GUI inconsistencies again



  • I'm again having problems with gui and it seems some interfaces.

    I would like for someone to - for starters - look at the pictures here and tell me how and why they add up.

    I was testing with an OpenVPN server and when restarting (to edit some settings in a server config) the same issue I previously reported, whith non-active client-connections started to show as active with assigned IPs and all (see my other posts on the matter).

    Quite unrelated it would seem: now clients on the WLAN interface (has nothing to do with OpenVPN) cannot pass through the FW. Can access to pfS interface on that net but cannot pass through. There have been nor problems of that kind earlier and no settings pertaining to that interface have been edited.

    I have the 'WPNWAN' interface assigned with an OpenVPN tunnel to StrongVPN and even though it is disabled (see pic) in interfaces as well as disabled in OpenVPN clients config it still shows up active on first page (see pic).

    The situation here is the same after 3 reboots now.

    What is going on?

    This is:
    1.2.3-RELEASE
    built on Sun Dec 6 23:38:21 EST 2009
    FreeBSD 7.2-RELEASE-p5 i386

    I'm also seing some pretty rough timout when going to the openvpn status package's page
    https://pfSense/status_openvpn.php

    After trying to it sits loading and loading and even id I abort and try to go back to index nothing happens for quite some time. I have been able to go to that status page earlier though so not sure what this is.





  • Rebel Alliance Developer Netgate

    unless you hardware your OpenVPN connections with a specific tun device (by using something like "dev tun99" in the custom options) then it's possible that you are really seeing some other openvpn instance active on that other device name.

    If you have the tun assigned to an opt, I don't think it's enable/disable really has any effect on the underlying tun device, but I may be wrong on that. They for sure don't work quite like physical interfaces.



  • @jimp:

    unless you hardware your OpenVPN connections with a specific tun device (by using something like "dev tun99" in the custom options) then it's possible that you are really seeing some other openvpn instance active on that other device name.

    If you have the tun assigned to an opt, I don't think it's enable/disable really has any effect on the underlying tun device, but I may be wrong on that. They for sure don't work quite like physical interfaces.

    Ok, I'll assign a specifc high tun # and see if that changes anything. Perhaps this type of usage isn't really recommended?


  • Rebel Alliance Developer Netgate

    @0tt0:

    Ok, I'll assign a specifc high tun # and see if that changes anything. Perhaps this type of usage isn't really recommended?

    It's more of a "it works if you're careful but don't expect perfection" type deal. :-)

    Some other caveats are covered in the book and on the doc wiki, but mainly hardwiring the tun device is important if you have more than one OpenVPN instance – client or server.


Log in to reply