OpenVPN Peer to peer server Statistics show wrong status of connection (bug)
-
Version 2.4.4-RELEASE-p3 (amd64)
I have change today one office client OpenVPN connection pfSense router to two offices with servers on pfSense router from Peer to Peer ( Shared key ) to Peer to Peer ( SSL/TLS ) and there is problems with link detection on Server side, in GUI on main page and in Status -> OpenVPN on both Server's show that connection is down, but on client side both links is UP in Statistics and traffic flows without any problems between offices. This bug can be reproduced with:- Initial setup, all will be ok, both connection is showing up;
- Than restart (reboot) OpenVPN client router, and links in statistics on Server side will down and did not change to "up state", even if link is really up and works;
- If make "Save" on OpenVPN setup of server side (one, or both - two), link will up in statistics until OpenVPN client WAN reconnects or reboot.
I have try same with usual router as client in Peer to Peer (SSL/TLS) , and problem same - after client (router) reconnection on Server (pfSense) statistics link is showing down, on client (router) - link is showing as up and tunnel works without any issues.
In Peer to Peer ( Shared Key ) statistics is works without any problems, bug is related only for Peer to Peer ( SSL/TLS ).
-
In Peer to Peer ( SSL/TLS ) mode i have tried add "keepalive 2 5" in Custom options on Server side (if type high values, it did not help in client reconnection, but on client reboot higher values works, it's important that keepalive was lower, than client reconnection time take), and seems that it helps shows correct link state on Server side.
Seems that client make "reconnection" very fast, that Server status did not catch new connect in default pfSense's "keepalive 10 120" or something look like this.