Is there a way to prevent "newwanip" when an OVPN client connection changes?
jacotec last edited by
I have two outgoing Open VPN connections (PIA) set up where the traffic to some destinations is routed to. These connections are used only for outgoing traffic and I don't care about the VPN IP address the connection gets.
The VPN IP addresses of these connections are changing periodically, at least once per day. The big issue is that pfSense runs the "newwanip" event in these cases which restarts several services like ntopng, but even worse my HAPROXY which affects all active connections on my main link (which has a fixed IP address).
How can I exclude the OpenVPN client connections from running the newwanip event (if that's possible and not mandatory needed when the VPN IP address changes)? Or at least exclude the HAPROXY restart from the OpenVPN IP change events. I've disabled all monitoring of the gateways associated to the OVPN connections, but that does not help.
Thought this may work but it didn't.
System -> Advanced -> Networking Untick Reset all states if WAN IP Address changes
Mar 13 09:01:22 check_reload_status Starting packages Mar 13 09:01:22 php-fpm 83439 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 10.8.0.32 -> 10.8.1.52 - Restarting packages. Mar 13 09:01:20 php-fpm 83439 /rc.newwanip: Creating rrd update script Mar 13 09:01:20 php-fpm 83439 /rc.newwanip: Ignoring IPsec reload since there are no tunnels on interface opt13 Mar 13 09:01:15 php-fpm 83439 /rc.newwanip: 83439MONITOR: NORDVPN_US2896_VPNV4 is available now, adding to routing group NORDVPN 10.8.1.52|10.8.1.52|NORDVPN_US2896_VPNV4|0.09ms|0.027ms|0.0%|none Mar 13 09:01:12 php-fpm 83439 /rc.newwanip: Removing static route for monitor fe80::4afd:8eff:feaa:a4d1 and adding a new route through fe80::4afd:8eff:feaa:a4d1%pppoe0 Mar 13 09:01:08 php-fpm 83439 /rc.newwanip: IP Address has changed, killing states on former IP Address 10.8.0.32.