OpenVPN Client goes down on WAN IP change
-
Hi guys.
This is a problem that started to happen after I added a IPv6 Tunnel with HE.net on my ALIX box with pfSense 2.1 RELEASE.My box connects to two other OpenVPN Servers on pfSense boxes.
When my ISP changes my public IP it happens (not always) that open VPN client processes can't restablish connection to the servers.
This is what log says:
Dec 26 12:08:32 openvpn[41680]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013
Dec 26 12:08:32 openvpn[41680]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
Dec 26 12:08:32 openvpn[41680]: Initializing OpenSSL support for engine 'cryptodev'
Dec 26 12:08:32 openvpn[41680]: TCP/UDP: Socket bind failed on local address [AF_INET]190.51.109.228: Can't assign requested address
Dec 26 12:08:32 openvpn[41680]: Exiting due to fatal errorThe AF_INET address that can't be assigned is the previews IP address, not the new assigned one. Of course the new address is nos recognized and that's the problem.
May be something has been broken sinse the new IPv6 tunnel configuration.
Hope someone can help…
Thanks and good bye...
-
It sounds like the conf file has not been rewritten when the IP address changed. Have a look at the creation dates and contents of /var/etc/openvpn/server*.conf to see if it still has the old IP address.
I expect that this fix to /etc/rc.openvpn is needed so that the conf files are rewritten when these WAN events happen:
https://github.com/pfsense/pfsense/commit/4bf23d320bc96eeabf2daf9024583f2cc5a6662a
-
Thank you for your quick response.
I've tested the patch with a negative result.
As soon as I aplied it the WAN interface went down and it didn't came up again until I rolled back…
-
hi,
I have the same problem, there any solution?Thanks