• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Removing openvpn completely

Scheduled Pinned Locked Moved OpenVPN
7 Posts 3 Posters 3.3k Views 3 Watching
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • E Offline
    EdAdders
    last edited by May 17, 2020, 4:34 PM

    Had an issue where I needed to make a change to my openvpn install which didn't fix the issue. I wanted to remove and reinstall openvpn from scratch with the new settings. Searched the forum and someone asked the same thing and the response was to do everything in reverse(remove instead of create), which I did. Unfortunately it seems that deleting server (and the other steps like users, certs, etc) doesn't completely remove the setup. Example: the openvpn banner option in the firewall rules disappears, but when you recreate a new vpn server the old rules are still there along with the newest one as are WAN rules. One issue I am having in the logs says I might have a duplicate ip range and trying to start my new install craps out, so my last install attempt I used a different private Ip range. In the logs it still shows the original private IP range along with the new one. Is there anything I can do to completely remove all hints of previous installs. Another post mentioned doing a restore, but I would have no idea when to restore from since things were working well for a long time before the change needed to be made.

    1 Reply Last reply Reply Quote 0
    • D Offline
      DaddyGo
      last edited by May 17, 2020, 5:45 PM

      when you remove everything which is related to OpenVPN, what do you see after that:

      ps uxaww | grep openvpn

      (I think you know that OpenVPN is not a direct removable / installable package in pfSense? / F.E: with package manager) ☺

      Cats bury it so they can't see it!
      (You know what I mean if you have a cat)

      E 1 Reply Last reply May 18, 2020, 1:09 AM Reply Quote 0
      • E Offline
        EdAdders @DaddyGo
        last edited by May 18, 2020, 1:09 AM

        @DaddyGo Thanks for the reply. I deleted the openvpn server again and ran your command:
        ps uxaww | grep openvpn
        root 9013 0.0 0.1 6560 2324 0 S+ 18:57 0:00.00 grep openvpn

        I reloaded again with a different private IP for the tunnel and the error I was seeing in the logs is gone. I still can't connect but it is a step. Here are the logs after I cycled it:
        May 17 20:04:01 openvpn 52950 Initialization Sequence Completed
        May 17 20:04:01 openvpn 52950 UDPv6 link remote: [AF_UNSPEC]
        May 17 20:04:01 openvpn 52950 UDPv6 link local (bound): [AF_INET6][undef]:1194
        May 17 20:04:01 openvpn 52950 setsockopt(IPV6_V6ONLY=0)
        May 17 20:04:01 openvpn 52950 Could not determine IPv4/IPv6 protocol. Using AF_INET6
        May 17 20:04:01 openvpn 52950 /usr/local/sbin/ovpn-linkup ovpns1 1500 1621 10.10.10.1 255.255.255.0 init
        May 17 20:04:01 openvpn 52950 /sbin/ifconfig ovpns1 10.10.10.1 10.10.10.2 mtu 1500 netmask 255.255.255.0 up
        May 17 20:04:01 openvpn 52950 TUN/TAP device /dev/tun1 opened
        May 17 20:04:01 openvpn 52950 TUN/TAP device ovpns1 exists previously, keep at program end
        May 17 20:04:01 openvpn 52950 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
        May 17 20:04:01 openvpn 52814 library versions: OpenSSL 1.0.2u-freebsd 20 Dec 2019, LZO 2.10
        May 17 20:04:01 openvpn 52814 OpenVPN 2.4.9 amd64-portbld-freebsd11.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on May 4 2020
        May 17 20:04:01 openvpn 83382 SIGTERM[hard,] received, process exiting
        May 17 20:04:01 openvpn 83382 /usr/local/sbin/ovpn-linkdown ovpns1 1500 1621 10.10.10.1 255.255.255.0 init
        May 17 20:04:01 openvpn 83382 event_wait : Interrupted system call (code=4)

        I have it UDP for both ip4 & 6. The WAN rule is correct and specifies both.

        G 1 Reply Last reply May 18, 2020, 5:58 AM Reply Quote 0
        • G Offline
          Gertjan @EdAdders
          last edited by Gertjan May 18, 2020, 5:58 AM May 18, 2020, 5:58 AM

          @EdAdders said in Removing openvpn completely:

          May 17 20:04:01 openvpn 52950 UDPv6 link remote: [AF_UNSPEC]
          May 17 20:04:01 openvpn 52950 UDPv6 link local (bound): [AF_INET6][undef]:1194

          You actually want to use a IPv6 tunnel ?
          In that case, IPv6 local and remote IPv6 should be defined / resolvable, like IPv4.
          UNSPEC means unspecified.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          1 Reply Last reply Reply Quote 0
          • E Offline
            EdAdders
            last edited by May 18, 2020, 10:48 PM

            Oops, I think protocol was set to ip4 & 6 all interfacesmultihome was somehow set as the default. I set it to udp v4 and now getting log:
            May 18 18:28:35 openvpn 18494 Initialization Sequence Completed
            May 18 18:28:35 openvpn 18494 UDPv4 link remote: [AF_UNSPEC]
            May 18 18:28:35 openvpn 18494 UDPv4 link local (bound): [AF_INET]10.0.0.228:1194
            May 18 18:28:35 openvpn 18494 /usr/local/sbin/ovpn-linkup ovpns1 1500 1621 10.10.10.1 255.255.255.0 init
            May 18 18:28:35 openvpn 18494 /sbin/ifconfig ovpns1 10.10.10.1 10.10.10.2 mtu 1500 netmask 255.255.255.0 up
            May 18 18:28:35 openvpn 18494 TUN/TAP device /dev/tun1 opened
            May 18 18:28:35 openvpn 18494 TUN/TAP device ovpns1 exists previously, keep at program end
            May 18 18:28:35 openvpn 18494 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
            May 18 18:28:35 openvpn 18276 library versions: OpenSSL 1.0.2u-freebsd 20 Dec 2019, LZO 2.10
            May 18 18:28:35 openvpn 18276 OpenVPN 2.4.9 amd64-portbld-freebsd11.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on May 4 2020
            May 18 18:28:35 openvpn 47056 SIGTERM[hard,] received, process exiting
            May 18 18:28:35 openvpn 47056 /usr/local/sbin/ovpn-linkdown ovpns1 1500 1621 10.10.10.1 255.255.255.0 init
            May 18 18:28:35 openvpn 47056 event_wait : Interrupted system call (code=4)

            1 Reply Last reply Reply Quote 0
            • E Offline
              EdAdders
              last edited by May 19, 2020, 12:35 AM

              I am out for a week. Will try again when I get back. Thanks to all

              1 Reply Last reply Reply Quote 0
              • D Offline
                DaddyGo
                last edited by May 19, 2020, 8:14 AM

                @EdAdders said in Removing openvpn completely:

                this is still a problem: "UNSPEC"

                May 18 18:28:35 openvpn 18494 UDPv4 link remote: [AF_UNSPEC]

                if you still need help, we'll be here after a week too

                Cats bury it so they can't see it!
                (You know what I mean if you have a cat)

                1 Reply Last reply Reply Quote 0
                7 out of 7
                • First post
                  7/7
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                  This community forum collects and processes your personal information.
                  consent.not_received