• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Windows clients always have to reinstall the Client GUI

Scheduled Pinned Locked Moved OpenVPN
19 Posts 5 Posters 1.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    bazzacad
    last edited by Apr 7, 2020, 8:21 PM

    Hi,
    I'm running pfSense 2.4.4-RELEASE-p3 with OpenVPN & using the Client Export Tool for Windows 10 (2.4.8-Ix02).
    It's running great for most users, but a few of them are a strange issue.
    They install the GUI Client & try to connect, but get "Initialization Sequence Completed with Errors."
    I've read this post that the error links to: https://community.openvpn.net/openvpn/wiki/259-tap-win32-adapter-is-not-coming-up-initialization-sequence-completed-with-errors

    But none of it helps, the DHCP Client Service is running, the TAP adapter isn't being firewalled.
    However, if the user uninstalls & reinstalls the OpenVPN Client, then it works perfectly fine on the second instillation.
    This happens every time they shutdown or restart their computer. They have to install the OpenVPN client twice to get it to work.
    Do you know why this is happening or any suggestions on how to fix it?

    Attached is the client log file with verb=4
    The client was connected to the VPN fine.
    We disconnected & then tried to reconnect & weren't able to reconnect.
    We then uninstalled the client & then reinstalled the client and were able to connect fine again.
    It seems to have an issues bringing up the TAP interface after a disconnect.
    But can bring it up fine after a fresh installation.

    pfSense-UDP4-1194-abef-config.log.txt

    1 Reply Last reply Reply Quote 0
    • J
      jimp Rebel Alliance Developer Netgate
      last edited by Apr 8, 2020, 2:04 PM

      Given the problem description, you'd be better off posting about that on the OpenVPN forum. It appears to be a problem with the Windows OpenVPN client on their computers, and wouldn't be related to the server (or pfSense).

      I haven't heard of that kind of thing happening before. You might have them uninstall the OpenVPN client and the TAP adapter and then download the client straight from https://openvpn.net/community-downloads/ and install it again.

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • B
        bazzacad
        last edited by Apr 8, 2020, 8:55 PM

        Thanks for the reply. I did try to post on the OpenVPN forum, but the only reply I received was "I have no idea".
        Can you tell me what the difference is by installing from the Client Export package & installing from OpenVPN? Is the only difference that it includes the config & certificate?

        1 Reply Last reply Reply Quote 0
        • J
          jimp Rebel Alliance Developer Netgate
          last edited by Apr 9, 2020, 12:30 PM

          The export package installer has the config+cert and so on but it also only runs the OpenVPN installer conditionally if it's not already installed. So if they have an older version of OpenVPN, for example, running the export package version wouldn't upgrade it.

          But mostly my suggestion was about eliminating possible differences to help pinpoint the problem. If it happens with the stock installer directly from OpenVPN, then you know it definitely is not something to do with the export package.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • J
            johnpoz LAYER 8 Global Moderator
            last edited by johnpoz Apr 9, 2020, 1:01 PM Apr 9, 2020, 1:00 PM

            What version of the tap driver exactly.. I would be curious if related to the conditional running of the installer, and not updating the tap driver..

            But your saying this happens again, after they reboot - they once again have to install twice?

            Is the tap driver the new 9.24.2? That came out with 2.4.8... I just looked on mine and running 9.24.2.601

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • B
              bazzacad
              last edited by Apr 9, 2020, 7:46 PM

              Thanks for the relays. Yes they're on the latest 9.24.2 TAP driver.
              efc49633-c099-4101-92a2-096b029312cf-image.png

              Most of the ones with the issue where never on the old version. They've always had OpenVPN 2.4.8 & TAP 9.24.2, so I don't think it's an upgrade issue. But I'll try the stock installer on one of them anyways.

              @johnpoz said in Windows clients always have to reinstall the Client GUI:

              But your saying this happens again, after they reboot - they once again have to install twice?

              Actually they don't have to reboot for it to happen. They will be connected, then disconnect, then try to reconnect & it won't. Then we do an uninstall & reinstall of OpenVPN (from the export tool) & then it connects fine. So It's not really twice once after another, but twice since it was already previously installed.

              1 Reply Last reply Reply Quote 0
              • J
                johnpoz LAYER 8 Global Moderator
                last edited by johnpoz Apr 9, 2020, 7:50 PM Apr 9, 2020, 7:49 PM

                these users don't have admin rights? An admin should be installing, or the user needs to be able to elevate the install as admin..

                Been using openvpn on windows for a very long time - have never seen such an issue to be honest.. .Don't have a huge sample of machines, etc. But can't say I have seen anything like this..

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                S 1 Reply Last reply Apr 10, 2020, 7:37 PM Reply Quote 0
                • B
                  bazzacad
                  last edited by Apr 9, 2020, 7:53 PM

                  Ya I know it's kind of a weird one...
                  I have added the users to the local "Administrators" group to insure that wasn't an issue.

                  1 Reply Last reply Reply Quote 0
                  • J
                    johnpoz LAYER 8 Global Moderator
                    last edited by Apr 9, 2020, 8:02 PM

                    Sure not related to your endpoint protection?

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    1 Reply Last reply Reply Quote 0
                    • B
                      bazzacad
                      last edited by Apr 9, 2020, 8:09 PM

                      That did cross my mind, but I ruled it out, since all the users have the same protraction, but only a few have the VPN connection issue. I'll disable it just to be sure.

                      1 Reply Last reply Reply Quote 0
                      • B
                        bazzacad
                        last edited by Apr 10, 2020, 1:10 AM

                        Grrrr, still no luck. I disabled Anti-virus, still didn't work. I installed from the stock installer, still didn't work.
                        I collected these screen shots of ipconfig of the TAP adapter when it works & when it doesn't.
                        Why would it Auto configure the IP address & why isn't it receiving the correct DNS server?

                        f57e560d-e910-4163-ad00-af029929edb8-image.png

                        41ff63cc-0421-4b43-b659-16f2a8badfe5-image.png

                        And here are the logs when it works & when it doesn't compared side-by-side.
                        c5d1d51e-85f4-4411-8e63-be68a0464547-image.png

                        And here are the full log files....
                        pfSense-UDP4-1194-pintar-config_good.txt
                        pfSense-UDP4-1194-pintar-config_bad.txt

                        1 Reply Last reply Reply Quote 0
                        • J
                          jimp Rebel Alliance Developer Netgate
                          last edited by Apr 10, 2020, 12:11 PM

                          Check in the Services control panel on Windows and see the the OpenVPN services which are running are the same when it's in both states. Maybe something is killing its service.

                          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                          Need help fast? Netgate Global Support!

                          Do not Chat/PM for help!

                          1 Reply Last reply Reply Quote 0
                          • J
                            johnpoz LAYER 8 Global Moderator
                            last edited by Apr 10, 2020, 12:18 PM

                            This seems to be related.. You could try the suggestions in there
                            https://community.openvpn.net/openvpn/ticket/665

                            An intelligent man is sometimes forced to be drunk to spend time with his fools
                            If you get confused: Listen to the Music Play
                            Please don't Chat/PM me for help, unless mod related
                            SG-4860 24.11 | Lab VMs 2.8, 24.11

                            1 Reply Last reply Reply Quote 0
                            • GertjanG
                              Gertjan
                              last edited by Gertjan Apr 10, 2020, 12:25 PM Apr 10, 2020, 12:22 PM

                              Just a wild guess :
                              I had an issue very comparable with the PC of a fellow home worker.

                              Someone or something swapped the TAP driver out ....

                              It was one of the 2 (!) client apps installed for his private VPNxxxxx and VNbbbb access. These often use their own versions.

                              @bazzacad : check your Network card's list : how many TAP-virtual-NIC drivers are listed there ?
                              You named one of them to "tipping.lan", but not the other. Up to you to discover where the other came from. There is probably even a program running that 'repairs' it's settings and files after you installed the OpenVPN-client-from-pfSense.

                              edit : or even multiple OpenVPN instances running with their own TAP versions ...

                              edit2 : jimp said the same thing. Look and check also all the tasks at services.msc

                              No "help me" PM's please. Use the forum, the community will thank you.
                              Edit : and where are the logs ??

                              1 Reply Last reply Reply Quote 0
                              • S
                                SteveITS Galactic Empire @johnpoz
                                last edited by Apr 10, 2020, 7:37 PM

                                @johnpoz said in Windows clients always have to reinstall the Client GUI:

                                An admin should be installing, or the user needs to be able to elevate the install as admin

                                In addition when running the OpenVPN GUI it needs to be run as admin so it can modify the routes in Windows. (I am a standard user on my PC). Could it still be running as an admin when launching from the install? It's been a long time since I installed...

                                Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                                When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                                Upvote 👍 helpful posts!

                                1 Reply Last reply Reply Quote 0
                                • J
                                  johnpoz LAYER 8 Global Moderator
                                  last edited by Apr 10, 2020, 7:38 PM

                                  The current version has a service that will do the admin stuff.. So no the user doesn't have to be admin.

                                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                                  If you get confused: Listen to the Music Play
                                  Please don't Chat/PM me for help, unless mod related
                                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                                  1 Reply Last reply Reply Quote 0
                                  • B
                                    bazzacad
                                    last edited by Apr 10, 2020, 7:42 PM

                                    This link: https://community.openvpn.net/openvpn/ticket/665 from @johnpoz look promising, so I'll try those solutions.
                                    The users have full admin rights when installing & running the GUI.

                                    1 Reply Last reply Reply Quote 0
                                    • B
                                      bazzacad
                                      last edited by Apr 10, 2020, 8:30 PM

                                      OK, I'm pretty sure I've got it fixed now. Per the bug report link above, all I had to do was add dhcp-renew to the client config file.

                                      1 Reply Last reply Reply Quote 0
                                      • J
                                        johnpoz LAYER 8 Global Moderator
                                        last edited by Apr 11, 2020, 2:02 AM

                                        Your posting of the log showing the route waiting for interface to come up was key in finding that info...

                                        So glad you got it sorted!

                                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                                        If you get confused: Listen to the Music Play
                                        Please don't Chat/PM me for help, unless mod related
                                        SG-4860 24.11 | Lab VMs 2.8, 24.11

                                        1 Reply Last reply Reply Quote 0
                                        19 out of 19
                                        • First post
                                          19/19
                                          Last post
                                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                                          This community forum collects and processes your personal information.
                                          consent.not_received