Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFS 2.5.2-RELEASE OpenVPN

    Russian
    3
    6
    956
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      veezs
      last edited by

      Добрый день!

      После обновления на последнюю версию пфсенс
      и создания сервера openvpn начал отваливаться демон мониторинга службы и сама служба openvpn.
      До обновления ранее созданные сервера - работают стабильно, не отваливаются.
      После обновления шлюза клиента стал так же отваливаться демон(служба), до обновления он просто показывал что нет соединения с сервером и служба была запущена т.к сам сервер ложился из-за демона. (Служба падает).

      Настроено всё идентично работающим.

      Повторюсь сервера настроенные на том же шлюзе до обновления работают, количество серверов/туннелей OpenVPN -6 штук.

      Прошу помощи.
      Спасибо.

      werterW viktor_gV 2 Replies Last reply Reply Quote 0
      • werterW
        werter @veezs
        last edited by werter

        Добрый.
        @veezs
        Покажите логи с сервера и клиента при этом.
        15 шт обновились - проблем нет.

        Зы. Поищите по багам еще здесь https://redmine.pfsense.org/projects/pfsense/roadmap

        V 1 Reply Last reply Reply Quote 0
        • V
          veezs @werter
          last edited by

          @werter said in PFS 2.5.2-RELEASE OpenVPN:

          Добрый.
          @veezs
          Покажите логи с сервера и клиента при этом.
          15 шт обновились - проблем нет.

          Зы. Поищите по багам еще здесь https://redmine.pfsense.org/projects/pfsense/roadmap

          P.s Порт по пути проблемы менял с 1199 на 1299 и разница между клиентом и сервером 3 часа. После открытия топика как ни странно пока не отваливалось, но думаю что, отвалиться. Нету закономерности..
          Спасибо!

          Логи Сервера:

          ===group

          ``` Jul 26 09:31:22	openvpn	48293	Authenticate/Decrypt packet error: missing authentication info
Jul 26 09:39:13	openvpn	48293	Authenticate/Decrypt packet error: missing authentication info
Jul 26 10:37:53	openvpn	48293	Authenticate/Decrypt packet error: missing authentication info
Jul 26 10:49:21	openvpn	22264	Inactivity timeout (--ping-restart), restarting
Jul 26 10:49:21	openvpn	22264	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 10:49:26	openvpn	22264	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 10:49:26	openvpn	22264	Re-using pre-shared static key
Jul 26 10:49:26	openvpn	22264	Preserving previous TUN/TAP instance: ovpns6
Jul 26 10:49:26	openvpn	22264	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1199
Jul 26 10:49:26	openvpn	22264	UDPv4 link remote: [AF_UNSPEC]
Jul 26 10:54:26	openvpn	22264	Inactivity timeout (--inactive), exiting
Jul 26 10:54:26	openvpn	22264	SIGTERM received, sending exit notification to peer
Jul 26 10:54:27	openvpn	22264	/usr/local/sbin/ovpn-linkdown ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 10:54:27	openvpn	22264	SIGTERM[soft,exit-with-notification] received, process exiting
Jul 26 10:57:32	openvpn	35440	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 10:57:32	openvpn	35440	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 10:57:32	openvpn	35440	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 10:57:32	openvpn	35717	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 10:57:32	openvpn	35717	TUN/TAP device ovpns6 exists previously, keep at program end
Jul 26 10:57:32	openvpn	35717	TUN/TAP device /dev/tun6 opened
Jul 26 10:57:32	openvpn	35717	/sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up
Jul 26 10:57:32	openvpn	35717	/usr/local/sbin/ovpn-linkup ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 10:57:32	openvpn	35717	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1199
Jul 26 10:57:32	openvpn	35717	UDPv4 link remote: [AF_UNSPEC]
Jul 26 11:02:32	openvpn	35717	Inactivity timeout (--inactive), exiting
Jul 26 11:02:32	openvpn	35717	SIGTERM received, sending exit notification to peer
Jul 26 11:02:33	openvpn	35717	/usr/local/sbin/ovpn-linkdown ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 11:02:33	openvpn	35717	SIGTERM[soft,exit-with-notification] received, process exiting
Jul 26 11:03:02	openvpn	51229	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 11:03:02	openvpn	51229	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 11:03:02	openvpn	51229	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 11:03:02	openvpn	51546	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 11:03:02	openvpn	51546	TUN/TAP device ovpns6 exists previously, keep at program end
Jul 26 11:03:02	openvpn	51546	TUN/TAP device /dev/tun6 opened
Jul 26 11:03:02	openvpn	51546	/sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up
Jul 26 11:03:02	openvpn	51546	/usr/local/sbin/ovpn-linkup ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 11:03:02	openvpn	51546	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1199
Jul 26 11:03:02	openvpn	51546	UDPv4 link remote: [AF_UNSPEC]
Jul 26 11:07:55	openvpn	51546	Peer Connection Initiated with [AF_INET]WAN IP CLIENT:37990
Jul 26 11:07:56	openvpn	51546	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 11:07:56	openvpn	51546	Initialization Sequence Completed
Jul 26 11:56:49	openvpn	51546	Inactivity timeout (--ping-restart), restarting
Jul 26 11:56:49	openvpn	51546	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 11:56:54	openvpn	51546	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 11:56:54	openvpn	51546	Re-using pre-shared static key
Jul 26 11:56:54	openvpn	51546	Preserving previous TUN/TAP instance: ovpns6
Jul 26 11:56:54	openvpn	51546	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1199
Jul 26 11:56:54	openvpn	51546	UDPv4 link remote: [AF_UNSPEC]
Jul 26 12:01:54	openvpn	51546	Inactivity timeout (--inactive), exiting
Jul 26 12:01:54	openvpn	51546	SIGTERM received, sending exit notification to peer
Jul 26 12:01:55	openvpn	51546	/usr/local/sbin/ovpn-linkdown ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 12:01:55	openvpn	51546	SIGTERM[soft,exit-with-notification] received, process exiting
Jul 26 12:04:28	openvpn	23222	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 12:04:28	openvpn	23222	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 12:04:28	openvpn	23222	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 12:04:28	openvpn	23542	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 12:04:28	openvpn	23542	TUN/TAP device ovpns6 exists previously, keep at program end
Jul 26 12:04:28	openvpn	23542	TUN/TAP device /dev/tun6 opened
Jul 26 12:04:28	openvpn	23542	/sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up
Jul 26 12:04:28	openvpn	23542	/usr/local/sbin/ovpn-linkup ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 12:04:28	openvpn	23542	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1199
Jul 26 12:04:28	openvpn	23542	UDPv4 link remote: [AF_UNSPEC]
Jul 26 12:04:30	openvpn	23542	Peer Connection Initiated with [AF_INET]WAN IP CLIENT:5447
Jul 26 12:04:30	openvpn	23542	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 12:04:30	openvpn	23542	Initialization Sequence Completed
Jul 26 12:07:19	openvpn	23542	event_wait : Interrupted system call (code=4)
Jul 26 12:07:19	openvpn	23542	SIGTERM received, sending exit notification to peer
Jul 26 12:07:20	openvpn	23542	/usr/local/sbin/ovpn-linkdown ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 12:07:20	openvpn	23542	SIGTERM[soft,exit-with-notification] received, process exiting
Jul 26 12:07:21	openvpn	53735	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 12:07:21	openvpn	53735	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 12:07:21	openvpn	53735	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 12:07:21	openvpn	54061	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 12:07:21	openvpn	54061	TUN/TAP device ovpns6 exists previously, keep at program end
Jul 26 12:07:21	openvpn	54061	TUN/TAP device /dev/tun6 opened
Jul 26 12:07:21	openvpn	54061	/sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up
Jul 26 12:07:21	openvpn	54061	/usr/local/sbin/ovpn-linkup ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 12:07:21	openvpn	54061	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1299
Jul 26 12:07:21	openvpn	54061	UDPv4 link remote: [AF_UNSPEC]
Jul 26 12:07:48	openvpn	54061	Peer Connection Initiated with [AF_INET]WAN IP CLIENT:7966
Jul 26 12:07:48	openvpn	54061	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 12:07:48	openvpn	54061	Initialization Sequence Completed
Jul 26 12:49:37	openvpn	48293	Authenticate/Decrypt packet error: missing authentication info
Jul 26 13:39:53	openvpn	54061	Inactivity timeout (--inactive), exiting
Jul 26 13:39:53	openvpn	54061	SIGTERM received, sending exit notification to peer
Jul 26 13:39:54	openvpn	54061	/usr/local/sbin/ovpn-linkdown ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 13:39:54	openvpn	54061	SIGTERM[soft,exit-with-notification] received, process exiting
Jul 26 14:10:47	openvpn	17523	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 14:10:47	openvpn	17523	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 14:10:47	openvpn	17523	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 14:10:47	openvpn	17778	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 14:10:47	openvpn	17778	TUN/TAP device ovpns6 exists previously, keep at program end
Jul 26 14:10:47	openvpn	17778	TUN/TAP device /dev/tun6 opened
Jul 26 14:10:47	openvpn	17778	/sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up
Jul 26 14:10:47	openvpn	17778	/usr/local/sbin/ovpn-linkup ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 14:10:47	openvpn	17778	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1299
Jul 26 14:10:47	openvpn	17778	UDPv4 link remote: [AF_UNSPEC]
Jul 26 14:10:51	openvpn	17778	Peer Connection Initiated with [AF_INET]WAN IP CLIENT:20475
Jul 26 14:10:52	openvpn	17778	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 14:10:52	openvpn	17778	Initialization Sequence Completed
Jul 26 14:18:17	openvpn	17778	Inactivity timeout (--inactive), exiting
Jul 26 14:18:17	openvpn	17778	SIGTERM received, sending exit notification to peer
Jul 26 14:18:18	openvpn	17778	/usr/local/sbin/ovpn-linkdown ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 14:18:18	openvpn	17778	SIGTERM[soft,exit-with-notification] received, process exiting
Jul 26 14:39:14	openvpn	59816	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 14:39:14	openvpn	59816	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 14:39:14	openvpn	59816	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 14:39:14	openvpn	59991	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 14:39:14	openvpn	59991	TUN/TAP device ovpns6 exists previously, keep at program end
Jul 26 14:39:14	openvpn	59991	TUN/TAP device /dev/tun6 opened
Jul 26 14:39:14	openvpn	59991	/sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up
Jul 26 14:39:14	openvpn	59991	/usr/local/sbin/ovpn-linkup ovpns6 1500 1572 16.16.16.1 16.16.16.2 init
Jul 26 14:39:14	openvpn	59991	UDPv4 link local (bound): [AF_INET]WAN IP SERVER:1299
Jul 26 14:39:14	openvpn	59991	UDPv4 link remote: [AF_UNSPEC]
Jul 26 14:39:18	openvpn	59991	Peer Connection Initiated with [AF_INET]WAN IP CLIENT:6014
Jul 26 14:39:18	openvpn	59991	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 14:39:18	openvpn	59991	Initialization Sequence Completed
```kotlin

          ===

          Логи Клиента:

          ===group

          ```Jul 26 07:59:48	openvpn	24762	write UDPv4: No route to host (code=65)
Jul 26 07:59:48	openvpn	24762	write UDPv4: No route to host (code=65)
Jul 26 07:59:59	openvpn	24762	write UDPv4: No route to host (code=65)
Jul 26 07:59:59	openvpn	24762	write UDPv4: No route to host (code=65)
Jul 26 08:00:07	openvpn	24762	Inactivity timeout (--ping-restart), restarting
Jul 26 08:00:07	openvpn	24762	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 08:02:12	openvpn	22606	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 08:02:12	openvpn	22606	OpenVPN 2.5.1 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Apr 5 2021
Jul 26 08:02:12	openvpn	22606	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 08:02:12	openvpn	22653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 08:02:12	openvpn	22653	GDG: problem writing to routing socket
Jul 26 08:02:12	openvpn	22653	TUN/TAP device ovpnc1 exists previously, keep at program end
Jul 26 08:02:12	openvpn	22653	TUN/TAP device /dev/tun1 opened
Jul 26 08:02:12	openvpn	22653	ioctl(TUNSIFMODE): Device busy (errno=16)
Jul 26 08:02:12	openvpn	22653	/sbin/ifconfig ovpnc1 16.16.16.2 16.16.16.1 mtu 1500 netmask 255.255.255.255 up
Jul 26 08:02:12	openvpn	22653	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 08:02:13	openvpn	22653	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 08:02:13	openvpn	22653	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 08:02:13	openvpn	22653	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 08:02:13	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:13	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:13	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:13	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:14	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:23	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:33	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:33	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:43	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:43	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:53	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:02:53	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:03:03	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:03:03	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:03:13	openvpn	22653	Inactivity timeout (--ping-restart), restarting
Jul 26 08:03:13	openvpn	22653	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 08:03:18	openvpn	22653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 08:03:18	openvpn	22653	Re-using pre-shared static key
Jul 26 08:03:18	openvpn	22653	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 08:03:18	openvpn	22653	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 08:03:18	openvpn	22653	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 08:03:18	openvpn	22653	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 08:03:18	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:03:28	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:03:28	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:04:19	openvpn	22653	Inactivity timeout (--ping-restart), restarting
Jul 26 08:04:19	openvpn	22653	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 08:04:24	openvpn	22653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 08:04:24	openvpn	22653	Re-using pre-shared static key
Jul 26 08:04:24	openvpn	22653	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 08:04:24	openvpn	22653	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 08:04:24	openvpn	22653	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 08:04:24	openvpn	22653	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 08:05:24	openvpn	22653	Inactivity timeout (--ping-restart), restarting
Jul 26 08:05:24	openvpn	22653	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 08:05:29	openvpn	22653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 08:05:29	openvpn	22653	Re-using pre-shared static key
Jul 26 08:05:29	openvpn	22653	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 08:05:29	openvpn	22653	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 08:05:29	openvpn	22653	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 08:05:29	openvpn	22653	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 08:06:29	openvpn	22653	Inactivity timeout (--ping-restart), restarting
Jul 26 08:06:29	openvpn	22653	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 08:06:34	openvpn	22653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 08:06:34	openvpn	22653	Re-using pre-shared static key
Jul 26 08:06:34	openvpn	22653	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 08:06:34	openvpn	22653	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 08:06:34	openvpn	22653	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 08:06:34	openvpn	22653	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 08:07:35	openvpn	22653	Inactivity timeout (--ping-restart), restarting
Jul 26 08:07:35	openvpn	22653	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 08:07:45	openvpn	22653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 08:07:45	openvpn	22653	Re-using pre-shared static key
Jul 26 08:07:45	openvpn	22653	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 08:07:45	openvpn	22653	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 08:07:45	openvpn	22653	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 08:07:45	openvpn	22653	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 08:07:45	openvpn	22653	write UDPv4: No route to host (code=65)
Jul 26 08:07:55	openvpn	22653	Peer Connection Initiated with [AF_INET]WAN IP SERVER:1199
Jul 26 08:07:57	openvpn	22653	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 08:07:57	openvpn	22653	Initialization Sequence Completed
Jul 26 09:01:49	openvpn	23342	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 09:01:49	openvpn	23342	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 09:01:49	openvpn	23342	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 09:01:49	openvpn	23646	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 09:01:49	openvpn	23646	GDG: problem writing to routing socket
Jul 26 09:01:49	openvpn	23646	TUN/TAP device ovpnc1 exists previously, keep at program end
Jul 26 09:01:49	openvpn	23646	TUN/TAP device /dev/tun1 opened
Jul 26 09:01:49	openvpn	23646	ioctl(TUNSIFMODE): Device busy (errno=16)
Jul 26 09:01:49	openvpn	23646	/sbin/ifconfig ovpnc1 16.16.16.2 16.16.16.1 mtu 1500 netmask 255.255.255.255 up
Jul 26 09:01:49	openvpn	23646	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 09:01:49	openvpn	23646	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 09:01:49	openvpn	23646	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 09:01:49	openvpn	23646	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 09:01:49	openvpn	23646	write UDPv4: No route to host (code=65)
Jul 26 09:01:49	openvpn	23646	write UDPv4: No route to host (code=65)
Jul 26 09:01:49	openvpn	23646	write UDPv4: No route to host (code=65)
Jul 26 09:01:50	openvpn	23646	write UDPv4: No route to host (code=65)
Jul 26 09:02:49	openvpn	23646	Inactivity timeout (--ping-restart), restarting
Jul 26 09:02:49	openvpn	23646	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 09:02:54	openvpn	23646	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 09:02:54	openvpn	23646	Re-using pre-shared static key
Jul 26 09:02:54	openvpn	23646	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 09:02:54	openvpn	23646	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 09:02:54	openvpn	23646	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 09:02:54	openvpn	23646	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 09:03:04	openvpn	23646	event_wait : Interrupted system call (code=4)
Jul 26 09:03:04	openvpn	23646	/usr/local/sbin/ovpn-linkdown ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 09:03:04	openvpn	23646	SIGTERM[hard,] received, process exiting
Jul 26 09:03:05	openvpn	8440	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 09:03:05	openvpn	8440	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 09:03:05	openvpn	8440	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 09:03:05	openvpn	8634	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 09:03:05	openvpn	8634	TUN/TAP device ovpnc1 exists previously, keep at program end
Jul 26 09:03:05	openvpn	8634	TUN/TAP device /dev/tun1 opened
Jul 26 09:03:05	openvpn	8634	/sbin/ifconfig ovpnc1 16.16.16.2 16.16.16.1 mtu 1500 netmask 255.255.255.255 up
Jul 26 09:03:05	openvpn	8634	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 09:03:05	openvpn	8634	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 09:03:05	openvpn	8634	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 09:03:05	openvpn	8634	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 09:04:05	openvpn	8634	Inactivity timeout (--ping-restart), restarting
Jul 26 09:04:05	openvpn	8634	SIGUSR1[soft,ping-restart] received, process restarting
Jul 26 09:04:10	openvpn	8634	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 09:04:10	openvpn	8634	Re-using pre-shared static key
Jul 26 09:04:10	openvpn	8634	Preserving previous TUN/TAP instance: ovpnc1
Jul 26 09:04:10	openvpn	8634	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1199
Jul 26 09:04:10	openvpn	8634	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 09:04:10	openvpn	8634	UDPv4 link remote: [AF_INET]WAN IP SERVER:1199
Jul 26 09:04:30	openvpn	8634	Peer Connection Initiated with [AF_INET]WAN IP SERVER:1199
Jul 26 09:04:31	openvpn	8634	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 09:04:31	openvpn	8634	Initialization Sequence Completed
Jul 26 09:07:19	openvpn	8634	/usr/local/sbin/ovpn-linkdown ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 09:07:19	openvpn	8634	SIGTERM[soft,remote-exit] received, process exiting
Jul 26 09:07:48	openvpn	54724	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 09:07:48	openvpn	54724	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 09:07:48	openvpn	54724	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 09:07:48	openvpn	54928	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 09:07:48	openvpn	54928	TUN/TAP device ovpnc1 exists previously, keep at program end
Jul 26 09:07:48	openvpn	54928	TUN/TAP device /dev/tun1 opened
Jul 26 09:07:48	openvpn	54928	/sbin/ifconfig ovpnc1 16.16.16.2 16.16.16.1 mtu 1500 netmask 255.255.255.255 up
Jul 26 09:07:48	openvpn	54928	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 09:07:48	openvpn	54928	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1299
Jul 26 09:07:48	openvpn	54928	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 09:07:48	openvpn	54928	UDPv4 link remote: [AF_INET]WAN IP SERVER:1299
Jul 26 09:07:48	openvpn	54928	Peer Connection Initiated with [AF_INET]WAN IP SERVER:1299
Jul 26 09:07:49	openvpn	54928	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 09:07:49	openvpn	54928	Initialization Sequence Completed
Jul 26 10:35:13	openvpn	54928	write UDPv4: No route to host (code=65)
Jul 26 10:35:23	openvpn	54928	write UDPv4: No route to host (code=65)
Jul 26 10:39:53	openvpn	54928	/usr/local/sbin/ovpn-linkdown ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 10:39:53	openvpn	54928	SIGTERM[soft,remote-exit] received, process exiting
Jul 26 11:10:40	openvpn	56262	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 11:10:40	openvpn	56262	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 11:10:40	openvpn	56262	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 11:10:40	openvpn	56451	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 11:10:40	openvpn	56451	TUN/TAP device ovpnc1 exists previously, keep at program end
Jul 26 11:10:40	openvpn	56451	TUN/TAP device /dev/tun1 opened
Jul 26 11:10:40	openvpn	56451	/sbin/ifconfig ovpnc1 16.16.16.2 16.16.16.1 mtu 1500 netmask 255.255.255.255 up
Jul 26 11:10:40	openvpn	56451	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 11:10:40	openvpn	56451	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1299
Jul 26 11:10:40	openvpn	56451	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 11:10:40	openvpn	56451	UDPv4 link remote: [AF_INET]WAN IP SERVER:1299
Jul 26 11:10:51	openvpn	56451	Peer Connection Initiated with [AF_INET]WAN IP SERVER:1299
Jul 26 11:10:52	openvpn	56451	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 11:10:52	openvpn	56451	Initialization Sequence Completed
Jul 26 11:18:17	openvpn	56451	/usr/local/sbin/ovpn-linkdown ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 11:18:17	openvpn	56451	SIGTERM[soft,remote-exit] received, process exiting
Jul 26 11:39:07	openvpn	73787	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Jul 26 11:39:07	openvpn	73787	OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
Jul 26 11:39:07	openvpn	73787	library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Jul 26 11:39:07	openvpn	74130	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 26 11:39:07	openvpn	74130	TUN/TAP device ovpnc1 exists previously, keep at program end
Jul 26 11:39:07	openvpn	74130	TUN/TAP device /dev/tun1 opened
Jul 26 11:39:07	openvpn	74130	/sbin/ifconfig ovpnc1 16.16.16.2 16.16.16.1 mtu 1500 netmask 255.255.255.255 up
Jul 26 11:39:07	openvpn	74130	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 16.16.16.2 16.16.16.1 init
Jul 26 11:39:07	openvpn	74130	TCP/UDP: Preserving recently used remote address: [AF_INET]WAN IP SERVER:1299
Jul 26 11:39:07	openvpn	74130	UDPv4 link local (bound): [AF_INET]WAN IP CLIENT:0
Jul 26 11:39:07	openvpn	74130	UDPv4 link remote: [AF_INET]WAN IP SERVER:1299
Jul 26 11:39:18	openvpn	74130	Peer Connection Initiated with [AF_INET]WAN IP SERVER:1299
Jul 26 11:39:19	openvpn	74130	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jul 26 11:39:19	openvpn	74130	Initialization Sequence Completed
```kotlin

          ===

          werterW 1 Reply Last reply Reply Quote 0
          • werterW
            werter @veezs
            last edited by

            @veezs said in PFS 2.5.2-RELEASE OpenVPN:

            /sbin/ifconfig ovpns6 16.16.16.1 16.16.16.2 mtu 1500 netmask 255.255.255.255 up

            Надеюсь, что это не те ip для впн-сети, что вы используете в продакшене.

            Покажите еще скринами настройки овпн-сервера и проблемного клиента.

            1 Reply Last reply Reply Quote 1
            • viktor_gV
              viktor_g Netgate @veezs
              last edited by viktor_g

              @veezs said in PFS 2.5.2-RELEASE OpenVPN:

              Добрый день!

              После обновления на последнюю версию пфсенс
              и создания сервера openvpn начал отваливаться демон мониторинга службы и сама служба openvpn.
              До обновления ранее созданные сервера - работают стабильно, не отваливаются.
              После обновления шлюза клиента стал так же отваливаться демон(служба), до обновления он просто показывал что нет соединения с сервером и служба была запущена т.к сам сервер ложился из-за демона. (Служба падает).

              Настроено всё идентично работающим.

              Повторюсь сервера настроенные на том же шлюзе до обновления работают, количество серверов/туннелей OpenVPN -6 штук.

              Прошу помощи.
              Спасибо.

              Имеет отношение к багам:
              https://redmine.pfsense.org/issues/12219 и
              https://redmine.pfsense.org/issues/12102

              решение - выставите "Inactive" timeout в 0 и отключите ЭExit NotifyЭ

              viktor_gV 1 Reply Last reply Reply Quote 1
              • viktor_gV
                viktor_g Netgate @viktor_g
                last edited by

                @viktor_g подробнее про этот баг: https://redmine.pfsense.org/issues/12219

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.