Broken Gateway ? of default vpn route



  • Hallo Dear Community,

    I fighting now since several days with my VPN Connection. This is my Situation

    Pfsense 2.1.5
    with squid3, squid3-guard, Light-squid and FreeRADIUS2

    I was using the Open VPN server on the machine to make a secure connection to the LAN network behind the firewall. VPN Server (tun , LZO is ON, Address Pool is ON, topology is ON ).

    Everything was working fine until the last update of the FreeRADIUS2. The machine was crashed and after the reboot, i'm not able to communicate with the LAN net over the tunnel. I'm able to connect to the VPN Server and authenticate but not able to reach the LAN network as previously.

    I find out so far:

    Open VPN Log say :

    
    openvpn[14766]: UDPv4 link remote: [undef]
    openvpn[14766]: UDPv4 link local (bound): [AF_INET]79.241.250.31:62000
    openvpn[13922]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1558 10.0.7.1 255.255.255.0 init
    openvpn[13922]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
    openvpn[13922]: /sbin/ifconfig ovpns1 10.0.7.1 10.0.7.1 mtu 1500 netmask 255.255.255.0 up
    openvpn[13922]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
    openvpn[13922]: TUN/TAP device /dev/tun1 opened
    openvpn[13922]: TUN/TAP device ovpns1 exists previously, keep at program end
    openvpn[13922]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
    openvpn[13922]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    openvpn[13922]: OpenVPN 2.3.3 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 15 2014
    
    

    Looks like the VPN Skript is not able to set the default getaway, but i'm not using any statit routs

    
    ERROR: FreeBSD route add command failed: external program exited with error status: 1
    
    

    And in the netstat -r is the wrong getaway for the 10.0.7.0 route

    
    Internet:
    Destination        Gateway            Flags    Refs      Use  Netif Expire
    default            217.0.119.27       UGS         0    15584 pppoe0
    google-public-dns- 217.0.119.27       UGHS        0      409 pppoe0
    10.0.7.0           link#1             U           0       73   fxp0
    10.0.7.1           link#16            UH          0        0 ovpns1
    10.0.7.100         link#1             UHS         0        0    lo0
    localhost          link#9             UH          0      188    lo0
    192.168.2.0        link#1             U           0    13140   fxp0
    router             link#1             UHS         0        0    lo0
    192.168.3.0        link#11            U           0        2 fxp4_v
    192.168.3.1        link#11            UHS         0        0    lo0
    
    

    so far i know is that wrong ->>>

    
     10.0.7.0           link#1             U           0       73   fxp0
    
    

    it should be

    
    10.0.7.0           10.0.7.1           UGS         0        0 ovpns1
    
    

    By removing the FreeRADIUS2 and reboot or the recreation of the VPN Server doesn't help.

    Have somebody experience how can I change the default getaway for VPN route? Or can help me to solve this Problem.