Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN and DHCP IPv4 Issue

    Scheduled Pinned Locked Moved DHCP and DNS
    2 Posts 2 Posters 298 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pfsensai
      last edited by

      Issue: DHCP IPv4 service is not functioning after connecting to OpenVPN

      You can see from the DHCP logs that this service was functioning up until I connected via OpenVPN. After connecting via OpenVPN my VMs no longer get IPv4 addresses via DHCP.

      As a workaround I then enabled DHCP IPv6 which does work with OpenVPN.

      What I've tried:
      1. disabling / enabling DHCP IPv4 service
      2. disabling / enabling OpenVPN service
      3. rebooting

      Any ideas?

      Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_VER=2.4.4
Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_PLAT=mac
Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_PROTO=2
Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_NCP=2
Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_LZ4=1
Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_LZ4v2=1
Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_LZO=1
Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_COMP_STUB=1
Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_COMP_STUBv2=1
Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_TCPNL=1
Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_GUI_VER="net.tunnelblick.tunnelblick_5010_3.7.5__build_5010)"
Mar 18 07:32:08	openvpn		user 'masked' authenticated
Mar 18 07:32:08	openvpn	66038	24.56.70.218 [masked] Peer Connection Initiated with [AF_INET6]::ffff:24.56.70.218:1194 (via ::ffff:174.102.241.214%igb0)
Mar 18 07:32:08	openvpn	66038	masked/24.56.70.218 MULTI_sva: pool returned IPv4=192.168.40.2, IPv6=(Not enabled)

      Mar 18 07:12:00	dhcpd		Wrote 0 deleted host decls to leases file.
Mar 18 07:12:00	dhcpd		Wrote 0 new dynamic host decls to leases file.
Mar 18 07:12:00	dhcpd		Wrote 12 leases to leases file.
Mar 18 07:12:00	dhcpd		DHCPREQUEST for 192.168.50.16 (192.168.50.1) from ba:b2:09:c3:54:4b via igb1
Mar 18 07:12:00	dhcpd		DHCPACK on 192.168.50.16 to ba:b2:09:c3:54:4b via igb1
Mar 18 07:13:15	dhcpd		reuse_lease: lease age 75 (secs) under 25% threshold, reply with unaltered, existing lease for 192.168.50.16
Mar 18 07:13:15	dhcpd		DHCPREQUEST for 192.168.50.16 from ba:b2:09:c3:54:4b via igb1
Mar 18 07:13:15	dhcpd		DHCPACK on 192.168.50.16 to ba:b2:09:c3:54:4b via igb1
Mar 18 07:13:50	dhcpd		DHCPREQUEST for 192.168.50.16 from ba:b2:09:c3:54:4b via igb1
Mar 18 07:13:50	dhcpd		DHCPACK on 192.168.50.16 to ba:b2:09:c3:54:4b (DESKTOP-UK05TE3) via igb1
Mar 18 07:16:40	dhcpd		DHCPDISCOVER from 4a:e7:a4:1a:c2:b6 via igb1
Mar 18 07:16:41	dhcpd		DHCPOFFER on 192.168.50.14 to 4a:e7:a4:1a:c2:b6 (kali) via igb1
Mar 18 07:16:41	dhcpd		DHCPREQUEST for 192.168.50.14 (192.168.50.1) from 4a:e7:a4:1a:c2:b6 (kali) via igb1
Mar 18 07:16:41	dhcpd		DHCPACK on 192.168.50.14 to 4a:e7:a4:1a:c2:b6 (kali) via igb1
Mar 18 07:45:52	dhcpd		Internet Systems Consortium DHCP Server 4.3.6
Mar 18 07:45:52	dhcpd		Copyright 2004-2017 Internet Systems Consortium.
Mar 18 07:45:52	dhcpd		All rights reserved.
Mar 18 07:45:52	dhcpd		For info, please visit https://www.isc.org/software/dhcp/
Mar 18 07:45:52	dhcpd		Config file: /etc/dhcpd.conf
Mar 18 07:45:52	dhcpd		Database file: /var/db/dhcpd.leases
Mar 18 07:45:52	dhcpd		PID file: /var/run/dhcpd.pid
Mar 18 07:45:52	dhcpd		Internet Systems Consortium DHCP Server 4.3.6
Mar 18 07:45:52	dhcpd		Copyright 2004-2017 Internet Systems Consortium.
Mar 18 07:45:52	dhcpd		All rights reserved.
Mar 18 07:45:52	dhcpd		For info, please visit https://www.isc.org/software/dhcp/
Mar 18 07:45:52	dhcpd		Wrote 0 deleted host decls to leases file.
Mar 18 07:45:52	dhcpd		Wrote 0 new dynamic host decls to leases file.
Mar 18 07:45:52	dhcpd		Wrote 12 leases to leases file.
Mar 18 07:45:52	dhcpd		Listening on BPF/igb1/0c:c4:7a:12:bc:1b/192.168.50.0/24
Mar 18 07:45:52	dhcpd		Sending on BPF/igb1/0c:c4:7a:12:bc:1b/192.168.50.0/24
Mar 18 07:45:52	dhcpd		Sending on Socket/fallback/fallback-net
Mar 18 07:45:52	dhcpd		Server starting service.
Mar 18 07:46:22	dhcpd		Internet Systems Consortium DHCP Server 4.3.6
Mar 18 07:46:22	dhcpd		Copyright 2004-2017 Internet Systems Consortium.
Mar 18 07:46:22	dhcpd		All rights reserved.
Mar 18 07:46:22	dhcpd		For info, please visit https://www.isc.org/software/dhcp/
Mar 18 07:46:22	dhcpd		Config file: /etc/dhcpd.conf
Mar 18 07:46:22	dhcpd		Database file: /var/db/dhcpd.leases
Mar 18 07:46:22	dhcpd		PID file: /var/run/dhcpd.pid
Mar 18 07:46:22	dhcpd		Internet Systems Consortium DHCP Server 4.3.6
Mar 18 07:46:22	dhcpd		Copyright 2004-2017 Internet Systems Consortium.
Mar 18 07:46:22	dhcpd		All rights reserved.
Mar 18 07:46:22	dhcpd		For info, please visit https://www.isc.org/software/dhcp/
Mar 18 07:46:22	dhcpd		Wrote 0 deleted host decls to leases file.
Mar 18 07:46:22	dhcpd		Wrote 0 new dynamic host decls to leases file.
Mar 18 07:46:22	dhcpd		Wrote 12 leases to leases file.
Mar 18 07:46:22	dhcpd		Listening on BPF/igb1/0c:c4:7a:12:bc:1b/192.168.50.0/24
Mar 18 07:46:22	dhcpd		Sending on BPF/igb1/0c:c4:7a:12:bc:1b/192.168.50.0/24
Mar 18 07:46:22	dhcpd		Sending on Socket/fallback/fallback-net
Mar 18 07:46:22	dhcpd		Server starting service.
      1 Reply Last reply Reply Quote 0
      • M
        mcdiesel
        last edited by

        You don't say which interface looses dhcp service, or provide other relevant detail that would enable you problem to be solved, like how your vpn is configured address wise.

        It could be that your tunnel network address range clashes with your local address range, and routing goes bad.

        Can you test your config in a sandpit with a pair of VM pfsense in your virtual environment?

        You could try https://github.com/CyberShadow/dhcptest, to see what is going on from client side.

        A package capture on the affected interface could also be insightful.  Capture on pfSense then download to Wireshark for detailed inspection.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.