Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN client status problem

    Scheduled Pinned Locked Moved webGUI
    7 Posts 3 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rudivd
      last edited by

      Hi,

      This problem is related to 2.1.3.

      I have 2 openvpn clients defined. If they are connected the status display does not (correctly) reflect the status, when one of the 2 clients had a sucessfull reconnect it does not show connected, and keeps: showine "Unable to contact daemon Service not running? although the network to the client is up.

      Rudi

      1 Reply Last reply Reply Quote 0
      • R
        robi
        last edited by

        Somehow the web interface lost sync between the running instances of openvpn.

        enter console
        ps -aux | grep vpn

        see if they run indeed

        kill them by entering
        kill <pidnumber>for each

        go to web interface and start them from there.</pidnumber>

        1 Reply Last reply Reply Quote 0
        • R
          rudivd
          last edited by

          Thanks robi,

          but if the client ovpn fails, and automagically reconnects, the gui should keep track
          I suppose, maube there is room for enhancement here.

          Rudi

          1 Reply Last reply Reply Quote 0
          • R
            robi
            last edited by

            Yes it should and it does too. But sometimes it goes out of sync, dunno why. It happened to me only once in the last 6 months.

            1 Reply Last reply Reply Quote 0
            • S
              scurrier
              last edited by

              I am also experiencing issues with the web GUI not matching what is actually happening.

              See the attached picture where I have a site-to-site link going, healthy (we transferred 18gigs over it without a hitch), but the client status is not filled in.  The pfsense home screen widget also says that this link is down.

              I have seen the client status filled in, but it had the wrong virtual IP showing (which might possibly be a separate problem actually belonging to OpenVPN.)

              ![2014-08-25 20_34_08-pfsense.localdomain - Status_ OpenVPN - Internet Explorer.png](/public/imported_attachments/1/2014-08-25 20_34_08-pfsense.localdomain - Status_ OpenVPN - Internet Explorer.png)
              ![2014-08-25 20_34_08-pfsense.localdomain - Status_ OpenVPN - Internet Explorer.png_thumb](/public/imported_attachments/1/2014-08-25 20_34_08-pfsense.localdomain - Status_ OpenVPN - Internet Explorer.png_thumb)

              1 Reply Last reply Reply Quote 0
              • S
                scurrier
                last edited by

                Some good info about the problem in this thread:

                https://forum.pfsense.org/index.php?topic=70720.0

                1 Reply Last reply Reply Quote 0
                • S
                  scurrier
                  last edited by

                  At the risk of spamming this thread, I'll post another few tidbits I'm seeing.

                  The RRD graph for this particular site-to-site openvpn server instance is displaying zero users, even when the status page is displaying all the client info and appears to be working (although it shows the wrong virtual IP address).

                  To clarify the "wrong virtual IP address" issue:
                  The "virtual IP" shown in the client status is the IP address of pfsense's tunnel endpoint, not the client endpoint.  That's wrong.  I tried reducing the VPN subnet for this particular server to a /30 so that there would be only 2 host IP's available, but that didn't change it (and was a pretty weak attempt at a fix, anyway).

                  Willing to do more troubleshooting here, if anyone desires.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.