Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFsense 2.2.4 Drops openvpn connections, does not allow reconnect

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 619 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      johnkelley
      last edited by

      I have a pair of PFSense firewall(s) running 2.2.4 running 4 instances of OPENVPN, every couple of weeks the master will stop accepting any openvpn requests and most of the time drop any existing connections.  Forcing the master into CARP maint mode or rebooting it will restore functionality.

      • OpenVPN listens on a CARP address
      • Logs show no new connection attempts even though the clients are attempting
      • No out of the ordinary log messages
      • Restarting the OPENVPN server instances does not correct the issue.
      • The backup firewall is un-effected by the issue at the same time, it could be susceptible to the issue but it is not seen since it is running as the backup at most times.
      • This setup has been in place since 2009 more or less upgrading to current versions on a regular basis, no major changes in config since the issue started

      Any help is much appreciated.

      2.2.4-RELEASE (amd64)  built on Sat Jul 25 19:57:37 CDT 2015

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        If you're not getting anything in the OpenVPN logs, nothing is reaching that system. Given CARP failover or a reboot fixes temporarily, either an IP or MAC conflict is almost certainly the cause. MAC conflict where some other system has the same VHID as that CARP IP (or VRRP VRID, same virtual MAC scheme).

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.