Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN could not be established after upgrade to 23.01 on SG-2100

    Scheduled Pinned Locked Moved
    OpenVPN
    1
    1
    440
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • brezlordB
      brezlord
      last edited by brezlord

      Since upgrading to 23.01 openVPN will not connect. Below are the logs. I have looked at the post on the SG-3100 but this seems different and the proposed fix does not work with this issue.

      Feb 18 07:57:16 pfSense openvpn[27387]: event_wait : Interrupted system call (fd=-1,code=4)
Feb 18 07:57:16 pfSense openvpn[27387]: TCP/UDP: Closing socket
Feb 18 07:57:16 pfSense openvpn[27387]: Closing TUN/TAP interface
Feb 18 07:57:16 pfSense openvpn[27387]: /sbin/ifconfig ovpns2 192.168.100.1 -alias
Feb 18 07:57:16 pfSense openvpn[27387]: /usr/local/sbin/ovpn-linkdown ovpns2 1500 0 192.168.100.1 255.255.255.0 init
Feb 18 07:57:16 pfSense openvpn[57400]: Flushing states on OpenVPN interface ovpns2 (Link Down)
Feb 18 07:57:16 pfSense openvpn[27387]: PLUGIN_CLOSE: /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so
Feb 18 07:57:16 pfSense openvpn[27387]: SIGTERM[hard,] received, process exiting
Feb 18 07:57:17 pfSense openvpn[70882]: Current Parameter Settings:
Feb 18 07:57:17 pfSense openvpn[70882]:   config = '/var/etc/openvpn/server2/config.ovpn'
Feb 18 07:57:17 pfSense openvpn[70882]:   mode = 1
Feb 18 07:57:17 pfSense openvpn[70882]:   show_ciphers = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   show_digests = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   show_engines = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   genkey = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   genkey_filename = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   key_pass_file = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   show_tls_ciphers = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   connect_retry_max = 0
Feb 18 07:57:17 pfSense openvpn[70882]: Connection profiles [0]:
Feb 18 07:57:17 pfSense openvpn[70882]:   proto = udp4
Feb 18 07:57:17 pfSense openvpn[70882]:   local = '180.0.0.0'
Feb 18 07:57:17 pfSense openvpn[70882]:   local_port = '1195'
Feb 18 07:57:17 pfSense openvpn[70882]:   remote = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   remote_port = '1194'
Feb 18 07:57:17 pfSense openvpn[70882]:   remote_float = ENABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   bind_defined = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   bind_local = ENABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   bind_ipv6_only = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   connect_retry_seconds = 5
Feb 18 07:57:17 pfSense openvpn[70882]:   connect_timeout = 120
Feb 18 07:57:17 pfSense openvpn[70882]:   socks_proxy_server = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   socks_proxy_port = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   tun_mtu = 1500
Feb 18 07:57:17 pfSense openvpn[70882]:   tun_mtu_defined = ENABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   link_mtu = 1500
Feb 18 07:57:17 pfSense openvpn[70882]:   link_mtu_defined = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   tun_mtu_extra = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   tun_mtu_extra_defined = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   tls_mtu = 1250
Feb 18 07:57:17 pfSense openvpn[70882]:   mtu_discover_type = -1
Feb 18 07:57:17 pfSense openvpn[70882]:   fragment = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   mssfix = 1492
Feb 18 07:57:17 pfSense openvpn[70882]:   mssfix_encap = ENABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   mssfix_fixed = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   explicit_exit_notification = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   tls_auth_file = '[INLINE]'
Feb 18 07:57:17 pfSense openvpn[70882]:   key_direction = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   tls_crypt_file = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   tls_crypt_v2_file = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]: Connection profiles END
Feb 18 07:57:17 pfSense openvpn[70882]:   remote_random = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   ipchange = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   dev = 'ovpns2'
Feb 18 07:57:17 pfSense openvpn[70882]:   dev_type = 'tun'
Feb 18 07:57:17 pfSense openvpn[70882]:   dev_node = '/dev/tun2'
Feb 18 07:57:17 pfSense openvpn[70882]:   tuntap_options.disable_dco = ENABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   lladdr = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   topology = 3
Feb 18 07:57:17 pfSense openvpn[70882]:   ifconfig_local = '192.168.100.1'
Feb 18 07:57:17 pfSense openvpn[70882]:   ifconfig_remote_netmask = '255.255.255.0'
Feb 18 07:57:17 pfSense openvpn[70882]:   ifconfig_noexec = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   ifconfig_nowarn = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   ifconfig_ipv6_local = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   ifconfig_ipv6_netbits = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   ifconfig_ipv6_remote = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   shaper = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   mtu_test = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   mlock = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   keepalive_ping = 10
Feb 18 07:57:17 pfSense openvpn[70882]:   keepalive_timeout = 60
Feb 18 07:57:17 pfSense openvpn[70882]:   inactivity_timeout = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   session_timeout = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   inactivity_minimum_bytes = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   ping_send_timeout = 10
Feb 18 07:57:17 pfSense openvpn[70882]:   ping_rec_timeout = 120
Feb 18 07:57:17 pfSense openvpn[70882]:   ping_rec_timeout_action = 2
Feb 18 07:57:17 pfSense openvpn[70882]:   persist_local_ip = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   passtos = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   groupname = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   up_script = '/usr/local/sbin/ovpn-linkup'
Feb 18 07:57:17 pfSense openvpn[70882]:   up_restart = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   suppress_timestamps = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   mute = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   status_file_version = 1
Feb 18 07:57:17 pfSense openvpn[70882]:   sndbuf = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   comp.alg = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   route_default_metric = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   route_delay_window = 30
Feb 18 07:57:17 pfSense openvpn[70882]:   allow_pull_fqdn = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   management_log_history_cache = 250
Feb 18 07:57:17 pfSense openvpn[70882]:   management_client_group = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   shared_secret_file = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   authname = 'SHA256'
Feb 18 07:57:17 pfSense openvpn[70882]:   replay_window = 64
Feb 18 07:57:17 pfSense openvpn[70882]:   test_crypto = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   dh_file = '/etc/dh-parameters.2048'
Feb 18 07:57:17 pfSense openvpn[70882]:   priv_key_file = '/var/etc/openvpn/server2/key'
Feb 18 07:57:17 pfSense openvpn[70882]:   tls_cert_profile = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   verify_x509_type = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   remote_cert_ku[i] = 65535
Feb 18 07:57:17 pfSense openvpn[70882]:   remote_cert_ku[i] = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   remote_cert_ku[i] = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   remote_cert_ku[i] = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   remote_cert_ku[i] = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   tls_timeout = 2
Feb 18 07:57:17 pfSense openvpn[70882]:   handshake_window = 60
Feb 18 07:57:17 pfSense openvpn[70882]:   push_peer_info = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   server_netmask = 255.255.255.0
Feb 18 07:57:17 pfSense openvpn[70882]:   server_bridge_ip = 0.0.0.0
Feb 18 07:57:17 pfSense openvpn[70882]:   server_bridge_pool_end = 0.0.0.0
Feb 18 07:57:17 pfSense openvpn[70882]:   push_entry = 'route 192.168.40.0 255.255.255.0'
Feb 18 07:57:17 pfSense openvpn[70882]:   push_entry = 'dhcp-option DNS 192.168.10.253'
Feb 18 07:57:17 pfSense openvpn[70882]:   push_entry = 'route-gateway 192.168.100.1'
Feb 18 07:57:17 pfSense openvpn[70882]:   push_entry = 'ping-restart 60'
Feb 18 07:57:17 pfSense openvpn[70882]:   ifconfig_pool_start = 192.168.100.2
Feb 18 07:57:17 pfSense openvpn[70882]:   ifconfig_pool_persist_filename = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   ifconfig_ipv6_pool_netbits = 0
Feb 18 07:57:17 pfSense openvpn[70882]:   virtual_hash_size = 256
Feb 18 07:57:17 pfSense openvpn[70882]:   client_disconnect_script = '/usr/local/sbin/openvpn.attributes.sh'
Feb 18 07:57:17 pfSense openvpn[70882]:   tmp_dir = '/tmp'
Feb 18 07:57:17 pfSense openvpn[70882]:   push_ifconfig_remote_netmask = 0.0.0.0
Feb 18 07:57:17 pfSense openvpn[70882]:   enable_c2c = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   max_clients = 10
Feb 18 07:57:17 pfSense openvpn[70882]:   auth_user_pass_verify_script_via_file = DISABLED
Feb 18 07:57:17 pfSense openvpn[70882]:   port_share_host = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]:   vlan_accept = all
Feb 18 07:57:17 pfSense openvpn[70882]:   auth_user_pass_file = '[UNDEF]'
Feb 18 07:57:17 pfSense openvpn[70882]: library versions: OpenSSL 1.1.1t-freebsd  7 Feb 2023, LZO 2.10
Feb 18 07:57:17 pfSense openvpn[70882]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/server2/sock
Feb 18 07:57:17 pfSense openvpn[70882]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Feb 18 07:57:17 pfSense openvpn[70882]: PLUGIN_INIT: POST /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so '[/usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so] [/usr/local/sbin/ovpn_auth_verify_async] [user] [TG9jYWwgRGF0YWJhc2U=] [false] [server2] [1195]' intercepted=PLUGIN_AUTH_USER_PASS_VERIFY
Feb 18 07:57:17 pfSense openvpn[70882]: Initializing OpenSSL support for engine 'devcrypto'
Feb 18 07:57:17 pfSense openvpn[70882]: Diffie-Hellman initialized with 2048 bit key
Feb 18 07:57:17 pfSense openvpn[70882]: WARNING: experimental option --capath /var/etc/openvpn/server2/ca
Feb 18 07:57:17 pfSense openvpn[70882]: Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Feb 18 07:57:17 pfSense openvpn[70882]: Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Feb 18 07:57:17 pfSense openvpn[70882]: TLS-Auth MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
Feb 18 07:57:17 pfSense openvpn[70882]: TUN/TAP device ovpns2 exists previously, keep at program end
Feb 18 07:57:17 pfSense openvpn[70882]: TUN/TAP device /dev/tun2 opened
Feb 18 07:57:17 pfSense openvpn[70882]: do_ifconfig, ipv4=1, ipv6=0
Feb 18 07:57:17 pfSense openvpn[70882]: /sbin/ifconfig ovpns2 192.168.100.1/24 mtu 1500 up
Feb 18 07:57:17 pfSense openvpn[70882]: /usr/local/sbin/ovpn-linkup ovpns2 1500 0 192.168.100.1 255.255.255.0 init
Feb 18 07:57:17 pfSense openvpn[70882]: Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Feb 18 07:57:17 pfSense openvpn[70882]: Socket Buffers: R=[42080->42080] S=[57344->57344]
Feb 18 07:57:17 pfSense openvpn[70882]: UDPv4 link local (bound): [AF_INET]180.0.0.0:1195
Feb 18 07:57:17 pfSense openvpn[70882]: UDPv4 link remote: [AF_UNSPEC]
Feb 18 07:57:17 pfSense openvpn[70882]: MULTI: multi_init called, r=256 v=256
Feb 18 07:57:17 pfSense openvpn[70882]: IFCONFIG POOL IPv4: base=192.168.100.2 size=253
Feb 18 07:57:17 pfSense openvpn[70882]: Initialization Sequence Completed
Feb 18 07:58:10 pfSense openvpn[70882]: MANAGEMENT: Client connected from /var/etc/openvpn/server2/sock
Feb 18 07:58:10 pfSense openvpn[70882]: MANAGEMENT: CMD 'status 2'
Feb 18 07:58:10 pfSense openvpn[70882]: MANAGEMENT: CMD 'quit'
Feb 18 07:58:10 pfSense openvpn[70882]: MANAGEMENT: Client disconnected
Feb 18 07:59:13 pfSense openvpn[70882]: MANAGEMENT: Client connected from /var/etc/openvpn/server2/sock
Feb 18 07:59:13 pfSense openvpn[70882]: MANAGEMENT: CMD 'status 2'
Feb 18 07:59:14 pfSense openvpn[70882]: MANAGEMENT: CMD 'quit'
Feb 18 07:59:14 pfSense openvpn[70882]: MANAGEMENT: Client disconnected
Feb 18 08:00:16 pfSense openvpn[70882]: MANAGEMENT: Client connected from /var/etc/openvpn/server2/sock
Feb 18 08:00:16 pfSense openvpn[70882]: MANAGEMENT: CMD 'status 2'
Feb 18 08:00:17 pfSense openvpn[70882]: MANAGEMENT: CMD 'quit'
Feb 18 08:00:17 pfSense openvpn[70882]: MANAGEMENT: Client disconnected

      Feb 18 08:07:36 pfSense openvpn[70882]: MULTI_sva: pool returned IPv4=192.168.100.2, IPv6=(Not enabled)
Feb 18 08:07:36 pfSense openvpn[72680]: openvpn server 'ovpns2' user 'putin' address '192.168.10.93:33147' - disconnected
Feb 18 08:07:36 pfSense openvpn[73386]: openvpn server 'ovpns2' user 'putin' address '192.168.10.93:58883' - connecting
Feb 18 08:07:38 pfSense openvpn[70882]: MANAGEMENT: Client connected from /var/etc/openvpn/server2/sock
Feb 18 08:07:38 pfSense openvpn[70882]: MANAGEMENT: CMD 'status 2'
Feb 18 08:07:38 pfSense openvpn[70882]: MANAGEMENT: Client disconnected
Feb 18 08:07:38 pfSense openvpn[70882]: OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_3bd9461b3b864f3f3389699aca26eff2.tmp
Feb 18 08:07:38 pfSense openvpn[70882]: MULTI: Learn: 192.168.100.2 -> brezs/192.168.10.93:58883
Feb 18 08:07:38 pfSense openvpn[70882]: MULTI: primary virtual IP for brezs/192.168.10.93:58883: 192.168.100.2
Feb 18 08:07:38 pfSense openvpn[70882]: Data Channel: using negotiated cipher 'AES-256-GCM'
Feb 18 08:07:38 pfSense openvpn[70882]: Data Channel MTU parms [ mss_fix:1400 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Feb 18 08:07:38 pfSense openvpn[70882]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Feb 18 08:07:38 pfSense openvpn[70882]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Feb 18 08:07:38 pfSense openvpn[70882]: SENT CONTROL [putin]: 'PUSH_REPLY,route 192.168.10.0 255.255.255.0,route 192.168.50.0 255.255.255.0,route 192.168.40.0 255.255.255.0,route 192.168.60.0 255.255.255.0,route 192.168.80.0 255.255.255.0,dhcp-option DOMAIN breznet.com,dhcp-option DNS 192.168.10.253,dhcp-option DNS 192.168.10.254,block-outside-dns,dhcp-option NTP 192.168.10.123,route-gateway 192.168.100.1,topology subnet,ping 10,ping-restart 60,ifconfig 192.168.100.2 255.255.255.0,peer-id 0,cipher AES-256-GCM,key-derivation tls-ekm' (status=1)
Feb 18 08:07:38 pfSense openvpn[79298]: openvpn server 'ovpns2' user 'putin' address '192.168.10.93:58883' - connected
Feb 18 08:07:38 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:38 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:38 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:38 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:38 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:38 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:39 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:39 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:39 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:39 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:40 pfSense openvpn[70882]: MANAGEMENT: Client connected from /var/etc/openvpn/server2/sock
Feb 18 08:07:41 pfSense openvpn[70882]: MANAGEMENT: CMD 'status 2'
Feb 18 08:07:41 pfSense openvpn[70882]: MANAGEMENT: CMD 'quit'
Feb 18 08:07:41 pfSense openvpn[70882]: MANAGEMENT: Client disconnected
Feb 18 08:07:41 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:41 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:41 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:41 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:42 pfSense openvpn[70882]: putin/192.168.10.93:58883 IP packet with unknown IP version=15 seen
Feb 18 08:07:42 pfSense openvpn[70882]: MANAGEMENT: Client connected from /var/etc/openvpn/server2/sock
Feb 18 08:07:42 pfSense openvpn[70882]: MANAGEMENT: CMD 'status 2'
Feb 18 08:07:42 pfSense openvpn[70882]: MANAGEMENT: Client disconnected

      Any ideas?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.