Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN tunnel traffic stop during rebooting of pfsense

    OpenVPN
    1
    2
    334
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wakson005
      last edited by

      When rebooting Pfsense openvpn tunnel is automatically brought up but traffic and ping does not come back on. But going to OpenVPN>Status>Restart tunnel everything is up and working without any changes to setting.

      Here are some thoughts though I am not sure which is more accurate...

      If rebooting the pfSense OpenVPN tunnel results in no traffic or ping response, but manually restarting the tunnel through OpenVPN > Status resolves the issue, it suggests that there might be a timing or synchronization issue during the boot process. The following factors could contribute to this behavior though I am not sure how true this might be...:

      1. Startup Order: During boot, various services and components are initialized. If the OpenVPN service starts before other necessary components, such as the network interfaces or routing tables, are fully ready, it can cause the connectivity issue. Restarting the tunnel manually after the system has fully booted allows the necessary components to be initialized properly.

      2. Dependency on Network Services: The OpenVPN tunnel might depend on other network services or interfaces that take longer to initialize during the boot process. It's possible that these dependencies are not fully ready when the OpenVPN service starts automatically during boot. Restarting the tunnel manually gives those dependencies enough time to come online.

      3. Timing and Synchronization: Restarting the tunnel manually might introduce a slight delay, allowing the system to synchronize and stabilize fully. It's possible that during the boot process, there is a brief period where the system is not fully synchronized, leading to connectivity issues. Restarting the tunnel manually after booting gives the system time to settle down before establishing the connection.

      Will try to put a log if that help.

      W 1 Reply Last reply Reply Quote 0
      • W
        wakson005 @wakson005
        last edited by

        @wakson005 Ok turns out the issue is using alias in my openvpn server settings. Though the alias is correct it seem to not load properly when performing HA or rebooting of PFSense. Do anyone else encounter this problem?

        If Server instance has this setting OpenVPN still work but encounter the issue I stated above where I have to restart the tunnel network even though it show it is connected to get the traffic and ping working again. This is after a HA failover or a reboot of pfsense.

        PFSense 2.7.0 & 2.7.1

        Alias:
        61e514fc-8637-490e-9900-516322d46417-image.png
        Setting that will fail:
        1a783268-3601-4f1a-ac54-9841c2f9bc83-image.png
        Setting that will work:
        ef5187d5-b71c-403b-8b31-4bb23d383f42-image.png

        Obvious for this case it is pointless for an alias but for 10+ subnet the alias is just more convenient. I just like to set things up for expandability when possible. Especially in a STAR OpenVPN setup

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.