PFsense 2.2.4 Drops openvpn connections, does not allow reconnect

  • I have a pair of PFSense firewall(s) running 2.2.4 running 4 instances of OPENVPN, every couple of weeks the master will stop accepting any openvpn requests and most of the time drop any existing connections.  Forcing the master into CARP maint mode or rebooting it will restore functionality.

    • OpenVPN listens on a CARP address
    • Logs show no new connection attempts even though the clients are attempting
    • No out of the ordinary log messages
    • Restarting the OPENVPN server instances does not correct the issue.
    • The backup firewall is un-effected by the issue at the same time, it could be susceptible to the issue but it is not seen since it is running as the backup at most times.
    • This setup has been in place since 2009 more or less upgrading to current versions on a regular basis, no major changes in config since the issue started

    Any help is much appreciated.

    2.2.4-RELEASE (amd64)  built on Sat Jul 25 19:57:37 CDT 2015

  • If you're not getting anything in the OpenVPN logs, nothing is reaching that system. Given CARP failover or a reboot fixes temporarily, either an IP or MAC conflict is almost certainly the cause. MAC conflict where some other system has the same VHID as that CARP IP (or VRRP VRID, same virtual MAC scheme).

Log in to reply