Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN server deamon does not start with pfSense 2.7

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 532 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pf-makes-sense
      last edited by

      Hi, today I virtualized an old Installation of a pfSense with OpenVPN on. I´ve done such things quite often.

      1. Download the configuration
      2. Edit VLAN and interface names
      3. Install a new pfSense (2.7)
      4. Restore the edited configuration
        pfSense 2.7 did not start the openVPN interface. A message was displayed, that the deamon did not start. I tried to start manualy from the GUI with the same result.
        Did I mess up the config? So I decided to install and restore to pfSense 2.6.
        pfSense 2.6 with the same configuration started OpenVPN fine. But unfortunately pfSense 2.6 gets no suitable packages anymore.
        Someone with the non community edition seems to have had a similar problem early this year and he had to install a pack with patches.

      At the moment 2.6 is running. And it would be possible to transfer a VM of 2.6 or an older Version with the necessary packages, but I think this could only be a temporary solution ...
      On the other hand I have some similar installations with pfSense. And, if some/all of those can not be upgraded in the future without hassle ....

      One of the main problems for diagnosis is: pfSense works with VLAN 4095 on ESXI and starting the instance will interfere with production environment unless some tweeks are done to the network section of the ESXI.
      I dont want to do these in an production environment. This limits quick trial and error. Iinfos about current configuration details however can be obtained from the running pfSense 2.6 or the config file.

      I hope someone had the same problem and solved it or a general solution is known.

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @pf-makes-sense
        last edited by

        @pf-makes-sense

        Well, time to show the error message when OpenVPN server is started.
        And show your settings.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • P
          pf-makes-sense
          last edited by

          I didn´t plan to spam the forum/the thread. But now I see no other possibility. This is the OpenVPN configuration, displayed with 2.6.
          OpenVPN deamon does not start with 2.7 but starts with 2.6. One or some of the former choosen options are crashing 2.7´ OpenVPN.
          It would be good to get a solution, which avoids redeploying of the clients.

          ovpn1-1.jpg ovpn1-2.jpg ovpn1-3.jpg ovpn1-4.jpg ovpn1-5.jpg ovpn1-6.jpg ovpn1-7.jpg ovpn1-8.jpg

          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan @pf-makes-sense
            last edited by

            @pf-makes-sense said in OpenVPN server deamon does not start with pfSense 2.7:

            OpenVPN deamon does not start with 2.7

            Can you show the OpenVPN logs Status > System Logs > OpenVPN when it starts ?

            4cb1dd48-a007-4a77-8d7b-7ae62625d56c-image.png

            You don't want Encryption also ?

            c3d1a813-969d-44d9-a1da-436beeb4a577-image.png

            Get rid of the CBC.
            Also on the fallback.

            634999e4-f125-414a-9ddc-53b4cb0c8a63-image.png

            If compression doesn't bite you today, it will tomorrow.
            Be ready for the future :

            cb6f1507-5fd0-4245-b3cd-b3260b5f52c5-image.png

            6873c30b-47c5-4309-9d64-8d45af461391-image.png

            Double triple check that you can access this IP. It's the LAN IP right ?

            You could also use 10.0.8.1:53 as unbound should be listing to that one also.
            But : check that.

            This :

            f566c9c6-56c8-4b4a-a2a3-1edd1c6c5baf-image.png

            is strange.
            After the custom box I have not this "Username as Common name" :

            a9360ff8-fe02-4096-a1ee-36d942445410-image.png

            So pfSense 2.7.0 is not 23.05.1 ?

            If you have 7 minutes spare somewhere, set up a second OpenVPN (using another UDP port) server using the official OpenVPN "set up a remote access OpenVPN" - see the official Netgate channel on Youtube.
            Or use the Wizard.

            Get a good known working OpenVPN client from the official source.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.