Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    WAN/DHCP affects OpenVPN and gets it out of sync in the web gui

    OpenVPN
    2
    3
    806
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      HowardSten98239 last edited by

      I noticed that when I don't give my pfsense box a DHCP response on the WAN port, it sits around with a 0.0.0.0 address, then that disappears and shows no address. OpenVPN still starts, but it screws up the management port when I later give out an address.

      On my dashboard, I see "Unable to contact daemon, Service not running?". If I look at the logs, I see errors:

      openvpn[62387]: Exiting due to fatal error
      openvpn[62387]: TCP/UDP: Socket bind failed on local address [AF_INET]xxx.xxx.xxx.xxx:443: Address already in use
      openvpn[62387]: ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)

      If I go to service status, it says "openvpn" is stopped, but its actually running. I can successfully connect to it. Some how it gets in a weird state where pfsense starts it and forgets that it started it. When it tries to start it again, the old openvpn is bound to the port and it stays in the "stopped" state and can never be started/stopped until I reboot the server or ssh in and kill the process (haven't tried that yet though).

      Unfortunately, my ISP has problems where it occasionally wont want to hand out DHCP addresses for several minutes (so it may take some time). Is there an easier fix for this?

      1 Reply Last reply Reply Quote 0
      • C
        cmb last edited by

        With it bound to 443, do you have your GUI bound to something other than 443? That might be one reason.

        I'm guessing though it's the issue where OpenVPN writes out the wrong PID in its PID file. What's in your /var/etc/openvpn/serverX.pid file and what is the actual PID of OpenVPN instance that's running? where serverX probably == server1, but could be some other number depending on how many you have and have had in the past.

        1 Reply Last reply Reply Quote 0
        • H
          HowardSten98239 last edited by

          @cmb:

          With it bound to 443, do you have your GUI bound to something other than 443? That might be one reason.

          I'm guessing though it's the issue where OpenVPN writes out the wrong PID in its PID file. What's in your /var/etc/openvpn/serverX.pid file and what is the actual PID of OpenVPN instance that's running? where serverX probably == server1, but could be some other number depending on how many you have and have had in the past.

          I switched the webgui port to 1234 before I created the OpenVPN service. It works fine now since I rebooted it and was quickly able to get back an IP from DHCP.

          It's weird how it got into that state… The openvpn daemon was definitely running (even though it was reported stopped) and I was able to vpn in from the internet once I got an IP.

          The pid file explanation makes sense. I'll try it again in a few days so I can get it in that state again and report back. Thanks for your insight.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy