How restart OpenVPN server
-
Hello
When i change some setting in OpenVPN server (IP or other) it isn't possible to connect to OPENVPN server any more, unless reset pfsense computer.
Is possible restart only OPENVPN server ??? -
Could you provide us detailed steps on how to reproduce this, please?
-
When change any setting in PPTP server, automaticly PPTP server restart and close all connection.
In linux system PPTP server restart by command /etc/init.d/pptp restart
When change any setting in OPENVPN server, to have to restart computer, otherwise server dont work. -
This is log file and error. Why does this error, if reset computer OPENVPN server start normaly.
Nov 15 23:45:50 openvpn[5569]: Exiting
Nov 15 23:45:50 openvpn[5569]: TCP/UDP: Socket bind failed on local address [undef]:1194: Address already in use
Nov 15 23:45:50 openvpn[5569]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible
Nov 15 23:45:50 openvpn[5569]: OpenVPN 2.0.6 i386-portbld-freebsd6.1 [SSL] [LZO] built on Apr 6 2006 -
I have version: 1.0.1
built on Sun Oct 29 01:07:16 UTC 2006
And I get the same problem. It was working normally until today. I have had it up for about 2 days.
If I reboot the pf it works with changes, the changes get written to config.xml, but the openvpn server doesn't shutdown. -
Greetings,
i have same problem with OpenVPN
Ill try many ports but with same result… When i restart pfsense, everything works fine, but when i try change settings in OpenVPN than openvpn shut down with this error message :TCP/UDP: Socket bind failed on local address [undef]:15888: Address already in use
-
OpenVPN isn't being killed properly. I don't know why, maybe the machines you're using are slower (specs?).
If you want to help, please run this from a pfSense terminal (from the shell, not from the console menu):
/usr/bin/time -h sh -c 'RUNNING=`ps ax | grep openvpn | grep -v grep`; while [ -n "$RUNNING" ]; do RUNNING=`ps ax | grep openvpn | grep -v grep`; done' | & awk '{print $3}' & echo '' | php -qThe output should be something like:
[1] 87559 87560 0.58s [1] + Exit 1 /usr/bin/time -h sh -c ... |& Done awk {print $3}I'm interested in the second line, "0.58s" in this example.
-
-
Here are my specs:
I have dual machines running a CARP config, but only one is running openvpn.
Pentium D 915
1GB RAM
2x 80GB HD (SATA)
2x Onboard Gb NIC
2x Intel Pro 1000PT NicHere is the output from the command at the shell:
[1] 58131 58132
0.00s
[1] + Done /usr/bin/time -h sh -c … |& awk {print $3}Thanks for the help.
-
Thanks for the quick replies. We're studying what the best way to fix it is. In the meanwhile, if you need to restart OpenVPN after performing changes to the config screen, issue:
echo "" | php -q -
echo "" | php -qSame problem :( this dont help… i must restart whole box :(
Ill try 3 boxes and clean installation. First time all appear ok and i can change openvpn config without problem and its restart without error... but after some hours happend this after changing options :(
Nov 16 17:09:55 openvpn[14308]: Exiting
Nov 16 17:09:55 openvpn[14308]: TCP/UDP: Socket bind failed on local address [undef]:1194: Address already in use
Nov 16 17:09:55 openvpn[14308]: Control Channel Authentication: using '/etc/tls_auth.key' as a OpenVPN static key file
Nov 16 17:09:55 openvpn[14308]: WARNING: file '/etc/tls_auth.key' is group or others accessible
Nov 16 17:09:55 openvpn[14308]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible
Nov 16 17:09:55 openvpn[14308]: OpenVPN 2.0.6 i386-portbld-freebsd6.1 [SSL] [LZO] built on Apr 6 2006P.S. Sorry for my bad english :D But i think you understand me :)
-
This is log file and error. Why does this error, if reset computer OPENVPN server start normaly.
Nov 15 23:45:50 openvpn[5569]: Exiting
Nov 15 23:45:50 openvpn[5569]: TCP/UDP: Socket bind failed on local address [undef]:1194: Address already in use
Nov 15 23:45:50 openvpn[5569]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible
Nov 15 23:45:50 openvpn[5569]: OpenVPN 2.0.6 i386-portbld-freebsd6.1 [SSL] [LZO] built on Apr 6 2006Yeah, same problem here… openvpn is not running when I run it from the command line:
# /usr/local/sbin/openvpn --config /var/etc/openvpn_server0.confNov 22 16:03:20 router openvpn[7506]: OpenVPN 2.0.6 i386-portbld-freebsd6.1 [SSL] [LZO] built on Apr 6 2006 Nov 22 16:03:20 router openvpn[7506]: WARNING: file '/var/etc/openvpn_server0.secret' is group or others accessible Nov 22 16:03:20 router openvpn[7506]: TCP/UDP: Socket bind failed on local address [undef]:1194: Address already in use Nov 22 16:03:20 router openvpn[7506]: ExitingI can't seem to find what is using 1194 when openvpn is not running.
-
From a shell issue a sockstat command to see what processes are listening on what ports.
-
From a shell issue a sockstat command to see what processes are listening on what ports.
*root check_relo 326 11 udp4 :1194 :
so something is wrong with check reload status… when i kill this process everything works fine!
-
Eh, this doesn't make any sense. check_reload_status doesn't even open a socket.
-
From a shell issue a sockstat command to see what processes are listening on what ports.
Yeah, I've got another whole mess attached apparently:
# sockstat | grep 1194 root sleep 3078 10 udp4 *:1194 *:* root sh 1463 10 udp4 *:1194 *:* _dhcp dhclient 1306 10 udp4 *:1194 *:* root dhclient 1259 10 udp4 *:1194 *:* root check_relo 659 10 udp4 *:1194 *:* -
sockstat | grep 1194
root check_relo 405 11 udp4 *:1194 :
i try this many times… but when i try change openvpn settings, check_reload_status block port 1194. When i kill it everything work fine and i can change openvpn settings without any problem until next restart...
After restart, openvpn run ok until i try change some options... -
cheers,
verified this problem on all my embedded systems and 2 firewalls
with strong i386 hardware.kind regards
dairaen -
Please upgrade to http://www.pfsense.com/~sullrich/1.0.1-SNAPSHOT-11-25-2006/ and see if the problem persists.
-
cheers,
i am not at the office right now, so i can't test the
snapshot bevore next week; i will report if it fixes the bug.kind regards
dairaen