Strange issue - not sure how to fix
-
That 'automatic' setting was almost certainly the cause here.
-
While auto is a good "default" settings.. Its not like it can't cause issues.. Unless you have reason to set it to automatic.. Its best to set it to specific..
I am with @stephenw10 here that could be the root of the problem... Lets see how stability is once you have set it to something specific..
So what do you have in gateways - only the 1 interface?
-
@johnpoz said in Strange issue - not sure how to fix:
So what do you have in gateways - only the 1 interface?
No, under system/routing/gateways, I have the WAN interface and my VPN server interfaces listed. I have set the WAN interface as the default gateway.
-
@pfguy2018 said in Strange issue - not sure how to fix:
nd my VPN server interfaces listed.
WHY that shouldn't be int there... No wonder you having issues!!!
Whee did you get the nonsense that you should set a gateway to yourself???
That ns1vpn you see is in my posting is to vpn where pfsense is the client!!!! Not the server..
-
I am pretty sure that the extra interfaces under system/routing/gateways (i.e. the VPN server interfaces) got added automatically when I set up the VPN servers years ago (using the built in "wizards" in pfSense). Should I remove everything other than the WAN interface? If I do that, how will the VPN clients be able to access the VPN servers?
-
The vpn server instances would have to have been assigned. Which is fine you can do that but I would not expect so see a gateway on them.
You can unassign them as interfaces and clients will still be able to connect and use them just fine, that's the default setup for an OpenVPN server.
You don't have to do anything since you've now set the WAN as your default gateway the system won't choose the VPN servers again.
Steve
-
@johnpoz said in Strange issue - not sure how to fix:
That ns1vpn you see is in my posting is to vpn where pfsense is the client!!!! Not the server..
I am not sure what you are referring to here. Which posting?
-
Dude A gateway for a vpn server your setting up would NEVER get created - you must of created it.... Because you read some guide wrong or the guide was just borked.
Pfsense is acting as the vpn server for clients to connect too... Why and the F would it need a gateway set - where would it go via it, how would it be used... Having a gateway setup to yourself is just plain bonkers when your acting as a remote server to clients. Now if your a client, ie pfsense itself connects to some vpn server out there - then yes it would need a gateway to use that...
I would fix your clearly borked setup!!
-
That makes sense. I will go ahead and remove them. So far, since I set the default gateway as WAN, I have not experienced any further DNS resolution issues.
-
OK - have removed all the other interfaces from system/routing/gateways, and have left the 1 remaining interface (WAN) as the selected default. No problems connecting to any of the VPN server instances. And DNS resolution remains functional. I will continue to monitor, but it really does appear that this problem has now been solved. Thanks again to @johnpoz and @stephenw10 .
