VPN interface change mask after openvpn server goes down and then up again

mazzatore

Hi guys (sorry for my bad english!)
I'm new from pfsense but after 10 days of documentation reading and some try, i was able to create a vpn trought pfsense and openwrt with all traffic trough the tunnel.
I've notice that, when the server goes down (for example missing power), or i choose to disable temporarily the openvpn server, the ovpns1 interface, created to rappresent the side of the tap tunnel in pfsense, change the subnet after than it comes up again. Here an example to explain better, an ifconfig show:

ovpns1: flags=108843 <up,broadcast,running,simplex,multicast,ipfw_filter>metric 0 mtu 1500
        options=80000 <linkstate>ether 00:bd:f4:34:00:01
        inet6 fe80::2bd:f4ff:fe34:1%ovpns1 prefixlen 64 scopeid 0x7
        inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
        nd6 options=3 <performnud,accept_rtadv>Opened by PID 37971
tun1: flags=8010 <pointopoint,multicast>metric 0 mtu 1500
        options=80000 <linkstate>ipfw0: flags=8801 <up,simplex,multicast>metric 0 mtu 65536</up,simplex,multicast></linkstate></pointopoint,multicast></performnud,accept_rtadv></linkstate></up,broadcast,running,simplex,multicast,ipfw_filter> 

With this output all works good. But if the server goes down, at the reboot i have this output

ovpns1: flags=108843 <up,broadcast,running,simplex,multicast,ipfw_filter>metric 0 mtu 1500
        options=80000 <linkstate>ether 00:bd:f4:34:00:01
        inet6 fe80::2bd:f4ff:fe34:1%ovpns1 prefixlen 64 scopeid 0x7
        inet 10.0.0.1 netmask 0xa000002 broadcast 255.255.255.253
        nd6 options=3 <performnud,accept_rtadv>Opened by PID 51306
tun1: flags=8010 <pointopoint,multicast>metric 0 mtu 1500
        options=80000 <linkstate></linkstate></pointopoint,multicast></performnud,accept_rtadv></linkstate></up,broadcast,running,simplex,multicast,ipfw_filter> 

Note that the subnet is completely wrong and the broadcast too…For make that all come back right, i have to change from gui the subnet of the ovpns1 interface....It's too strange.
The OpenVPN server settings are:

dev ovpns1
dev-type tap
dev-node /dev/tap1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-128-CBC
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 81.119.162.83
ifconfig 10.0.0.1 10.0.0.2
lport 1194
management /var/etc/openvpn/server1.sock unix
route 192.168.140.0 255.255.255.0
secret /var/etc/openvpn/server1.secret
comp-lzo

I think that some problems could be in the ovpn-linkup script or in the ovpn-linkdown script but i'm not able to assure that this is the problem. This are the scripts:

ovpn-linkup script

#!/bin/sh

# let the configuration system know that the ip has changed.
#/usr/local/sbin/pfSctl -c "interface newip $interface"

ifindex="${1##?????}"
if [ -e /dev/tun$ifindex ]; then
        if [ "" != "$route_vpn_gateway" ]; then
                /bin/echo $route_vpn_gateway > /tmp/$1_router
        else
                /bin/echo $5 > /tmp/$1_router
        fi
fi

/usr/bin/touch /tmp/$1up
# reload filter
/usr/local/sbin/pfSctl -c "interface newip $1"
exit 0
~

ovpn-linkdown script

#!/bin/sh
# /sbin/pfctl -b $4 -b $5
# delete the node just in case mpd cannot do that
/bin/rm -f /var/etc/nameserver_$1
/bin/rm -f /tmp/$1_router
/bin/rm -f /tmp/$1up
/usr/local/sbin/pfSctl -c 'filter reload'

Where could be the problems?
I hope in some help and sorry if i have not explained better!

mazzatore

Any ideas?

mazzatore

up!

djackson

I have the same problem?