OpenVPN - auto generated rules are using invalid syntax - possible bug???



  • I'm a complete novice when it comes to PFSense, so please excuse me if I waffle on a bit.

    I've had OpenVPN working on my installation for ages with a VDSL connection.

    This weekend I had Virgin Media connected up, at first I had both connections set up load balanced, but as the VDSL line will soon be cancelled I turned that off.

    I'm going to try and remember how I went about things, as potentially that could have caused the issues, but it's all a bit of a blur.

    I believe I copied the rule from the VDSL interface to VirginMedia interface, may have fiddled around in the OpenVPN settings as well, needless to say things didn't work.

    I deleted the rules from the VirginMedia & possibly the VDSL interface, and deleted the OpenVPN server, probably several times.

    Eventually realised that the rules under OpenVPN weren't being deleted automatically so deleted the four that had built up there  :-[

    So for the umpteenth time, and this time making sure I deleted everything, with some reboots thrown in for good measure I tried again.

    At some point, well multiple points I got the following error - I didn't notice at first  :-[

    [code]There were error(s) loading the rules: /tmp/rules.debug:190: unknown protocol udp4 - The line in question reads [190]: pass in quick on $VIRGINMEDIA reply-to ( em2 80.6.28.1 ) inet proto udp4 from any to <<removed my="" public="" ip="" address="">> tracker 1525018272 keep state label "USER_RULE: OpenVPN OpenVPN Connection wizard"

    Turns out one of the OpenVPN auto generated rules didn't have the protocol set to UDP (it was blank), it must of been the one listed under the interface (the other under OpenVPN doesn't mention UDP), once I set the protocol to UDP the error went away and my VPN started working.

    So not sure if all my deleting things and running the wizard multiple times that's caused issues, or there is a bug - I certainly don't want to try to recreate it, but thought it worth mentioning.

    Oh and the version I'm using is:

    2.4.3-RELEASE (amd64)
    built on Mon Mar 26 18:02:04 CDT 2018
    FreeBSD 11.1-RELEASE-p7</removed>


  • Netgate

    And one more time:

    already fixed for 2.4.4

    https://redmine.pfsense.org/issues/8391



  • Thanks for the feedback.