Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.7.0-CE not working when more than one openVPN server is configured

    OpenVPN
    2
    3
    386
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LangeSW
      last edited by

      We tried to update a working 2.6.0-CE which has 2 openVPN servers configured (on WAN UDP/1194 and TCP/443).
      After the the update had finished, the openVPN servers did not start and access from LAN to internet was not possible :-(
      Access to the internet from the pfSense itself was working (Diagnostics - Ping).

      We deleted the second openVPN server from the (saved) 2.6.0-CE system and retried the update.
      This time everything was up and running as expected.

      Then we added a second openVPN server, but on pressing SAVE we received the following error message (was also displayed on screen):

      PHP ERROR: Type: 1, File: /etc/inc/openvpn.inc, Line: 1156, Message: Uncaught TypeError: urlencode(): Argument #1 ($string) must be of type string, array given in /etc/inc/openvpn.inc:1156
      Stack trace:
      #0 /etc/inc/openvpn.inc(1156): urlencode(Array)
      #1 /etc/inc/openvpn.inc(1573): openvpn_reconfigure('server', Array)
      #2 /etc/inc/openvpn.inc(1804): openvpn_restart('server', Array)
      #3 /etc/rc.openvpn(65): openvpn_resync('server', Array)
      #4 /etc/rc.openvpn(132): openvpn_resync_if_needed('server', Array, 'opt5')
      #5 {main}
      thrown

      Navigating back shows the second openVPN server entry - but the server ist not started (on the dashboard).

      After rebooting we had the same problems as after the first update - no LAN to internet connectivity :-(

      It seems the is something broken when adding the second server to firewall/routing/gateway setup ...

      Any ideas how to fix this ?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        The line producing the error is this:

        $servercn = urlencode(cert_get_cn($cert['crt']));

        So it's not a problem with your OpenVPN server(s) but something weird about the server certificate selected on that second server. Somehow it's returning multiple common name attributes which shouldn't be possible.

        Easiest thing to do would be to make a new server cert on 2.7.0 and then use it, see if it happens then.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 1
        • L
          LangeSW
          last edited by LangeSW

          Ha, that did it :-)

          Thanks a lot.

          We created a new server cert, installed it and were bitten by the 'VERIFY KU ERROR' bug when restarting the openVPN :-(
          The certificate had been used on both servers .....

          We got that fixed and updated to 2.7.0 without a problem :-)

          Now considering getting a paid licence ;-)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.