1. Home
  2. pfSense® Software
  3. OpenVPN
  4. How to ensure syslog forwarding happens after VPN is established?

How to ensure syslog forwarding happens after VPN is established?

  • R

    Every time I reboot my pfSense router, syslog tries to forward its logs to the OpenVPN server's IP before the connection is actually established. I keep getting 'no route to host' messages in /var/log/system.log and eventually syslog just gives up on forwarding log messages because of which no logs are forwarded even after the VPN connection is established. How can I ensure that syslog sends the logs after pfSense establishes a connection with the OpenVPN server?

    syslogd logs from /var/log/system.log:

    Jan 17 13:02:04 pfsense syslogd: kernel boot file is /boot/kernel/kernel
Jan 17 13:03:23 pfsense syslogd: sendto: No route to host
Jan 17 13:03:23 pfsense syslogd: sendto: No route to host
Jan 17 13:03:23 pfsense syslogd: sendto: No route to host
Jan 17 13:03:23 pfsense syslogd: sendto: No route to host
Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
Jan 17 13:03:44 pfsense syslogd: sendto: No route to host
Jan 17 13:04:36 pfsense syslogd: sendto: Permission denied
    0
  • Gertjan

    Hi,

    Your using the OpenVPN client on pfSEnse ?

    Check out something like https://askubuntu.com/questions/28733/how-do-i-run-a-script-after-openvpn-has-connected-successfully

    A pfSense service like syslogd can be restarted from a script. Use https://askubuntu.com/questions/28733/how-do-i-run-a-script-after-openvpn-has-connected-successfully to make your script.

    0
  • R

    Man, that's a great idea! I don't know why I didn't think of it. I have added 'script-security 2' and 'up /usr/local/sbin/pfSsh.php playback svc restart syslogd' to the OpenVPN client configuration and it does seem to be working. Thanks a lot, Gertjan!!

    0
  • R

    Looks like the 'up' statement is already being used by one of pfSense's internal scripts. So I'm gonna have to use the 'route-up' statement to execute my command. Also, 'script-security' has already been set to 3, so setting it again would be redundant.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy