Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Client goes down on WAN IP change

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 3 Posters 3.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      muchacha_grande
      last edited by

      Hi guys.
      This is a problem that started to happen after I added a IPv6 Tunnel with HE.net on my ALIX box with pfSense 2.1 RELEASE.

      My box connects to two other OpenVPN Servers on pfSense boxes.

      When my ISP changes my public IP it happens (not always) that open VPN client processes can't restablish connection to the servers.

      This is what log says:

      Dec 26 12:08:32 openvpn[41680]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013
      Dec 26 12:08:32 openvpn[41680]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
      Dec 26 12:08:32 openvpn[41680]: Initializing OpenSSL support for engine 'cryptodev'
      Dec 26 12:08:32 openvpn[41680]: TCP/UDP: Socket bind failed on local address [AF_INET]190.51.109.228: Can't assign requested address
      Dec 26 12:08:32 openvpn[41680]: Exiting due to fatal error

      The AF_INET address that can't be assigned is the previews IP address, not the new assigned one. Of course the new address is nos recognized and that's the problem.

      May be something has been broken sinse the new IPv6 tunnel configuration.

      Hope someone can help…

      Thanks and good bye...

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        It sounds like the conf file has not been rewritten when the IP address changed. Have a look at the creation dates and contents of /var/etc/openvpn/server*.conf to see if it still has the old IP address.
        I expect that this fix to /etc/rc.openvpn is needed so that the conf files are rewritten when these WAN events happen:
        https://github.com/pfsense/pfsense/commit/4bf23d320bc96eeabf2daf9024583f2cc5a6662a

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • M
          muchacha_grande
          last edited by

          Thank you for your quick response.

          I've tested the patch with a negative result.

          As soon as I aplied it the WAN interface went down and it didn't came up again until I rolled back…

          1 Reply Last reply Reply Quote 0
          • N
            nivedimca
            last edited by

            hi,
            I have the same problem, there any solution?

            Thanks

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.