Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [RESOLV] 2 vpn and Management Daemon Unreachable

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      flipflip
      last edited by

      Hello,

      i've configuring 2 vpn (VPN1 and VPN2) on pfsense 2.0.3 with 2 different ports (1194 and 1195). When i activing all vpn's (VPN1 in first and VPN2 in second) for the second i've this error in "Status / OpenVpn" Management Daemon Unreachable and it's impossible to deconnect this.

      If inverse activation (first VPN2 and second VPN1) the VPN1 have the error "Management Daemon Unreachable".

      After disable VPN1 and VPN2 in /var/etc/openvpn remains files serverX.sock.

      P.S. : Sorry for my bad english.

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        Tell us more -
        I guess they are both servers?
        What are the server configs? (e.g. are they using using different tunnel networks…)
        What hardware? (maybe you have a system low on memory)
        What is in the logs? (hopefully the daemon that won't start, actually logs something)

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • F
          flipflip
          last edited by

          I guess they are both servers?

          Yes and the client is roadwarrior

          What are the server configs? (e.g. are they using using different tunnel networks…)

          No identical, the unique it's the authentifcation method :
          VPN1 : Remote Access (User Auth) + ldap
          VPN2 : Remote Access (SSL/TLS + User Auth) + ldap

          What hardware? (maybe you have a system low on memory)

          Memory : 2Gb

          Mem: 50M Active, 17M Inact, 101M Wired, 32K Cache, 110M Buf, 814M Free
          Swap: 2048M Total, 2048M Free
          

          What is in the logs? (hopefully the daemon that won't start, actually logs something)

          /var/log/openvpn.log after active VPN1 and VPN2

          Jul 10 14:13:09 svfir02 openvpn[13082]: OpenVPN 2.2.2 i386-portbld-freebsd8.1 [SSL] [LZO2] [eurephia] built on Apr  2 2013
          Jul 10 14:13:09 svfir02 openvpn[13082]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want
          Jul 10 14:13:09 svfir02 openvpn[13082]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
          Jul 10 14:13:09 svfir02 openvpn[13082]: WARNING: POTENTIALLY DANGEROUS OPTION --client-cert-not-required may accept clients which do not present a certificate
          Jul 10 14:13:09 svfir02 openvpn[13082]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
          Jul 10 14:13:09 svfir02 openvpn[13082]: TUN/TAP device /dev/tun1 opened
          Jul 10 14:13:09 svfir02 openvpn[13082]: /sbin/ifconfig ovpns1 192.168.x.1 192.168.x.2 mtu 1500 netmask 255.255.255.255 up
          Jul 10 14:13:09 svfir02 openvpn[13082]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1558 192.168.x.1 192.168.x.2 init
          Jul 10 14:13:09 svfir02 openvpn[15011]: UDPv4 link local (bound): zzz.26.133.zzz:1194
          Jul 10 14:13:09 svfir02 openvpn[15011]: UDPv4 link remote: [undef]
          Jul 10 14:13:09 svfir02 openvpn[15011]: Initialization Sequence Completed
          Jul 10 14:13:13 svfir02 openvpn[38232]: OpenVPN 2.2.2 i386-portbld-freebsd8.1 [SSL] [LZO2] [eurephia] built on Apr  2 2013
          Jul 10 14:13:13 svfir02 openvpn[38232]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
          Jul 10 14:13:13 svfir02 openvpn[38232]: Control Channel Authentication: using '/var/etc/openvpn/server2.tls-auth' as a OpenVPN static key file
          Jul 10 14:13:13 svfir02 openvpn[38232]: TUN/TAP device /dev/tun2 opened
          Jul 10 14:13:13 svfir02 openvpn[38232]: /sbin/ifconfig ovpns2 192.168.x.1 192.168.x.2 mtu 1500 netmask 255.255.255.255 up
          Jul 10 14:13:13 svfir02 openvpn[38232]: FreeBSD ifconfig failed: external program exited with error status: 1
          Jul 10 14:13:13 svfir02 openvpn[38232]: Exiting
          

          /var/log/system.log

          Jul 10 14:13:09 svfir02 check_reload_status: Reloading filter
          Jul 10 14:13:09 svfir02 kernel: ovpns1: link state changed to UP
          Jul 10 14:13:09 svfir02 check_reload_status: rc.newwanip starting ovpns1
          Jul 10 14:13:09 svfir02 check_reload_status: Syncing firewall
          Jul 10 14:13:12 svfir02 php: : rc.newwanip: Informational is starting ovpns1.
          Jul 10 14:13:12 svfir02 php: : rc.newwanip: on (IP address: 192.168.x.1) (interface: ) (real interface: ovpns1).
          Jul 10 14:13:13 svfir02 kernel: ovpns2: link state changed to UP
          Jul 10 14:13:13 svfir02 kernel: ovpns2: link state changed to DOWN
          Jul 10 14:13:14 svfir02 ntpdate[36006]: adjust time server 88.190.227.30 offset -0.002549 sec
          Jul 10 14:13:14 svfir02 php: : pfSense package system has detected an ip change  ->  192.168.x.1 ... Restarting packages.
          Jul 10 14:13:14 svfir02 check_reload_status: Starting packages
          Jul 10 14:13:16 svfir02 php: : Restarting/Starting all packages.
          
          1 Reply Last reply Reply Quote 0
          • F
            flipflip
            last edited by

            The problem is the identical IP address for the all vpn.

            Thanks.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.