Custom Options ignored after reboot like –> push "route ...... etc"



  • These are my pushed routes and they work great after I click save:

    Then after any reboot they quit working but are STILL in the "Custom Options" box just like I left them.

    The only thing I need to do to get them working again is just click SAVE and then they work again.

    Here's the openvpn.conf file

    [2.3.2-RELEASE][admin@pfSense.localdomain]/var/etc/openvpn: cat server2.conf
    dev ovpns2
    verb 1
    dev-type tun
    tun-ipv6
    dev-node /dev/tun2
    writepid /var/run/openvpn_server2.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto udp
    cipher AES-256-CBC
    auth SHA1
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    client-connect /usr/local/sbin/openvpn.attributes.sh
    client-disconnect /usr/local/sbin/openvpn.attributes.sh
    local ************
    tls-server
    server 192.168.100.0 255.255.255.0
    client-config-dir /var/etc/openvpn-csc/server2
    username-as-common-name
    auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user 'Local Database' false server2" via-env
    tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'VPN+Server+Certificate' 1"
    lport *****
    management /var/etc/openvpn/server2.sock unix
    max-clients 10
    client-to-client
    ca /var/etc/openvpn/server2.ca 
    cert /var/etc/openvpn/server2.cert 
    key /var/etc/openvpn/server2.key 
    dh /etc/dh-parameters.2048
    tls-auth /var/etc/openvpn/server2.tls-auth 0
    comp-lzo no
    persist-remote-ip
    float
    topology subnet
    push "route 10.11.0.0 255.255.0.0 192.168.100.1 1"
    push "route 10.12.0.0 255.255.0.0 192.168.100.1 1"
    push "route 10.4.0.0 255.255.0.0 192.168.100.1 1"
    
    

    I haven't been able to check out the .conf file when they are not working to see if they are still there.

    Any suggestions?

    Thanks!



  • The hint below where you enter those says:

    "Enter any additional options to add to the OpenVPN server configuration here, separated by semicolon."



  • Works fine entering each push route on individual lines like this then pressing SAVE

    It reformats it and then going back in it looks like this:

    My routing table before connecting to VPN:

    Routing table after separating each route line by line and pressing save:

    Now, if the PfSense reboots the pushed routes do not get pushed even though they appear the same in pic #1 under "Custom Options".
    If I separate each line with a semicolon those semicolons are discarded and they end up looking like pic #1 again…..  ???? I don't get it.



  • Hmmm,  doesn't do that on my 2.3.4_RELEASE.  However, I'm using semicolons




  • 2.3.2 here.

    Are your pushed routes unaffected by server reboots on 2.3.4 as perceived from the client?



  • As it happens, I just had to reboot because the cable ISP was doing planned maintenance.

    Yes, the routes are completely unaffected on the client.  Though I've never experienced the problem you're seeing.

    I noticed that the OpenVPN Client Export package allows separation of push statements by either a linefeed or a semicolon.  Whereas the OpenVPN Server settings only seem to permit the semicolon.  Should probably be consistent.


Log in to reply