Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfSense Plus software version 22.05 is now available for upgrades!

    Scheduled Pinned Locked Moved Messages from the pfSense Team
    26 Posts 18 Posters 7.6k Views 17 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R Offline
      rredecker
      last edited by

      I have upgraded main Router and two of my smaller router to 22.05. With this in mind I ran a test on a small router first. The upgrade went perfect and the upgrade did install perfectly. Now for the problem. If you run openvpn's new version on both router for a site to site vpn I can not get them to stay up at all. They connect fine then drop. I currently run it as TCP. but here is what I have tried all while taking down smaller sites all day yesterday to try to fix this issue.

      • I change the connection to UDP instead of TCP (added the firewall rule)
      • I changed the SHA to SHA512
      • I created a TLS KEY for HMAC Auth and Shared that between the 2
      • I removed all Encryption Algos except AES-256-GCM on both for main and fall back
      • I remove DH
        And it still will not stay connected...

      However if you run 21.05 to 22.05 it will work fine.

      Thank you

      R 1 Reply Last reply Reply Quote 0
      • R Offline
        reberhar @rredecker
        last edited by

        @rredecker

        So what are your Ping settings set at?

        I lost my network periodically and had to change my ping setting

        Ping settings
        Inactive
        Causes OpenVPN to exit after n seconds of inactivity on the TUN/TAP device.
        Activity is based on the last incoming or outgoing tunnel packet (not control or keep-alive packets).
        A value of 0 disables this feature.

        WARNING: Use with caution. When triggered, the client process will exit and it will not automatically restart.
        Ping method
        keepalive helper uses interval and timeout parameters to define ping and ping-restart values as follows:
        ping = interval
        ping-restart = timeout
        Interval
        Timeout

        R 1 Reply Last reply Reply Quote 0
        • R Offline
          reberhar @reberhar
          last edited by

          @reberhar cut and past didn't get it. I am at 10 and 300

          B 1 Reply Last reply Reply Quote 0
          • B Offline
            brians @reberhar
            last edited by

            @reberhar You can also set a service watchdog (install package) to keep the openvpn service running if disconnects. This has been an issue with OpenVPN site to site for a very long time - when disconnects seems it never reconnects by itself again.

            R 1 Reply Last reply Reply Quote 0
            • R Offline
              reberhar @brians
              last edited by

              @brians Yes you are right. It is a pain in the neck when you must rely on tunnel and it is not there. The ping change is a little easier.

              1 Reply Last reply Reply Quote 0
              • C Offline
                crosscheck
                last edited by

                This post is deleted!
                1 Reply Last reply Reply Quote 0
                • M marcosm unpinned this topic on
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.