• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

OpenVPN Peer to peer server Statistics show wrong status of connection (bug)

Scheduled Pinned Locked Moved OpenVPN
2 Posts 1 Posters 544 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • G
    Gektor
    last edited by Gektor Aug 28, 2019, 3:34 PM Aug 28, 2019, 3:16 PM

    Version 2.4.4-RELEASE-p3 (amd64)
    I have change today one office client OpenVPN connection pfSense router to two offices with servers on pfSense router from Peer to Peer ( Shared key ) to Peer to Peer ( SSL/TLS ) and there is problems with link detection on Server side, in GUI on main page and in Status -> OpenVPN on both Server's show that connection is down, but on client side both links is UP in Statistics and traffic flows without any problems between offices. This bug can be reproduced with:

    1. Initial setup, all will be ok, both connection is showing up;
    2. Than restart (reboot) OpenVPN client router, and links in statistics on Server side will down and did not change to "up state", even if link is really up and works;
    3. If make "Save" on OpenVPN setup of server side (one, or both - two), link will up in statistics until OpenVPN client WAN reconnects or reboot.

    I have try same with usual router as client in Peer to Peer (SSL/TLS) , and problem same - after client (router) reconnection on Server (pfSense) statistics link is showing down, on client (router) - link is showing as up and tunnel works without any issues.

    In Peer to Peer ( Shared Key ) statistics is works without any problems, bug is related only for Peer to Peer ( SSL/TLS ).

    1 Reply Last reply Reply Quote 0
    • G
      Gektor
      last edited by Aug 29, 2019, 3:23 PM

      In Peer to Peer ( SSL/TLS ) mode i have tried add "keepalive 2 5" in Custom options on Server side (if type high values, it did not help in client reconnection, but on client reboot higher values works, it's important that keepalive was lower, than client reconnection time take), and seems that it helps shows correct link state on Server side.
      Seems that client make "reconnection" very fast, that Server status did not catch new connect in default pfSense's "keepalive 10 120" or something look like this.

      1 Reply Last reply Reply Quote 0
      1 out of 2
      • First post
        1/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received