Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to ensure syslog forwarding happens after VPN is established?

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 646 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rpthms
      last edited by

      Every time I reboot my pfSense router, syslog tries to forward its logs to the OpenVPN server's IP before the connection is actually established. I keep getting 'no route to host' messages in /var/log/system.log and eventually syslog just gives up on forwarding log messages because of which no logs are forwarded even after the VPN connection is established. How can I ensure that syslog sends the logs after pfSense establishes a connection with the OpenVPN server?

      syslogd logs from /var/log/system.log:

      Jan 17 13:02:04 pfsense syslogd: kernel boot file is /boot/kernel/kernel
      Jan 17 13:03:23 pfsense syslogd: sendto: No route to host
      Jan 17 13:03:23 pfsense syslogd: sendto: No route to host
      Jan 17 13:03:23 pfsense syslogd: sendto: No route to host
      Jan 17 13:03:23 pfsense syslogd: sendto: No route to host
      Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
      Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
      Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
      Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
      Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
      Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
      Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
      Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
      Jan 17 13:04:36 pfsense syslogd: sendto: Permission denied
      
      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by Gertjan

        Hi,

        Your using the OpenVPN client on pfSEnse ?

        Check out something like https://askubuntu.com/questions/28733/how-do-i-run-a-script-after-openvpn-has-connected-successfully

        A pfSense service like syslogd can be restarted from a script. Use https://askubuntu.com/questions/28733/how-do-i-run-a-script-after-openvpn-has-connected-successfully to make your script.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • R
          rpthms
          last edited by

          Man, that's a great idea! I don't know why I didn't think of it. I have added 'script-security 2' and 'up /usr/local/sbin/pfSsh.php playback svc restart syslogd' to the OpenVPN client configuration and it does seem to be working. Thanks a lot, Gertjan!!

          1 Reply Last reply Reply Quote 0
          • R
            rpthms
            last edited by

            Looks like the 'up' statement is already being used by one of pfSense's internal scripts. So I'm gonna have to use the 'route-up' statement to execute my command. Also, 'script-security' has already been set to 3, so setting it again would be redundant.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.