Pfsense 2.0.3 OpenVPN bridge TAP



  • Hi,

    It sems that upgrading pfSense from 2.0.2 to 2.0.3 broke my OpenVPN TAP bridging service.

    OpenVPN service could not start because of error:
    "Options error: Unrecognized option or missing parameter(s)"

    I find out that gui create parameter –server 0.0.0.0 which is not ok. I change it to --server-bridge and now it works.

    Anyone else having same problem? Is it posible that package "OpenVPN tap Bridging Fix " cause this?



  • Yes, I have the same issue here.

    Error under openvpn status page is: Management Daemon Unreachable

    and openvpn log entry: openvpn[30957]: Options error: Unrecognized option or missing parameter(s) in /var/etc/openvpn/server1.conf:19: server (2.2.2)

    I can't even create openvpn server any more after I delete the old one because this error.

    Any fix yet?


  • Rebel Alliance Developer Netgate

    Did you install the tap fix package?

    tap really doesn't work properly on 2.0.x, 2.1 should work fine without any extra patches/add-ons.
    The tap fix package does some partial fixes but it's not complete.



  • I did installed the patch before upgrading to 2.0.3.



  • I also have the same problem.  Tap VPN worked great on 2.02 and upgrading to 2.03 broke it.  Any workarounds?



  • you can manualy change configuration file and change parameter from –server 0.0.0.0 to --server-bridge + "OpenVPN tap Bridging Fix" package.


  • Rebel Alliance Developer Netgate

    Uninstall the tap fix package and then reinstall it again once the new version shows up. Parts of the patch were failing on 2.0.3, I updated the package to compensate.



  • It fix the server issue. OpenVPN works fine now. However I found a bug with webgui. It looks the section to setup bridge options got replicated more than once. I think the uninstall did not take out the webgui part and the new installation just added another same section. But just my guess here.



  • Rebel Alliance Developer Netgate

    That's a side effect of how the patch is applied… it only adds text to the page, so it can't tell that it's already been applied, since it applies cleanly.

    Best way back from that is to gitsync to RELENG_2_0, or manually copy a fresh version of the stock file over, then reinstall the package.



  • @jimp:

    That's a side effect of how the patch is applied… it only adds text to the page, so it can't tell that it's already been applied, since it applies cleanly.

    Best way back from that is to gitsync to RELENG_2_0, or manually copy a fresh version of the stock file over, then reinstall the package.

    • Im in the same situation.. multiple 'bridge dhcp / interface' selections after tap fix 0.4… how to remove tap interface and reinstall it ? basic-step-by-step <-> gitsync or manual copy way?

    br.
    .k


  • Rebel Alliance Developer Netgate

    If you need hand holding, gitsync or manual copies are not for you. Re-apply the 2.0.3 firmware and that will sort it out.



  • @jimp:

    If you need hand holding, gitsync or manual copies are not for you. Re-apply the 2.0.3 firmware and that will sort it out.

    • Applying 2.0.3 firmware did fix the problem. everything ok now. openvpn tap is working again…

    thanks!

    br.
    .k



  • keysers0ze

    I have the same problem. I saw the solution of re-apply the 2.0.3 firmware worked for you, but I dont know how do that.

    Are you talking about the System -> Firmware -> Manual Update?

    Thank you!



  • Download the config.
    Reinstall the whole thing.
    Import config.
    ???
    Profit.


  • Rebel Alliance Developer Netgate

    pfSsh.php playback gitsync RELENG_2_0
    reinstall package
    profit even more (since fixes after 2.0.3 shipped are included in the gitsync)


Log in to reply