Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    openvpn client misbehaving

    Scheduled Pinned Locked Moved 2.4 Development Snapshots
    21 Posts 2 Posters 5.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DerelictD
      Derelict LAYER 8 Netgate
      last edited by

      Is the client address being blocked for some reason by suricata? A permission denied error like that is generally caused by a block in the outbound direction of firewall-sourced packets.

      Chattanooga, Tennessee, USA
      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
      Do Not Chat For Help! NO_WAN_EGRESS(TM)

      S 1 Reply Last reply Reply Quote 0
      • S
        strangegopher @Derelict
        last edited by

        @derelict not that I know of, unless you want me to delete rule that isolates vlans

        Here are my rules:
        0_1527525467797_Capture.PNG

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          The only time I have seen a VPN just stop with permission denied was when the endpoint was blocked by IPS after the tunnel was established.

          That wouldn't be a LAN rule, but a floating WAN rule in the outbound direction. I say WAN assuming that is the interface traffic to the OpenVPN server will be using.

          Are there any firewall logs for that endpoint?

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          S 1 Reply Last reply Reply Quote 0
          • S
            strangegopher @Derelict
            last edited by strangegopher

            @derelict these are my floating rules, there are no alerts in suricata that I can see. Maybe its that ipv6 rule?

            0_1527526404612_Capture.PNG

            edit: nope its not the floating rule, everytime I restart suricata, I get those errors.

            1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate
              last edited by

              More interested in firewall logs showing blocked traffic to that remote endpoint destination - they will identify the rule that did the blocking.

              I can't see it being an IPv6 rule since it's an IPv4 OpenVPN connection.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • S
                strangegopher
                last edited by strangegopher

                @Derelict The firewall blocks line up with the time I had the permission errors.

                Here is output of /cat/var/log/filter.log | grep '185.xxx.xxx.xxx|45.xxx.xxx.xxx'

                May 28 10:05:22 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:05:22 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:05:22 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:05:23 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:05:23 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:05:25 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:05:27 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:05:30 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,206,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,166,PA,4290511445:4290511611,3832392387,4102,,
May 28 10:05:30 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,206,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,166,PA,4290511445:4290511611,3832392387,4102,,
May 28 10:05:30 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,206,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,166,PA,4290511445:4290511611,3832392387,4102,,
May 28 10:05:31 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,206,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,166,PA,4290511445:4290511611,3832392387,4102,,
May 28 10:05:31 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:05:32 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,206,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,166,PA,4290511445:4290511611,3832392387,4102,,
May 28 10:05:33 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,206,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,166,PA,4290511445:4290511611,3832392387,4102,,
May 28 10:05:35 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,206,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,166,PA,4290511445:4290511611,3832392387,4102,,
May 28 10:05:39 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:05:40 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,206,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,166,PA,4290511445:4290511611,3832392387,4102,,
May 28 10:05:48 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,206,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,166,PA,4290511445:4290511611,3832392387,4102,,
May 28 10:05:50 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,372,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,332,PA,4290511445:4290511777,3832392387,4102,,
May 28 10:05:55 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:06:04 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,372,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,332,PA,4290511445:4290511777,3832392387,4102,,
May 28 10:06:23 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x28,,55,52725,0,DF,6,tcp,158,185.xxx.xxx.xxx,69.xxx.xxx.xxx,443,15817,118,PA,3832392387:3832392505,4290511445,9229,,
May 28 10:06:23 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x28,,55,52726,0,DF,6,tcp,158,185.xxx.xxx.xxx,69.xxx.xxx.xxx,443,15817,118,PA,3832392387:3832392505,4290511445,9229,,
May 28 10:06:24 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x28,,55,52727,0,DF,6,tcp,158,185.xxx.xxx.xxx,69.xxx.xxx.xxx,443,15817,118,PA,3832392387:3832392505,4290511445,9229,,
May 28 10:06:24 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x28,,55,52728,0,DF,6,tcp,158,185.xxx.xxx.xxx,69.xxx.xxx.xxx,443,15817,118,PA,3832392387:3832392505,4290511445,9229,,
May 28 10:06:25 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x28,,55,52729,0,DF,6,tcp,158,185.xxx.xxx.xxx,69.xxx.xxx.xxx,443,15817,118,PA,3832392387:3832392505,4290511445,9229,,
May 28 10:06:26 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:06:27 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x28,,55,52730,0,DF,6,tcp,158,185.xxx.xxx.xxx,69.xxx.xxx.xxx,443,15817,118,PA,3832392387:3832392505,4290511445,9229,,
May 28 10:06:30 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x28,,55,52731,0,DF,6,tcp,158,185.xxx.xxx.xxx,69.xxx.xxx.xxx,443,15817,118,PA,3832392387:3832392505,4290511445,9229,,
May 28 10:06:36 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,372,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,332,PA,4290511445:4290511777,3832392387,4102,,
May 28 10:06:37 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x28,,55,52732,0,DF,6,tcp,158,185.xxx.xxx.xxx,69.xxx.xxx.xxx,443,15817,118,PA,3832392387:3832392505,4290511445,9229,,
May 28 10:06:50 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,490,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,450,PA,4290511445:4290511895,3832392387,4102,,
May 28 10:06:51 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x28,,55,52733,0,DF,6,tcp,158,185.xxx.xxx.xxx,69.xxx.xxx.xxx,443,15817,118,PA,3832392387:3832392505,4290511445,9229,,
May 28 10:06:57 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:07:08 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,490,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,450,PA,4290511445:4290511895,3832392387,4102,,
May 28 10:07:18 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x28,,55,52734,0,DF,6,tcp,158,185.xxx.xxx.xxx,69.xxx.xxx.xxx,443,15817,118,PA,3832392387:3832392505,4290511445,9229,,
May 28 10:07:28 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,FA,935304924,1942521764,4096,,
May 28 10:07:42 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,490,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,450,PA,4290511445:4290511895,3832392387,4102,,
May 28 10:07:51 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,608,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,568,PA,4290511445:4290512013,3832392387,4102,,
May 28 10:08:01 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,40,69.xxx.xxx.xxx,185.xxx.xxx.xxx,42804,443,0,RA,935304925,1942521764,4096,,
May 28 10:08:14 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,608,69.xxx.xxx.xxx,185.xxx.xxx.xxx,15817,443,568,RPA,4290511445:4290512013,3832392387,4102,,
May 28 10:08:14 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x28,,55,52735,0,DF,6,tcp,158,185.xxx.xxx.xxx,69.xxx.xxx.xxx,443,15817,118,PA,3832392387:3832392505,4290511445,9229,,
May 28 10:08:25 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x28,,55,52736,0,DF,6,tcp,276,185.xxx.xxx.xxx,69.xxx.xxx.xxx,443,15817,236,FPA,3832392505:3832392741,4290511445,9229,,
May 28 10:05:22 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,276,69.xxx.xxx.xxx,45.xxx.xxx.xxx,64109,443,236,FPA,601582272:601582508,2616361110,4104,,
May 28 10:05:22 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,275,69.xxx.xxx.xxx,45.xxx.xxx.xxx,64109,443,235,FPA,601582273:601582508,2616361110,4104,,
May 28 10:05:25 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,512,69.xxx.xxx.xxx,45.xxx.xxx.xxx,64109,443,472,FPA,601582036:601582508,2616361110,4104,,
May 28 10:05:27 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,222,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,182,PA,2523096778:2523096960,1343684912,4104,,
May 28 10:05:28 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,222,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,182,PA,2523096778:2523096960,1343684912,4104,,
May 28 10:05:28 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,222,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,182,PA,2523096778:2523096960,1343684912,4104,,
May 28 10:05:29 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,222,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,182,PA,2523096778:2523096960,1343684912,4104,,
May 28 10:05:30 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,222,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,182,PA,2523096778:2523096960,1343684912,4104,,
May 28 10:05:31 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,356,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,316,PA,2523096778:2523097094,1343684912,4104,,
May 28 10:05:31 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,538,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,498,PA,2523096778:2523097276,1343684912,4104,,
May 28 10:05:31 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,896,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,856,PA,2523096778:2523097634,1343684912,4104,,
May 28 10:05:31 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1238,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1198,PA,2523096778:2523097976,1343684912,4104,,
May 28 10:05:32 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:32 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:32 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:32 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:32 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:32 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:32 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:32 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:32 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:32 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:33 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:33 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:33 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:33 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:33 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:33 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:33 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:33 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:33 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:34 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:34 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:35 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x0,,49,8327,0,DF,6,tcp,155,45.xxx.xxx.xxx,69.xxx.xxx.xxx,443,5943,115,PA,1343684912:1343685027,2523096778,830,,
May 28 10:05:35 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x0,,49,8328,0,DF,6,tcp,155,45.xxx.xxx.xxx,69.xxx.xxx.xxx,443,5943,115,PA,1343684912:1343685027,2523096778,830,,
May 28 10:05:35 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x0,,49,8329,0,DF,6,tcp,155,45.xxx.xxx.xxx,69.xxx.xxx.xxx,443,5943,115,PA,1343684912:1343685027,2523096778,830,,
May 28 10:05:35 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:35 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:36 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x0,,49,8330,0,DF,6,tcp,155,45.xxx.xxx.xxx,69.xxx.xxx.xxx,443,5943,115,PA,1343684912:1343685027,2523096778,830,,
May 28 10:05:36 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:36 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:36 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:37 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x0,,49,8331,0,DF,6,tcp,155,45.xxx.xxx.xxx,69.xxx.xxx.xxx,443,5943,115,PA,1343684912:1343685027,2523096778,830,,
May 28 10:05:39 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x0,,49,8332,0,DF,6,tcp,155,45.xxx.xxx.xxx,69.xxx.xxx.xxx,443,5943,115,PA,1343684912:1343685027,2523096778,830,,
May 28 10:05:41 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,512,69.xxx.xxx.xxx,45.xxx.xxx.xxx,64109,443,472,FPA,601582036:601582508,2616361110,4104,,
May 28 10:05:41 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:44 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x0,,49,8333,0,DF,6,tcp,155,45.xxx.xxx.xxx,69.xxx.xxx.xxx,443,5943,115,PA,1343684912:1343685027,2523096778,830,,
May 28 10:05:46 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:49 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:49 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:49 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:49 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:50 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:50 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:52 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:52 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:53 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x0,,49,8334,0,DF,6,tcp,155,45.xxx.xxx.xxx,69.xxx.xxx.xxx,443,5943,115,PA,1343684912:1343685027,2523096778,830,,
May 28 10:05:55 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:55 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:55 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:55 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:55 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:55 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:55 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:55 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:56 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:56 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:56 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:56 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:56 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:56 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:56 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,512,69.xxx.xxx.xxx,45.xxx.xxx.xxx,64109,443,472,FPA,601582036:601582508,2616361110,4104,,
May 28 10:05:56 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:56 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:56 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:56 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:57 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:57 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:57 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:58 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:58 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:58 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:59 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:05:59 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:06:00 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:06:00 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:06:10 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:06:12 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,511,69.xxx.xxx.xxx,45.xxx.xxx.xxx,64109,443,471,RPA,601582037:601582508,2616361110,4104,,
May 28 10:06:12 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x0,,49,8335,0,DF,6,tcp,155,45.xxx.xxx.xxx,69.xxx.xxx.xxx,443,5943,115,PA,1343684912:1343685027,2523096778,830,,
May 28 10:06:13 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:06:20 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:06:24 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:06:24 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:06:36 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x0,,49,8336,0,DF,6,tcp,730,45.xxx.xxx.xxx,69.xxx.xxx.xxx,443,5943,690,FPA,1343685027:1343685717,2523096778,830,,
May 28 10:06:49 pfsense filterlog: 5,,,1000000103,igb3,match,block,in,4,0x0,,49,8337,0,DF,6,tcp,845,45.xxx.xxx.xxx,69.xxx.xxx.xxx,443,5943,805,FPA,1343684912:1343685717,2523096778,830,,
May 28 10:06:56 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:07:39 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:08:21 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,A,2523096778:2523098198,1343684912,4104,,
May 28 10:09:03 pfsense filterlog: 6,,,1000000104,igb3,match,block,out,4,0x0,,64,0,0,DF,6,tcp,1460,69.xxx.xxx.xxx,45.xxx.xxx.xxx,5943,443,1420,RA,2523096778:2523098198,1343684912,4104,,```
                1 Reply Last reply Reply Quote 0
                • DerelictD
                  Derelict LAYER 8 Netgate
                  last edited by

                  Hmm. That's the default block rule. Something must be killing the state.

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • S
                    strangegopher
                    last edited by

                    @Derelict you think it might be "Skip rules when gateway is down" option under System/Advanced/Miscellaneous?

                    1 Reply Last reply Reply Quote 0
                    • DerelictD
                      Derelict LAYER 8 Netgate
                      last edited by

                      It would more likely be state killing on gateway failure. Are you having intermittent connectivity problems on that WAN?

                      Why did you mention suricata in the first place?

                      Chattanooga, Tennessee, USA
                      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                      Do Not Chat For Help! NO_WAN_EGRESS(TM)

                      1 Reply Last reply Reply Quote 0
                      • S
                        strangegopher
                        last edited by strangegopher

                        @Derelict I unchecked both "state killing on gateway failure" and “Skip rules when gateway is down” and created no_wan_egress tag for kill switch and I hope that will fix the issue. I mention suricata is because I saw other post here long time ago about it and I noticed it happen when I restarted suricata. Edit: It still happens without suricata enabled, so weird.

                        1 Reply Last reply Reply Quote 0
                        • S
                          strangegopher
                          last edited by strangegopher

                          PF is still blocking openvpn but I have no idea what to do about this.

                          1 Reply Last reply Reply Quote 0
                          • S
                            strangegopher
                            last edited by

                            I created a bug report https://redmine.pfsense.org/issues/8541

                            1 Reply Last reply Reply Quote 0
                            • DerelictD
                              Derelict LAYER 8 Netgate
                              last edited by Derelict

                              Not convinced it's a bug. Probably a misconfiguration somewhere. Just because it's a mystery right now does not mean it's a bug. Steps to reproduce from a plain install would be the first step.

                              Chattanooga, Tennessee, USA
                              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                              Do Not Chat For Help! NO_WAN_EGRESS(TM)

                              1 Reply Last reply Reply Quote 0
                              • S
                                strangegopher
                                last edited by

                                @Derelict Should "Reset all states if WAN IP Address changes" be enabled?

                                DerelictD 1 Reply Last reply Reply Quote 0
                                • DerelictD
                                  Derelict LAYER 8 Netgate @strangegopher
                                  last edited by

                                  @strangegopher If that's what you want to have happen.

                                  Chattanooga, Tennessee, USA
                                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                                  1 Reply Last reply Reply Quote 0
                                  • S
                                    strangegopher
                                    last edited by

                                    @Derelict Did a bit of reading about Asymmetric Routing https://doc.pfsense.org/index.php/Asymmetric_Routing_and_Firewall_Rules

                                    I wonder if that is what is causing this.

                                    1 Reply Last reply Reply Quote 0
                                    • DerelictD
                                      Derelict LAYER 8 Netgate
                                      last edited by

                                      Could be. Do you have an asymmetric routing situation? Draw out the pieces involved and it's usually obvious. That can certainly be a cause of out-of-state blocks like you are seeing.

                                      Chattanooga, Tennessee, USA
                                      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                                      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                                      Do Not Chat For Help! NO_WAN_EGRESS(TM)

                                      1 Reply Last reply Reply Quote 0
                                      • S
                                        strangegopher
                                        last edited by

                                        Finally figured out a workaround that limits the write TCPv4_CLIENT: Permission denied (code=13) message to 10 seconds max. I added keepalive 3 10; to custom options and I get this message for 10 seconds before ping-restart and then it connects. I have turned every setting I can think of on and off other than ramdisk and but for now I will live with this quirk.

                                        1 Reply Last reply Reply Quote 0
                                        • S
                                          strangegopher
                                          last edited by

                                          fixed the error by changing to hostname instead of ip address, I compared the system logs and openvpn logs and noticed openvpn tried to connect before wan interface was up so I changed it to hostname, now it starts before wan is up but won't connect until it can resolve the hostname.

                                          extra options:

                                          remote-cert-tls server;
auth-nocache;
auth-retry nointeract;
tun-mtu 1500;
tun-mtu-extra 32;
mssfix 1400;
mlock;
pull-filter ignore "redirect-gateway";
pull-filter ignore "dhcp-option";
                                          1 Reply Last reply Reply Quote 0
                                          • S
                                            strangegopher
                                            last edited by

                                            error came back but went away when I uninstalled pfblockerng-devel, only caused issues with tcp connections

                                            1 Reply Last reply Reply Quote 0
                                            • GertjanG Gertjan referenced this topic on
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.