Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Restart Service on OPT1 UP

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lewi3069
      last edited by

      Here is what I am trying to accomplish. I have an openvpn client setup on my PF box. I also have dual WAN set up.

      I want the VPN client to run on my OPT1 connection which is a 4G tether (20mb/20mb) that is only up when I am home and fail over to my WAN which is DSL (1.5mb/.5mb) when I am away.

      I have it set up where it fails over to the WAN when the OPT1 goes down, but the only way to get it to fail-back is to restart the OpenVPN service.

      I have tried to make every rule I could think of to make it work, but just can't get it to work. So what I would like to do is set it up so when apinger sees the line as up again it restarts the OpenVPN service…

      Anyone have any way to accomplish what I am trying to to or another way that would work just as well?

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        On 2.1-BETA1 you can put OpenVPN server/clients on a gateway group (rather than a particular interface). When an interface in the gateway group goes down/up the OpenVPN server/clients get restarted and will be attached to the highest tier working gateway/interface in the group.
        If you are willing to try 2.1 then you should get the functionality.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • L
          lewi3069
          last edited by

          I will try this thanks for the advice!

          1 Reply Last reply Reply Quote 0
          • L
            lewi3069
            last edited by

            Alright I found out I needed to rebuild my Gateway Groups for them to show up and work after the update.

            1 Reply Last reply Reply Quote 0
            • L
              lewi3069
              last edited by

              @phil.davis:

              On 2.1-BETA1 you can put OpenVPN server/clients on a gateway group (rather than a particular interface). When an interface in the gateway group goes down/up the OpenVPN server/clients get restarted and will be attached to the highest tier working gateway/interface in the group.
              If you are willing to try 2.1 then you should get the functionality.

              Does this only work for failover and not failback? Because I cannot get it to work for the life of me.

              1 Reply Last reply Reply Quote 0
              • P
                phil.davis
                last edited by

                Some work on this functionality a few weeks ago was not finalised/successful. I did some work on it just now, and with this pull request OpenVPN clients/servers using gateway groups will failover/failback to the highest tier available interface as interfaces go down/up:
                https://github.com/pfsense/pfsense/pull/625
                When that is reviewed, committed and comes out in a snapshot build it will all work!

                As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                1 Reply Last reply Reply Quote 0
                • L
                  lewi3069
                  last edited by

                  @phil.davis:

                  Some work on this functionality a few weeks ago was not finalised/successful. I did some work on it just now, and with this pull request OpenVPN clients/servers using gateway groups will failover/failback to the highest tier available interface as interfaces go down/up:
                  https://github.com/pfsense/pfsense/pull/625
                  When that is reviewed, committed and comes out in a snapshot build it will all work!

                  Just wanted to let you know that this first method didn't make any change for my setup, but your second change did. https://github.com/pfsense/pfsense/pull/627

                  Thanks for the work you put into this.

                  1 Reply Last reply Reply Quote 0
                  • P
                    phil.davis
                    last edited by

                    That's fine - I have been wanting this to work optimally for my systems, I had been on 4 weeks leave away from easy access to test systems (withdrawal symptoms:) and it was a good opportunity to have a proper look at it.

                    As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                    If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.