OpenVPN default route partialy broken in 2.3
-
Hello,
I use an OpenVPN client as default route in my firewall.
My LAN interface is a bridge of LAN1 LAN2 and WLAN.
With pfSense version 2.2 this is working but after upgrading 2.3 the WLAN interface is not routed trough OpenVPN anymore.
If I connect a computer on LAN1 my VPN is working as expected.
If I connect it to the WLAN I can access the firewall but external not the networkIf I remove the bridge interface and use only the WLAN everything is working as expected.
Is this a known problem ? Any idea on how to solve it ?
Thanks for hour help
Cédric
-
No issues along those lines that I'm aware of. What does the output of 'ifconfig bridge0' show?
-
bridge0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
ether 02:7a:26:1b:54:00
inet 10.20.4.1 netmask 0xffffff00 broadcast 10.20.4.255
nd6 options=1 <performnud>id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: re1 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 2 priority 128 path cost 55
member: ath0_wlan0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 9 priority 128 path cost 33333
member: re2 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 3 priority 128 path cost 55re0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
options=8209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate>ether 00:0d:b9:3a:17:58
inet6 fe80::20d:b9ff:fe3a:1758%re0 prefixlen 64 scopeid 0x1
inet 10.200.0.99 netmask 0xffffff00 broadcast 10.200.0.255
nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (100baseTX <full-duplex>)
status: activere1: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
options=8209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate>ether 00:0d:b9:3a:17:59
inet6 fe80::20d:b9ff:fe3a:1759%re1 prefixlen 64 scopeid 0x2
nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (100baseTX <full-duplex>)
status: activere2: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
options=82099 <rxcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate>ether 00:0d:b9:3a:17:5a
inet6 fe80::20d:b9ff:fe3a:175a%re2 prefixlen 64 scopeid 0x3
nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (none)
status: no carrierath0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290
ether 04:f0:21:14:c8:5b
nd6 options=21 <performnud,auto_linklocal>media: IEEE 802.11 Wireless Ethernet autoselect mode 11na <hostap>status: running</hostap></performnud,auto_linklocal></up,broadcast,running,simplex,multicast></performnud,auto_linklocal></rxcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate></up,broadcast,running,promisc,simplex,multicast></full-duplex></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate></up,broadcast,running,promisc,simplex,multicast></full-duplex></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate></up,broadcast,running,simplex,multicast></learning,discover,autoedge,autoptp></learning,discover,autoedge,autoptp></learning,discover,autoedge,autoptp></performnud></up,broadcast,running,simplex,multicast> -
If you remove the NIC with no carrier from the bridge, or plug it into something so it's live, does that change things?
-
Thanks for your help.
In my real test condition LAN1 and LAN2 are disconnected. As soon as LAN1 and/or LAN2 are connected the tunnel is working.
The same config is working properly with version 2.2.
Any workaround or chance to have it fixed soon ?
-
is this a known problem or do I have to fill a bug report ?
-
Opened bug ticket here.
https://redmine.pfsense.org/issues/6580