Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Alias for IPv4 Local network in OpenVPN not up to date

    OpenVPN
    1
    1
    92
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      SuB_Frank
      last edited by

      Hello

      I set up a OpenVPN server and most thinks work like expected, only the routes are not regular updated.

      There are several networks, IPs and IPs behind FQDN I have to route trough the VPN so I setup two alias for IPv4 Local network(s), one is network alias with some networks and fixed IPs inside, the other one is a host alias with some FQDN.

      The network alias works fine, because there are no changes (only when I add/remove a server/network which should be used over the VPN)

      Inside the host alias I use FQDN, this list is up to date under Diagnostic/Tables. When the OpenVPN server and OpenVPN Connect are fresh restarted, everything works like I want to. But after some time (days, weeks I don’t know, because I didn’t get the information when/why the IPs change) the OpenVPN server use still the old IPs for pushing the routes to the Client.

      After restart:

      example.fqdn
    IP: a.a.a.a
    IP: b.b.b.b
    IP: c.c.c.c
routes over VPN set to a.a.a.a, b.b.b.b, c.c.c.c

      after some time

      example.fqdn
    IP: d.d.d.d
    IP: b.b.b.b
    IP: c.c.c.c
routes over VPN set to a.a.a.a, b.b.b.b, c.c.c.c

      This continued till restart the OpenVPN Server (Status/OpenVPN restart service) the clients normal get the new IPs behind the FQDN as routes on reconnect, some clients need a manual reconnect others a OpenVPN client restart. The default OpenVPN client is OpenVPN Connect

      The Problem is that the routes are not update only on OpenVPN service restart.

      In the moment I manually restart once a week the OpenVPN service (Status/OpenVPN), when nobody use the VPN, because the cron-job with this command /usr/local/sbin/pfSsh.php playback svc restart openvpn server 1 restart something for this VPN, but the VPN completely stop working, until i restart the service manually in Status/OpenVPN.

      Basic Infomation:
      pfsense: Netgat 6100 23.09.1-RELEASE
      I followed mostly this documentation and this for the alias with some change to fit to the use case. (Split traffic and split DNS for internal domains only over VPN)

      clients: Windwos/MacOS/Linux with OpenVPN Connect (some MacOS use Tunnelblick) for testing I tried other OpenVPN clients but all get the wrong routes till the OpenVPN service ist restartet, some clients get the correct routes on reconnect, some I have manually disconnect and after this the correct routes are set.

      If more Information needed pleas ask.

      BdT
      Frank

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.