Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Rule error after OpenVPN Wizard Setup

    Firewalling
    2
    3
    403
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MeeleIkon
      last edited by

      pfSense 2.4.3-Release
      WAN is Static IPV4 with 4 Virtual IPs, no IPV6
      LAN is Static IPV4, No IPV6

      Main IP is xxx.xxx.xxx.18, but mail server and surveillance system use .19 and .21 respectively.

      I do have a hybrid outbound nat with a custom rule that takes any data from the IP of the mail server/32 to go out .19

      No other weird configs. Just the mailserver so the outbound goes out a different IP than the normal internet traffic.

      I also have it connected to pfMonitor, but the errors started showing before that.

      I did OpenVPN wizard and then I started getting an error:
      There were error(s) loading the rules: /tmp/rules.debug:178: unknown protocol udp4 - The line in question reads [178]: pass in quick on $WAN reply-to ( igb0 xx.xx.xx.1 ) inet proto udp4 from any to xx.xx.xx.18 tracker 1526061252 keep state label "USER_RULE: OpenVPN XXXSSLVPN1194UDP wizard"
      @ 2018-05-11 14:40:09

      It does seem to come back to a bug, but back in 2.4.2 and I thought fixed in 2.4.2-p1. Did 2.4.3 regress…

      My other 50 or so pfSense firewalls are all on 2.4.3 but had OpenVPN set up before 2.4.3. I have seen no errors on them.

      This was a re-purposed firewall that was reset to defaults and upgraded to 2.4.3 and then configured.

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        @MeeleIkon:

        …
        I did OpenVPN wizard  ....

        Oh-ho. That trip-wired a small bug present in the OpenVPN Wizard : https://redmine.pfsense.org/issues/8391
        @MeeleIkon:

        There were error(s) loading the rules: /tmp/rules.debug:178: unknown protocol udp4 - The line in question reads [178]: pass in quick on $WAN reply-to ( igb0 xx.xx.xx.1 ) inet proto udp4 from any to xx.xx.xx.18 tracker 1526061252 keep state label "USER_RULE: OpenVPN XXXSSLVPN1194UDP wizard"
        @ 2018-05-11 14:40:09

        Yep, that's the one. The forum has it mentioned everywhere.

        No need to path or repair or wait for a new pfSense version , just re-do the WAN openvpn Wizard-generated rule and you're ok.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • M
          MeeleIkon
          last edited by

          Well, that did work….

          Also curious and shame on me for not looking at the auto-generated ruled more closely, it had the port as * and not 1194 UDP....

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.