Open VPN Client Satus Problem

sunch1ld · Feb 26, 2013, 1:11 PM

Hi I am using pfsense 2.0.3-PRERELEASE. When I open the page Status > Services, the ovpn client status is down, but the open vpn client is up. How can I solve this problem?

jimp · Feb 26, 2013, 4:01 PM

What exactly does the OpenVPN status screen show? (Screenshot is best)
Does it show down on both sides of the connection? Or just one?

Is it SSL/TLS with a /30 tunnel network, SSL/TLS with a larger tunnel network, Shared key, etc?

Need a lot more info to go on.

sunch1ld · Feb 26, 2013, 6:14 PM

Hi Thanks for your reply

Yes is SSL/TLS client.

I show you parameters and status using the attached images.

jimp · Feb 26, 2013, 6:40 PM

That indicates that the process isn't running, and can't be reached through the management daemon (which typically also means the process is not running)

Given that I really doubt it's actually working.

I have a 2.0.3 VM here and the status shows fine for shared key and SSL/TLS clients for me.

sunch1ld · Feb 26, 2013, 8:50 PM

For me the process is running, but the status is wrong because I connect to that machine through the vpn address. That place has little bandwith.

jimp · Feb 26, 2013, 8:52 PM

check this:

ps uxawww | grep openvpn

ls -l /var/run/openvpn*

ls -l /var/etc/openvpn*

If it can't contact the management daemon, it's not running properly or as expected. It works fine with a stock config, so it's also possible that one of your advanced option entries is causing the status to fail.

sunch1ld · Feb 26, 2013, 9:23 PM

I have execute these commands:

ps uxawww | grep openvpn

root 19730 0.0 1.5 5116 3740 ?? RNs Sat12PM 0:46.99 /usr/local/sbin/openvpn –config /var/etc/openvpn/client1.conf
root 55892 0.0 0.5 3524 1200 0 R+ 10:26PM 0:00.01 grep openvpn

ls -l /var/run/openvpn*
-rw-r--r-- 1 root wheel 6 Feb 23 12:12 /var/run/openvpn_client1.pid
ls -l /var/etc/openvpn*
/var/etc/openvpn:
total 10
-rw------- 1 root wheel 662 Feb 23 12:12 client1.ca
-rw------- 1 root wheel 672 Feb 23 12:12 client1.cert
-rw------- 1 root wheel 643 Feb 23 12:12 client1.conf
-rw------- 1 root wheel 898 Feb 23 12:12 client1.key
srwxrwxrwx 1 root wheel 0 Feb 23 12:12 client1.sock
-rw------- 1 root wheel 618 Feb 23 12:12 client1.tls-auth

/var/etc/openvpn-csc:
total 0

phil.davis · Feb 28, 2013, 5:43 AM

My example of this "feature" is at http://forum.pfsense.org/index.php/topic,59464.0.html
I have noticed it with both Peer-to-peer shared key and SSL/TLS links every now and then. I saw it just now and managed to gather some data.