Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Broken Gateway ? of default vpn route

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 827 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      Galaxy
      last edited by

      Hallo Dear Community,

      I fighting now since several days with my VPN Connection. This is my Situation

      Pfsense 2.1.5
      with squid3, squid3-guard, Light-squid and FreeRADIUS2

      I was using the Open VPN server on the machine to make a secure connection to the LAN network behind the firewall. VPN Server (tun , LZO is ON, Address Pool is ON, topology is ON ).

      Everything was working fine until the last update of the FreeRADIUS2. The machine was crashed and after the reboot, i'm not able to communicate with the LAN net over the tunnel. I'm able to connect to the VPN Server and authenticate but not able to reach the LAN network as previously.

      I find out so far:

      Open VPN Log say :

      
      openvpn[14766]: UDPv4 link remote: [undef]
      openvpn[14766]: UDPv4 link local (bound): [AF_INET]79.241.250.31:62000
      openvpn[13922]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1558 10.0.7.1 255.255.255.0 init
      openvpn[13922]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
      openvpn[13922]: /sbin/ifconfig ovpns1 10.0.7.1 10.0.7.1 mtu 1500 netmask 255.255.255.0 up
      openvpn[13922]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      openvpn[13922]: TUN/TAP device /dev/tun1 opened
      openvpn[13922]: TUN/TAP device ovpns1 exists previously, keep at program end
      openvpn[13922]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
      openvpn[13922]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
      openvpn[13922]: OpenVPN 2.3.3 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 15 2014
      
      

      Looks like the VPN Skript is not able to set the default getaway, but i'm not using any statit routs

      
      ERROR: FreeBSD route add command failed: external program exited with error status: 1
      
      

      And in the netstat -r is the wrong getaway for the 10.0.7.0 route

      
      Internet:
      Destination        Gateway            Flags    Refs      Use  Netif Expire
      default            217.0.119.27       UGS         0    15584 pppoe0
      google-public-dns- 217.0.119.27       UGHS        0      409 pppoe0
      10.0.7.0           link#1             U           0       73   fxp0
      10.0.7.1           link#16            UH          0        0 ovpns1
      10.0.7.100         link#1             UHS         0        0    lo0
      localhost          link#9             UH          0      188    lo0
      192.168.2.0        link#1             U           0    13140   fxp0
      router             link#1             UHS         0        0    lo0
      192.168.3.0        link#11            U           0        2 fxp4_v
      192.168.3.1        link#11            UHS         0        0    lo0
      
      

      so far i know is that wrong ->>>

      
       10.0.7.0           link#1             U           0       73   fxp0
      
      

      it should be

      
      10.0.7.0           10.0.7.1           UGS         0        0 ovpns1
      
      

      By removing the FreeRADIUS2 and reboot or the recreation of the VPN Server doesn't help.

      Have somebody experience how can I change the default getaway for VPN route? Or can help me to solve this Problem.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.