Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ~~pfSense 2.4.3 OpenVPN Wizard BUG?~~

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mollie99
      last edited by

      So, yesterday I was at a clients office and wanted to setup OpenVPN remote access.
      pfSense was on the latest version, being 2.4.3 running on VMWare Esxi.

      I used the OpenVPN Wizard, as I've done before (on pfSense 2.4.2)
      At the end of the wizard I checked the add firewall rules, as I've done before.

      But now, as soon as I finished the wizard, I start getting notices in pfSense. (see screenshot).
      About 15 to 30 minutes later (can't recall the exact time) there was no internet in the building!
      LAN was working, VLANS working, but internet was gone. The Notices got more and more over time.
      There was enough HDD space, there was enough memory, everything looked normal except for the notices and no internet.
      The default gateway was set and up, DNS was configured and running but all to no avail.
      I did see that the wizard added the OpenVPN rules to the interfaces, but the notices kept coming.

      I checked the firewall rules, but they looked ok to me.

      So I rebooted pfSense, but that didn't help either.

      I then decided to call the internet provider to check if there was a problem on their side, but no problem there either. :-(
      The only thing I could do, was ping from within pfSense to the internet with source address set to WAN. That worked.
      But when I pinged from source address LAN, no luck.

      So I couldn't resolve the problem in a decent amount of time, then I decided to restore the VMWare snapshot I made before the OpenVPN configuration!

      Everything worked fine after that.
      Now I must say that it was a rather simple pfSense setup, with WAN, LAN, 2 extra VLANS, pfBlockerNG. Nothing to complex.

      But it didn't feel right, so this morning I installed pfSense 2.4.3 on my own VMWare machine and used the OpenVPN wizard to see if I could replicate the issue. And indeed. As soon as I finished the OpenVPN wizard, the notices start coming in.

      I cannot however replicate the exact described problem, as I do get notices (screenshot) but I still am able to ping to the internet from both WAN and LAN. But the fresh installed pfSense is not as configured as the client one yesterday.

      I just wanted to share this with you all, and maybe there is an bug in the OpenVPN wizard in pfSense 2.4.3
      pfSense-notices-openvpn.png
      pfSense-notices-openvpn.png_thumb

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Yes, it's a BUG. It has already been fixed for 2.4.4.

        https://redmine.pfsense.org/issues/8391

        Edit the OpenVPN firewall rule on WAN, change the protocol from ANY to UDP or TCP as needed and save the rule.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • M
          mollie99
          last edited by

          Hi Derelict,

          I should have checked the bugtracker:-)
          But thanks for your response.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.