Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    50 days after upgrading OpenVPN now starts failing...

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 1 Posters 598 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      matsan
      last edited by

      Had initial issues with the 23.01 upgrade on our SG-3100 but the work-arounds provided here solved that and all has been well for 50+ days now.
      Today however our OpenVPN tunnels are startin to fail out of the blue.
      I have installed the patches package and the SG-3100 recommended patch and rebooted the devices. After the reboot the tunnels were up for a couple of hours but have now started to fail again with the following in the logs:

      Apr 21 13:33:02	openvpn	81114	Exiting due to fatal error
Apr 21 13:33:02	openvpn	81114	FreeBSD ifconfig failed: external program exited with error status: 1
Apr 21 13:33:02	openvpn	81114	/sbin/ifconfig ovpnc2 10.3.101.2/24 mtu 1500 up
Apr 21 13:33:02	openvpn	81114	TUN/TAP device /dev/tap2 opened
Apr 21 13:33:02	openvpn	81114	TUN/TAP device ovpnc2 exists previously, keep at program end
Apr 21 13:33:02	openvpn	81114	[site2site.xxx.zzz.net] Peer Connection Initiated with [AF_INET]x.y.w.229:1195
Apr 21 13:33:01	openvpn	81114	UDPv4 link remote: [AF_INET]x.y.w.229:1195
Apr 21 13:33:01	openvpn	81114	UDPv4 link local (bound): [AF_INET]z.q.57.173:0
Apr 21 13:33:01	openvpn	81114	TCP/UDP: Preserving recently used remote address: [AF_INET]x.y.w.229:1195
Apr 21 13:33:01	openvpn	81114	WARNING: experimental option --capath /var/etc/openvpn/client2/ca
Apr 21 13:33:01	openvpn	81114	Initializing OpenSSL support for engine 'devcrypto'
Apr 21 13:33:01	openvpn	81114	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Apr 21 13:33:01	openvpn	81114	library versions: OpenSSL 1.1.1t-freebsd 7 Feb 2023, LZO 2.10
Apr 21 13:33:01	openvpn	81114	OpenVPN 2.6_beta1 armv7-portbld-freebsd14.0 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] [DCO]

      What more can I check?

      1 Reply Last reply Reply Quote 0
      • M
        matsan
        last edited by matsan

        I have now tried stopping both OpenVPN tunnels and restarted them one after another and they are now both up again. Not sure what the issue is but at least I now have a way to get the link up.
        I will see if the die again in a couple of hours...

        1 Reply Last reply Reply Quote 0
        • M matsan referenced this topic on
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.