• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

PFS 2.5.2-RELEASE OpenVPN

Scheduled Pinned Locked Moved Russian
6 Posts 3 Posters 965 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • V
    veezs
    last edited by Jul 26, 2021, 11:58 AM

    Добрый день!

    После обновления на последнюю версию пфсенс
    и создания сервера openvpn начал отваливаться демон мониторинга службы и сама служба openvpn.
    До обновления ранее созданные сервера - работают стабильно, не отваливаются.
    После обновления шлюза клиента стал так же отваливаться демон(служба), до обновления он просто показывал что нет соединения с сервером и служба была запущена т.к сам сервер ложился из-за демона. (Служба падает).

    Настроено всё идентично работающим.

    Повторюсь сервера настроенные на том же шлюзе до обновления работают, количество серверов/туннелей OpenVPN -6 штук.

    Прошу помощи.
    Спасибо.

    W V 2 Replies Last reply Jul 26, 2021, 1:01 PM Reply Quote 0
    • W
      werter @veezs
      last edited by werter Jul 26, 2021, 1:15 PM Jul 26, 2021, 1:01 PM

      Добрый.
      @veezs
      Покажите логи с сервера и клиента при этом.
      15 шт обновились - проблем нет.

      Зы. Поищите по багам еще здесь https://redmine.pfsense.org/projects/pfsense/roadmap

      V 1 Reply Last reply Jul 26, 2021, 1:55 PM Reply Quote 0
      • V
        veezs @werter
        last edited by Jul 26, 2021, 1:55 PM

        @werter said in PFS 2.5.2-RELEASE OpenVPN:

        Добрый.
        @veezs
        Покажите логи с сервера и клиента при этом.
        15 шт обновились - проблем нет.

        Зы. Поищите по багам еще здесь https://redmine.pfsense.org/projects/pfsense/roadmap

        P.s Порт по пути проблемы менял с 1199 на 1299 и разница между клиентом и сервером 3 часа. После открытия топика как ни странно пока не отваливалось, но думаю что, отвалиться. Нету закономерности..
        Спасибо!

        Логи Сервера:

        ===group

        ``` Jul 26 09:31:22	openvpn	48293	Authenticate/Decrypt packet error: missing authentication info
Jul 26 09:39:13	openvpn	48293	Authenticate/Decrypt packet error: missing authentication info
Jul 26 10:37:53	openvpn	48293	Authenticate/Decrypt packet error: missing authentication info
Jul 26 10:49:21	openvpn	22264	Inactivity timeout (--ping-restart), restarting
Jul 26 10:49:21	openvpn	22264	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 10:49:26	openvpn	22264	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 10:49:26	openvpn	22264	Re-using pre-shared static key
Jul 26 10:49:26	openvpn	22264	Preserving previous TUN/TAP instance: ovpns6
Jul 26 10:49:26	openvpn	22264	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1199
Jul 26 10:49:26	openvpn	22264	UDPv4 link remote: [AF_UNSPEC]
Jul 26 10:54:26	openvpn	22264	Inactivity timeout (--inactive), exiting
Jul 26 10:54:26	openvpn	22264	SIGTERM received, sending exit notification to peer
Jul 26 10:54:27	openvpn	22264	/usr/local/sbin/ovpn-linkdown ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 10:54:27	openvpn	22264	SIGTERM[soft,exit-with-notification] received, process exiting
Jul 26 10:57:32	openvpn	35440	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 10:57:32	openvpn	35440	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 10:57:32	openvpn	35440	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 10:57:32	openvpn	35717	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 10:57:32	openvpn	35717	TUN/TAP device ovpns6 exists previously, keep at program end
Jul 26 10:57:32	openvpn	35717	TUN/TAP device /dev/tun6 opened
Jul 26 10:57:32	openvpn	35717	/sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up
Jul 26 10:57:32	openvpn	35717	/usr/local/sbin/ovpn-linkup ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 10:57:32	openvpn	35717	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1199
Jul 26 10:57:32	openvpn	35717	UDPv4 link remote: [AF_UNSPEC]
Jul 26 11:02:32	openvpn	35717	Inactivity timeout (--inactive), exiting
Jul 26 11:02:32	openvpn	35717	SIGTERM received, sending exit notification to peer
Jul 26 11:02:33	openvpn	35717	/usr/local/sbin/ovpn-linkdown ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 11:02:33	openvpn	35717	SIGTERM[soft,exit-with-notification] received, process exiting
Jul 26 11:03:02	openvpn	51229	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 11:03:02	openvpn	51229	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 11:03:02	openvpn	51229	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 11:03:02	openvpn	51546	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 11:03:02	openvpn	51546	TUN/TAP device ovpns6 exists previously, keep at program end
Jul 26 11:03:02	openvpn	51546	TUN/TAP device /dev/tun6 opened
Jul 26 11:03:02	openvpn	51546	/sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up
Jul 26 11:03:02	openvpn	51546	/usr/local/sbin/ovpn-linkup ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 11:03:02	openvpn	51546	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1199
Jul 26 11:03:02	openvpn	51546	UDPv4 link remote: [AF_UNSPEC]
Jul 26 11:07:55	openvpn	51546	Peer Connection Initiated with [AF_INET]WAN IP CLIENT:37990
Jul 26 11:07:56	openvpn	51546	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 11:07:56	openvpn	51546	Initialization Sequence Completed
Jul 26 11:56:49	openvpn	51546	Inactivity timeout (--ping-restart), restarting
Jul 26 11:56:49	openvpn	51546	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 11:56:54	openvpn	51546	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 11:56:54	openvpn	51546	Re-using pre-shared static key
Jul 26 11:56:54	openvpn	51546	Preserving previous TUN/TAP instance: ovpns6
Jul 26 11:56:54	openvpn	51546	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1199
Jul 26 11:56:54	openvpn	51546	UDPv4 link remote: [AF_UNSPEC]
Jul 26 12:01:54	openvpn	51546	Inactivity timeout (--inactive), exiting
Jul 26 12:01:54	openvpn	51546	SIGTERM received, sending exit notification to peer
Jul 26 12:01:55	openvpn	51546	/usr/local/sbin/ovpn-linkdown ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 12:01:55	openvpn	51546	SIGTERM[soft,exit-with-notification] received, process exiting
Jul 26 12:04:28	openvpn	23222	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 12:04:28	openvpn	23222	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 12:04:28	openvpn	23222	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 12:04:28	openvpn	23542	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 12:04:28	openvpn	23542	TUN/TAP device ovpns6 exists previously, keep at program end
Jul 26 12:04:28	openvpn	23542	TUN/TAP device /dev/tun6 opened
Jul 26 12:04:28	openvpn	23542	/sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up
Jul 26 12:04:28	openvpn	23542	/usr/local/sbin/ovpn-linkup ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 12:04:28	openvpn	23542	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1199
Jul 26 12:04:28	openvpn	23542	UDPv4 link remote: [AF_UNSPEC]
Jul 26 12:04:30	openvpn	23542	Peer Connection Initiated with [AF_INET]WAN IP CLIENT:5447
Jul 26 12:04:30	openvpn	23542	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 12:04:30	openvpn	23542	Initialization Sequence Completed
Jul 26 12:07:19	openvpn	23542	event_wait : Interrupted system call (code=4)
Jul 26 12:07:19	openvpn	23542	SIGTERM received, sending exit notification to peer
Jul 26 12:07:20	openvpn	23542	/usr/local/sbin/ovpn-linkdown ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 12:07:20	openvpn	23542	SIGTERM[soft,exit-with-notification] received, process exiting
Jul 26 12:07:21	openvpn	53735	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 12:07:21	openvpn	53735	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 12:07:21	openvpn	53735	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 12:07:21	openvpn	54061	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 12:07:21	openvpn	54061	TUN/TAP device ovpns6 exists previously, keep at program end
Jul 26 12:07:21	openvpn	54061	TUN/TAP device /dev/tun6 opened
Jul 26 12:07:21	openvpn	54061	/sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up
Jul 26 12:07:21	openvpn	54061	/usr/local/sbin/ovpn-linkup ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 12:07:21	openvpn	54061	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1299
Jul 26 12:07:21	openvpn	54061	UDPv4 link remote: [AF_UNSPEC]
Jul 26 12:07:48	openvpn	54061	Peer Connection Initiated with [AF_INET]WAN IP CLIENT:7966
Jul 26 12:07:48	openvpn	54061	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 12:07:48	openvpn	54061	Initialization Sequence Completed
Jul 26 12:49:37	openvpn	48293	Authenticate/Decrypt packet error: missing authentication info
Jul 26 13:39:53	openvpn	54061	Inactivity timeout (--inactive), exiting
Jul 26 13:39:53	openvpn	54061	SIGTERM received, sending exit notification to peer
Jul 26 13:39:54	openvpn	54061	/usr/local/sbin/ovpn-linkdown ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 13:39:54	openvpn	54061	SIGTERM[soft,exit-with-notification] received, process exiting
Jul 26 14:10:47	openvpn	17523	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 14:10:47	openvpn	17523	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 14:10:47	openvpn	17523	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 14:10:47	openvpn	17778	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 14:10:47	openvpn	17778	TUN/TAP device ovpns6 exists previously, keep at program end
Jul 26 14:10:47	openvpn	17778	TUN/TAP device /dev/tun6 opened
Jul 26 14:10:47	openvpn	17778	/sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up
Jul 26 14:10:47	openvpn	17778	/usr/local/sbin/ovpn-linkup ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 14:10:47	openvpn	17778	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1299
Jul 26 14:10:47	openvpn	17778	UDPv4 link remote: [AF_UNSPEC]
Jul 26 14:10:51	openvpn	17778	Peer Connection Initiated with [AF_INET]WAN IP CLIENT:20475
Jul 26 14:10:52	openvpn	17778	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 14:10:52	openvpn	17778	Initialization Sequence Completed
Jul 26 14:18:17	openvpn	17778	Inactivity timeout (--inactive), exiting
Jul 26 14:18:17	openvpn	17778	SIGTERM received, sending exit notification to peer
Jul 26 14:18:18	openvpn	17778	/usr/local/sbin/ovpn-linkdown ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 14:18:18	openvpn	17778	SIGTERM[soft,exit-with-notification] received, process exiting
Jul 26 14:39:14	openvpn	59816	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 14:39:14	openvpn	59816	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 14:39:14	openvpn	59816	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 14:39:14	openvpn	59991	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 14:39:14	openvpn	59991	TUN/TAP device ovpns6 exists previously, keep at program end
Jul 26 14:39:14	openvpn	59991	TUN/TAP device /dev/tun6 opened
Jul 26 14:39:14	openvpn	59991	/sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up
Jul 26 14:39:14	openvpn	59991	/usr/local/sbin/ovpn-linkup ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 14:39:14	openvpn	59991	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1299
Jul 26 14:39:14	openvpn	59991	UDPv4 link remote: [AF_UNSPEC]
Jul 26 14:39:18	openvpn	59991	Peer Connection Initiated with [AF_INET]WAN IP CLIENT:6014
Jul 26 14:39:18	openvpn	59991	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 14:39:18	openvpn	59991	Initialization Sequence Completed
```kotlin

        ===

        Логи Клиента:

        ===group

        ```Jul 26 07:59:48	openvpn	24762	write UDPv4: No route to host (code=65)
Jul 26 07:59:48	openvpn	24762	write UDPv4: No route to host (code=65)
Jul 26 07:59:59	openvpn	24762	write UDPv4: No route to host (code=65)
Jul 26 07:59:59	openvpn	24762	write UDPv4: No route to host (code=65)
Jul 26 08:00:07	openvpn	24762	Inactivity timeout (--ping-restart), restarting
Jul 26 08:00:07	openvpn	24762	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 08:02:12	openvpn	22606	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 08:02:12	openvpn	22606	OpenVPN 2.5.1 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Apr 5 2021
Jul 26 08:02:12	openvpn	22606	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 08:02:12	openvpn	22653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 08:02:12	openvpn	22653	GDG: problem writing to routing socket
Jul 26 08:02:12	openvpn	22653	TUN/TAP device ovpnc1 exists previously, keep at program end
Jul 26 08:02:12	openvpn	22653	TUN/TAP device /dev/tun1 opened
Jul 26 08:02:12	openvpn	22653	ioctl(TUNSIFMODE): Device busy (errno=16)
Jul 26 08:02:12	openvpn	22653	/sbin/ifconfig ovpnc1 16.16.16.2 16.16.16.1 mtu 1500 netmask 255.255.255.255 up
Jul 26 08:02:12	openvpn	22653	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 08:02:13	openvpn	22653	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 08:02:13	openvpn	22653	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 08:02:13	openvpn	22653	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 08:02:13	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:13	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:13	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:13	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:14	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:23	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:33	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:33	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:43	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:43	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:53	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:53	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:03:03	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:03:03	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:03:13	openvpn	22653	Inactivity timeout (--ping-restart), restarting
Jul 26 08:03:13	openvpn	22653	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 08:03:18	openvpn	22653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 08:03:18	openvpn	22653	Re-using pre-shared static key
Jul 26 08:03:18	openvpn	22653	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 08:03:18	openvpn	22653	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 08:03:18	openvpn	22653	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 08:03:18	openvpn	22653	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 08:03:18	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:03:28	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:03:28	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:04:19	openvpn	22653	Inactivity timeout (--ping-restart), restarting
Jul 26 08:04:19	openvpn	22653	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 08:04:24	openvpn	22653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 08:04:24	openvpn	22653	Re-using pre-shared static key
Jul 26 08:04:24	openvpn	22653	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 08:04:24	openvpn	22653	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 08:04:24	openvpn	22653	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 08:04:24	openvpn	22653	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 08:05:24	openvpn	22653	Inactivity timeout (--ping-restart), restarting
Jul 26 08:05:24	openvpn	22653	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 08:05:29	openvpn	22653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 08:05:29	openvpn	22653	Re-using pre-shared static key
Jul 26 08:05:29	openvpn	22653	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 08:05:29	openvpn	22653	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 08:05:29	openvpn	22653	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 08:05:29	openvpn	22653	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 08:06:29	openvpn	22653	Inactivity timeout (--ping-restart), restarting
Jul 26 08:06:29	openvpn	22653	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 08:06:34	openvpn	22653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 08:06:34	openvpn	22653	Re-using pre-shared static key
Jul 26 08:06:34	openvpn	22653	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 08:06:34	openvpn	22653	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 08:06:34	openvpn	22653	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 08:06:34	openvpn	22653	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 08:07:35	openvpn	22653	Inactivity timeout (--ping-restart), restarting
Jul 26 08:07:35	openvpn	22653	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 08:07:45	openvpn	22653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 08:07:45	openvpn	22653	Re-using pre-shared static key
Jul 26 08:07:45	openvpn	22653	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 08:07:45	openvpn	22653	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 08:07:45	openvpn	22653	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 08:07:45	openvpn	22653	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 08:07:45	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:07:55	openvpn	22653	Peer Connection Initiated with [AF_INET]WAN IP SERVER:1199
Jul 26 08:07:57	openvpn	22653	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 08:07:57	openvpn	22653	Initialization Sequence Completed
Jul 26 09:01:49	openvpn	23342	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 09:01:49	openvpn	23342	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 09:01:49	openvpn	23342	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 09:01:49	openvpn	23646	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 09:01:49	openvpn	23646	GDG: problem writing to routing socket
Jul 26 09:01:49	openvpn	23646	TUN/TAP device ovpnc1 exists previously, keep at program end
Jul 26 09:01:49	openvpn	23646	TUN/TAP device /dev/tun1 opened
Jul 26 09:01:49	openvpn	23646	ioctl(TUNSIFMODE): Device busy (errno=16)
Jul 26 09:01:49	openvpn	23646	/sbin/ifconfig ovpnc1 16.16.16.2 16.16.16.1 mtu 1500 netmask 255.255.255.255 up
Jul 26 09:01:49	openvpn	23646	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 09:01:49	openvpn	23646	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 09:01:49	openvpn	23646	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 09:01:49	openvpn	23646	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 09:01:49	openvpn	23646	write UDPv4: No route to host (code=65)
Jul 26 09:01:49	openvpn	23646	write UDPv4: No route to host (code=65)
Jul 26 09:01:49	openvpn	23646	write UDPv4: No route to host (code=65)
Jul 26 09:01:50	openvpn	23646	write UDPv4: No route to host (code=65)
Jul 26 09:02:49	openvpn	23646	Inactivity timeout (--ping-restart), restarting
Jul 26 09:02:49	openvpn	23646	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 09:02:54	openvpn	23646	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 09:02:54	openvpn	23646	Re-using pre-shared static key
Jul 26 09:02:54	openvpn	23646	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 09:02:54	openvpn	23646	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 09:02:54	openvpn	23646	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 09:02:54	openvpn	23646	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 09:03:04	openvpn	23646	event_wait : Interrupted system call (code=4)
Jul 26 09:03:04	openvpn	23646	/usr/local/sbin/ovpn-linkdown ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 09:03:04	openvpn	23646	SIGTERM[hard,] received, process exiting
Jul 26 09:03:05	openvpn	8440	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 09:03:05	openvpn	8440	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 09:03:05	openvpn	8440	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 09:03:05	openvpn	8634	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 09:03:05	openvpn	8634	TUN/TAP device ovpnc1 exists previously, keep at program end
Jul 26 09:03:05	openvpn	8634	TUN/TAP device /dev/tun1 opened
Jul 26 09:03:05	openvpn	8634	/sbin/ifconfig ovpnc1 16.16.16.2 16.16.16.1 mtu 1500 netmask 255.255.255.255 up
Jul 26 09:03:05	openvpn	8634	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 09:03:05	openvpn	8634	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 09:03:05	openvpn	8634	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 09:03:05	openvpn	8634	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 09:04:05	openvpn	8634	Inactivity timeout (--ping-restart), restarting
Jul 26 09:04:05	openvpn	8634	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 09:04:10	openvpn	8634	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 09:04:10	openvpn	8634	Re-using pre-shared static key
Jul 26 09:04:10	openvpn	8634	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 09:04:10	openvpn	8634	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 09:04:10	openvpn	8634	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 09:04:10	openvpn	8634	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 09:04:30	openvpn	8634	Peer Connection Initiated with [AF_INET]WAN IP SERVER:1199
Jul 26 09:04:31	openvpn	8634	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 09:04:31	openvpn	8634	Initialization Sequence Completed
Jul 26 09:07:19	openvpn	8634	/usr/local/sbin/ovpn-linkdown ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 09:07:19	openvpn	8634	SIGTERM[soft,remote-exit] received, process exiting
Jul 26 09:07:48	openvpn	54724	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 09:07:48	openvpn	54724	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 09:07:48	openvpn	54724	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 09:07:48	openvpn	54928	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 09:07:48	openvpn	54928	TUN/TAP device ovpnc1 exists previously, keep at program end
Jul 26 09:07:48	openvpn	54928	TUN/TAP device /dev/tun1 opened
Jul 26 09:07:48	openvpn	54928	/sbin/ifconfig ovpnc1 16.16.16.2 16.16.16.1 mtu 1500 netmask 255.255.255.255 up
Jul 26 09:07:48	openvpn	54928	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 09:07:48	openvpn	54928	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1299
Jul 26 09:07:48	openvpn	54928	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 09:07:48	openvpn	54928	UDPv4 link remote: [AF_INET]WAN IP SERVER:1299
Jul 26 09:07:48	openvpn	54928	Peer Connection Initiated with [AF_INET]WAN IP SERVER:1299
Jul 26 09:07:49	openvpn	54928	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 09:07:49	openvpn	54928	Initialization Sequence Completed
Jul 26 10:35:13	openvpn	54928	write UDPv4: No route to host (code=65)
Jul 26 10:35:23	openvpn	54928	write UDPv4: No route to host (code=65)
Jul 26 10:39:53	openvpn	54928	/usr/local/sbin/ovpn-linkdown ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 10:39:53	openvpn	54928	SIGTERM[soft,remote-exit] received, process exiting
Jul 26 11:10:40	openvpn	56262	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 11:10:40	openvpn	56262	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 11:10:40	openvpn	56262	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 11:10:40	openvpn	56451	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 11:10:40	openvpn	56451	TUN/TAP device ovpnc1 exists previously, keep at program end
Jul 26 11:10:40	openvpn	56451	TUN/TAP device /dev/tun1 opened
Jul 26 11:10:40	openvpn	56451	/sbin/ifconfig ovpnc1 16.16.16.2 16.16.16.1 mtu 1500 netmask 255.255.255.255 up
Jul 26 11:10:40	openvpn	56451	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 11:10:40	openvpn	56451	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1299
Jul 26 11:10:40	openvpn	56451	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 11:10:40	openvpn	56451	UDPv4 link remote: [AF_INET]WAN IP SERVER:1299
Jul 26 11:10:51	openvpn	56451	Peer Connection Initiated with [AF_INET]WAN IP SERVER:1299
Jul 26 11:10:52	openvpn	56451	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 11:10:52	openvpn	56451	Initialization Sequence Completed
Jul 26 11:18:17	openvpn	56451	/usr/local/sbin/ovpn-linkdown ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 11:18:17	openvpn	56451	SIGTERM[soft,remote-exit] received, process exiting
Jul 26 11:39:07	openvpn	73787	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 11:39:07	openvpn	73787	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 11:39:07	openvpn	73787	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 11:39:07	openvpn	74130	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 11:39:07	openvpn	74130	TUN/TAP device ovpnc1 exists previously, keep at program end
Jul 26 11:39:07	openvpn	74130	TUN/TAP device /dev/tun1 opened
Jul 26 11:39:07	openvpn	74130	/sbin/ifconfig ovpnc1 16.16.16.2 16.16.16.1 mtu 1500 netmask 255.255.255.255 up
Jul 26 11:39:07	openvpn	74130	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 11:39:07	openvpn	74130	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1299
Jul 26 11:39:07	openvpn	74130	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 11:39:07	openvpn	74130	UDPv4 link remote: [AF_INET]WAN IP SERVER:1299
Jul 26 11:39:18	openvpn	74130	Peer Connection Initiated with [AF_INET]WAN IP SERVER:1299
Jul 26 11:39:19	openvpn	74130	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 11:39:19	openvpn	74130	Initialization Sequence Completed
```kotlin

        ===

        W 1 Reply Last reply Jul 26, 2021, 5:31 PM Reply Quote 0
        • W
          werter @veezs
          last edited by Jul 26, 2021, 5:31 PM

          @veezs said in PFS 2.5.2-RELEASE OpenVPN:

          /sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up

          Надеюсь, что это не те ip для впн-сети, что вы используете в продакшене.

          Покажите еще скринами настройки овпн-сервера и проблемного клиента.

          1 Reply Last reply Reply Quote 1
          • V
            viktor_g Netgate @veezs
            last edited by viktor_g Aug 9, 2021, 3:07 PM Aug 9, 2021, 3:07 PM

            @veezs said in PFS 2.5.2-RELEASE OpenVPN:

            Добрый день!

            После обновления на последнюю версию пфсенс
            и создания сервера openvpn начал отваливаться демон мониторинга службы и сама служба openvpn.
            До обновления ранее созданные сервера - работают стабильно, не отваливаются.
            После обновления шлюза клиента стал так же отваливаться демон(служба), до обновления он просто показывал что нет соединения с сервером и служба была запущена т.к сам сервер ложился из-за демона. (Служба падает).

            Настроено всё идентично работающим.

            Повторюсь сервера настроенные на том же шлюзе до обновления работают, количество серверов/туннелей OpenVPN -6 штук.

            Прошу помощи.
            Спасибо.

            Имеет отношение к багам:
            https://redmine.pfsense.org/issues/12219 и
            https://redmine.pfsense.org/issues/12102

            решение - выставите "Inactive" timeout в 0 и отключите ЭExit NotifyЭ

            V 1 Reply Last reply Aug 13, 2021, 9:45 AM Reply Quote 1
            • V
              viktor_g Netgate @viktor_g
              last edited by Aug 13, 2021, 9:45 AM

              @viktor_g подробнее про этот баг: https://redmine.pfsense.org/issues/12219

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received