Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN 2.4 update task, or pull-filter ignore

    OpenVPN
    3
    5
    2097
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • dragoangel
      dragoangel last edited by

      I have a question, when is planning to updating to OpenVPN 2.4 version?
      And the second part of post:
      Why I need 2.4 => I need use option for client connection:

      pull-filter ignore "ifconfig-ipv6"
      pull-filter ignore "route-ipv6"
      

      But now it not start client and shows error:

      Options error: Unrecognized option or missing parameter(s) in /var/etc/openvpn/client2.conf:31: pull-filter (2.3.17)
      

      Maybe somebody know another way to do this, because I don't. I know another way that work on OpenVPN 2.3.*:```
      route-nopull

      Latest stable pfSense on 2x XG-7100 and 1x Intel Xeon Server, running mutiWAN, he.net IPv6, pfBlockerNG-devel, HAProxy-devel, Syslog-ng, Zabbix-agent, OpenVPN, IPsec site-to-site, DNS-over-TLS...
      Unifi AP-AC-LR with EAP RADIUS, US-24

      1 Reply Last reply Reply Quote 0
      • dragoangel
        dragoangel last edited by

        Maybe you can add functionality to add to static routes "Aliases" with multiple subnets in them? It can help me too… I'we then can create pfBlockerNG native list with whois domains that all time I need to route to VPN.

        Latest stable pfSense on 2x XG-7100 and 1x Intel Xeon Server, running mutiWAN, he.net IPv6, pfBlockerNG-devel, HAProxy-devel, Syslog-ng, Zabbix-agent, OpenVPN, IPsec site-to-site, DNS-over-TLS...
        Unifi AP-AC-LR with EAP RADIUS, US-24

        1 Reply Last reply Reply Quote 0
        • Derelict
          Derelict LAYER 8 Netgate last edited by

          OpenVPN 2.4 is in pfSense 2.4. (Both being 2.4 is simply a coincidence.)

          BETA snapshots

          Chattanooga, Tennessee, USA
          The pfSense Book is free of charge!
          DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • dragoangel
            dragoangel last edited by

            Ok, thx. But I better wait for stable release. And what about alises in static routes? It would be nice function too.

            Latest stable pfSense on 2x XG-7100 and 1x Intel Xeon Server, running mutiWAN, he.net IPv6, pfBlockerNG-devel, HAProxy-devel, Syslog-ng, Zabbix-agent, OpenVPN, IPsec site-to-site, DNS-over-TLS...
            Unifi AP-AC-LR with EAP RADIUS, US-24

            1 Reply Last reply Reply Quote 0
            • B
              bPsdTZpW last edited by

              I also have encountered this issue. What occurs is that pfSense sometimes gloms the options together when OpenVPN is restarted, causing a syntax error. So

              pull-filter ignore "ifconfig-ipv6"
              pull-filter ignore "route-ipv6"
              

              becomes

              pull-filter ignore "ifconfig-ipv6"pull-filter ignore "route-ipv6"
              

              You can workaround this problem by adding a comment marker at the end of each affected line, like:

              pull-filter ignore "ifconfig-ipv6" #
              pull-filter ignore "route-ipv6" #
              
              1 Reply Last reply Reply Quote 0
              • First post
                Last post