://go.netgate.com
                Switching: Mikrotik, Netgear, Extreme
                Wireless: Aruba, Ubiquiti

                S 1 Reply Last reply Reply Quote 0
                • S
                  solarhacker @rcoleman-netgate
                  last edited by

                  @rcoleman-netgate

                  logging verbosity set to 3

                  Screenshot from 2022-12-26 18-45-21.png

                  I see this error

                  OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.1.40
                  OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options

                  But have no idea how to change pfsense OpenVPN configuration to add route-gateway option

                  R 1 Reply Last reply Reply Quote 0
                  • R
                    rcoleman-netgate Netgate @solarhacker
                    last edited by

                    @solarhacker 7fabdb3f-321d-4e64-862b-f022346795fb-image.png

                    Ryan
                    Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
                    Requesting firmware for your Netgate device? https://go.netgate.com
                    Switching: Mikrotik, Netgear, Extreme
                    Wireless: Aruba, Ubiquiti

                    S 1 Reply Last reply Reply Quote 0
                    • S
                      solarhacker @rcoleman-netgate
                      last edited by

                      @rcoleman-netgate
                      Added route-gateway 100.64.0.1
                      Error goes away, ping does not work to server, worked before upgrading

                      R 1 Reply Last reply Reply Quote 0
                      • R
                        rcoleman-netgate Netgate @solarhacker
                        last edited by

                        @solarhacker I would reach out to whoever is the OVPN host and see what they say at this point... or wait for someone else to see this thread suggests.

                        If you're the host check the remote-side logs.

                        Ryan
                        Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
                        Requesting firmware for your Netgate device? https://go.netgate.com
                        Switching: Mikrotik, Netgear, Extreme
                        Wireless: Aruba, Ubiquiti

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.