Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfSense Plus software version 22.05 is now available for upgrades!

    Scheduled Pinned Locked Moved Messages from the pfSense Team
    26 Posts 18 Posters 6.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rredecker
      last edited by

      I have upgraded main Router and two of my smaller router to 22.05. With this in mind I ran a test on a small router first. The upgrade went perfect and the upgrade did install perfectly. Now for the problem. If you run openvpn's new version on both router for a site to site vpn I can not get them to stay up at all. They connect fine then drop. I currently run it as TCP. but here is what I have tried all while taking down smaller sites all day yesterday to try to fix this issue.

      • I change the connection to UDP instead of TCP (added the firewall rule)
      • I changed the SHA to SHA512
      • I created a TLS KEY for HMAC Auth and Shared that between the 2
      • I removed all Encryption Algos except AES-256-GCM on both for main and fall back
      • I remove DH
        And it still will not stay connected...

      However if you run 21.05 to 22.05 it will work fine.

      Thank you

      R 1 Reply Last reply Reply Quote 0
      • R
        reberhar @rredecker
        last edited by

        @rredecker

        So what are your Ping settings set at?

        I lost my network periodically and had to change my ping setting

        Ping settings
        Inactive
        Causes OpenVPN to exit after n seconds of inactivity on the TUN/TAP device.
        Activity is based on the last incoming or outgoing tunnel packet (not control or keep-alive packets).
        A value of 0 disables this feature.

        WARNING: Use with caution. When triggered, the client process will exit and it will not automatically restart.
        Ping method
        keepalive helper uses interval and timeout parameters to define ping and ping-restart values as follows:
        ping = interval
        ping-restart = timeout
        Interval
        Timeout

        R 1 Reply Last reply Reply Quote 0
        • R
          reberhar @reberhar
          last edited by

          @reberhar cut and past didn't get it. I am at 10 and 300

          B 1 Reply Last reply Reply Quote 0
          • B
            brians @reberhar
            last edited by

            @reberhar You can also set a service watchdog (install package) to keep the openvpn service running if disconnects. This has been an issue with OpenVPN site to site for a very long time - when disconnects seems it never reconnects by itself again.

            R 1 Reply Last reply Reply Quote 0
            • R
              reberhar @brians
              last edited by

              @brians Yes you are right. It is a pain in the neck when you must rely on tunnel and it is not there. The ping change is a little easier.

              1 Reply Last reply Reply Quote 0
              • C
                crosscheck
                last edited by

                This post is deleted!
                1 Reply Last reply Reply Quote 0
                • M marcosm unpinned this topic on
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.