OVPNS7 not usable, service not starting.

Bambos

There is a problem with OpenVPN server interface (ovpns7).
The initial configuration was remote access ovpn server, one day the service couldn't start, even if i set watchdog to restart it.

After many other successful vpn servers configuration, this ovpns7 still not working, even if i remove everything related and reconfigure again for site to site tunnel, has taken ovpns7 interface because was empty. The only workaround i found, is to let this broken interface ovpns7 just there and continue to next one so the interfaces get another number. very strange to me , first time i saw something like that.

ovpns15 is a remote access vpn so i didn't enable as interface.
ovpns 16 is working.

Stay on pending forever ! no IP, no status.

Service not starting.

also notice this:

Anyone any comments?

Gertjan

@bambos said in OVPNS7 not usable, service not starting.:

Anyone any comments?

Yeah, I get it, your openvpn server instance called "OVPNS7" doesn't start.

The OpenVPN log file will tell you why.

Btw : No need to show the gateways in the GUI. These are not gateways, as OpenVPN server IP are more comparable to LAN's as WANs. They have a RFC1918 (the tunnel) IP and are "local".

Bambos

@gertjan there is no logs in open VPN tab (Status-> system logs, OpenVPN) , just in the system. Since VPN service not starting, seems reasonable.

In the status->system logs-> system we have the following.
Is there any place to dig further?

Mar 23 12:20:00 php 96671 servicewatchdog_cron.php: Service Watchdog detected service openvpn stopped. Restarting openvpn (OpenVPN server: teltonika_test)
Mar 23 12:19:00 php 23261 servicewatchdog_cron.php: Service Watchdog detected service openvpn stopped. Restarting openvpn (OpenVPN server: teltonika_test)
Mar 23 12:18:00 php 29671 servicewatchdog_cron.php: Service Watchdog detected service openvpn stopped. Restarting openvpn (OpenVPN server: teltonika_test)
Mar 23 12:17:00 php 62774 servicewatchdog_cron.php: Service Watchdog detected service openvpn stopped. Restarting openvpn (OpenVPN server: teltonika_test)

Gertjan

@bambos

Disable the service watchdog package. Remove it from the system.
This package never repaired something, that is something only the "admin" can do.
And when something is setup correctly, it will work 'forever'. Only when the admin changes settings, things could stop working. Then the admin should look into it ( and do things better ;)à ).
Hardware issues can also break things, but the watchdog package won't help in this case neither.

The watchdog package could be use full when you are developing programs, scripts or packages.

@bambos said in OVPNS7 not usable, service not starting.:

After many other successful vpn servers configuration

and then :

@bambos said in OVPNS7 not usable, service not starting.:

there is no logs in open VPN tab (Status-> system logs, OpenVPN)

That's ..... I don't know.
I'll go for "Not normal at all".

I have a (one) pfSense OpenVPN instance runing.
So I have log lines.

n

stephenw10

Mmm, if nothing is logged at all it implies it's not even trying to start.

I assume that restarting one of the other servers does get logged?

Steve

Bambos

@stephenw10 Yes Sir, restarting other VPN Server services is logged normally. Only this one is broken :)

Bambos

@gertjan Hello my friend, as Stephen suggested, other VPN server services are working and are fine, also logged normally.

The reason i use watchdog is because i had an incident 1 year ago when a VPN Client stayed offline without retrying to get back to connection with the server because of power disconnection and loose the WAN. So i had to go back onsite and hit start service in order to retry the connection.

I'll go for not normal also, at the same time i will try to remove watchdog and retry.

Bambos

is there any suggestion for this subject ??
or steps to resolve this issue ?

stephenw10

As I said if nothing is logged at all it's not even trying to start. I might expect an error in the system log if that was the case.
It sounds almost as if something is referencing the wrong OpenVPN client somehow. I'm not sure how that could happen though unless there has been any manual editing of the config?

Steve

Bambos

@stephenw10 thank you Sir, was just a remote access open VPN setup (using the wizard), that worked successfully for a period of time, maybe a month.

One day, the service stopped running and never go back to run. From this time and then, the vpn interface reference (OVPNS7) never worked, even if i setup another VPN instance, remote access vpn server or site to site vpn server instance. pfSense version is 2.5.1.

I'm curious to see if i import the whole pfSense config on another device (hardware) what will happen with this :)

stephenw10

Yes, that would be a good test. It's hard to see how something in the config could do that, it seems more likely something in the filesystem has become out of sync somehow. Never seen it before though.