Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    ~~pfSense 2.4.3 OpenVPN Wizard BUG?~~

    OpenVPN
    2
    3
    971
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mollie99 last edited by

      So, yesterday I was at a clients office and wanted to setup OpenVPN remote access.
      pfSense was on the latest version, being 2.4.3 running on VMWare Esxi.

      I used the OpenVPN Wizard, as I've done before (on pfSense 2.4.2)
      At the end of the wizard I checked the add firewall rules, as I've done before.

      But now, as soon as I finished the wizard, I start getting notices in pfSense. (see screenshot).
      About 15 to 30 minutes later (can't recall the exact time) there was no internet in the building!
      LAN was working, VLANS working, but internet was gone. The Notices got more and more over time.
      There was enough HDD space, there was enough memory, everything looked normal except for the notices and no internet.
      The default gateway was set and up, DNS was configured and running but all to no avail.
      I did see that the wizard added the OpenVPN rules to the interfaces, but the notices kept coming.

      I checked the firewall rules, but they looked ok to me.

      So I rebooted pfSense, but that didn't help either.

      I then decided to call the internet provider to check if there was a problem on their side, but no problem there either. :-(
      The only thing I could do, was ping from within pfSense to the internet with source address set to WAN. That worked.
      But when I pinged from source address LAN, no luck.

      So I couldn't resolve the problem in a decent amount of time, then I decided to restore the VMWare snapshot I made before the OpenVPN configuration!

      Everything worked fine after that.
      Now I must say that it was a rather simple pfSense setup, with WAN, LAN, 2 extra VLANS, pfBlockerNG. Nothing to complex.

      But it didn't feel right, so this morning I installed pfSense 2.4.3 on my own VMWare machine and used the OpenVPN wizard to see if I could replicate the issue. And indeed. As soon as I finished the OpenVPN wizard, the notices start coming in.

      I cannot however replicate the exact described problem, as I do get notices (screenshot) but I still am able to ping to the internet from both WAN and LAN. But the fresh installed pfSense is not as configured as the client one yesterday.

      I just wanted to share this with you all, and maybe there is an bug in the OpenVPN wizard in pfSense 2.4.3

      1 Reply Last reply Reply Quote 0
      • Derelict
        Derelict LAYER 8 Netgate last edited by

        Yes, it's a BUG. It has already been fixed for 2.4.4.

        https://redmine.pfsense.org/issues/8391

        Edit the OpenVPN firewall rule on WAN, change the protocol from ANY to UDP or TCP as needed and save the rule.

        1 Reply Last reply Reply Quote 0
        • M
          mollie99 last edited by

          Hi Derelict,

          I should have checked the bugtracker:-)
          But thanks for your response.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense Plus
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy