Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense 2.3.5 p1: gateway group not updated on OpenVPN client reconnect

    Scheduled Pinned Locked Moved Routing and Multi WAN
    1 Posts 1 Posters 332 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lexa-a
      last edited by lexa-a

      Setup:

      WAN1 - (PPPOE)
      WAN2 - VPNV4 - Openvpn client in TUN mode connected via WAN1

      Gateway group: Test_Group (VPNV4 - Tier1, WAN1 - Tier2)

      Everything works as expected until WAN1 disconnect.

      If I disconnect WAN1, WAN2 goes offline too in a minute or two.
      When i reconnect WAN1, gateway group is updated (/tmp/rulse.debug) with following:

      GWWAN1_PPPOE = " route-to ( pppoe0 11.22.33.44 ) "
      GWVPN_VPNV4 = " "
      GWTest_Group = " route-to { ( pppoe0 11.22.33.44 ) } "

      Then in several second OpenVPN goes online, but /tmp/rulse.debug contains following:

      GWWAN1_PPPOE = " route-to ( pppoe0 11.22.33.44 ) "
      GWVPN_VPNV4 = " route-to ( ovpnc3 10.8.0.5 ) "
      GWTest_Group = " route-to { ( pppoe0 11.22.33.44 ) } " //!!! wrong: should be ovpnc3 10.8.0.5 (Tier1)

      This is the final state, no matter how long you will wait. All gateways in gateway group are green (online), but routing goes through Tier2 gateway.

      If i udpate ANY (even non related to this gateway group) firewall rule, or restart OpenVPN service then routing becomes correct:

      GWWAN1_PPPOE = " route-to ( pppoe0 11.22.33.44 ) "
      GWVPN_VPNV4 = " route-to ( ovpnc3 10.8.0.5 ) "
      GWTest_Group = " route-to ( ovpnc3 10.8.0.5 ) "

      So it seems then something is not updated when openvpn reconnects automatically (without restarting it's service).

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.