OpenVPN and Port Share



  • I've been pulling my hair out for the past week and can't seem to figure out why this isn't working anymore.  It was working prior to the upgrade.  Below is my openvpn config

    dev ovpns2
    verb 1
    dev-type tun
    tun-ipv6
    dev-node /dev/tun2
    writepid /var/run/openvpn_server2.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto tcp-server
    cipher AES-256-CBC
    auth SHA256
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    client-connect /usr/local/sbin/openvpn.attributes.sh
    client-disconnect /usr/local/sbin/openvpn.attributes.sh
    local x.x.x.x
    engine cryptodev
    tls-server
    server 10.1.3.0 255.255.255.0
    client-config-dir /var/etc/openvpn-csc/server2
    username-as-common-name
    auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user 'Local Database' fa
    lse server2" via-env
    tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'home_vpn' 1"
    lport 443
    management /var/etc/openvpn/server2.sock unix
    push "route 192.168.25.0 255.255.255.0"
    push "redirect-gateway def1"
    client-to-client
    ca /var/etc/openvpn/server2.ca
    cert /var/etc/openvpn/server2.cert
    key /var/etc/openvpn/server2.key
    dh /etc/dh-parameters.2048
    crl-verify /var/etc/openvpn/server2.crl-verify
    tls-auth /var/etc/openvpn/server2.tls-auth 0
    comp-lzo adaptive
    persist-remote-ip
    float
    topology subnet
    port-share 192.168.25.25 443
    mssfix 1379
    tun-mtu 1500

    When I connect to my OpenVPN server with an openvpn client it works with no issues.  However, when I try to connect with a non openvpn client to connect to my web server I get the following message in thee log file:

    May 15 23:35:45 openvpn 39624 PID packet_id_free
    May 15 23:35:45 openvpn 39624 PID packet_id_free
    May 15 23:35:45 openvpn 39624 PID packet_id_free
    May 15 23:35:45 openvpn 39624 PID packet_id_free
    May 15 23:35:45 openvpn 39624 PID packet_id_free
    May 15 23:35:45 openvpn 39624 PID packet_id_free
    May 15 23:35:45 openvpn 39624 PID packet_id_free
    May 15 23:35:45 openvpn 39624 PID packet_id_free
    May 15 23:35:45 openvpn 39624 TCP/UDP: Closing socket
    May 15 23:35:45 openvpn 39624 PID packet_id_free
    May 15 23:35:45 openvpn 39624 MULTI TCP: multi_tcp_post TA_SOCKET_READ -> TA_UNDEF
    May 15 23:35:45 openvpn 39624 SCHEDULE: schedule_find_least NULL
    May 15 23:35:46 openvpn 39624 PO_WAIT[0,0] fd=6 rev=0x00000001 rwflags=0x0001 arg=0x00000001 [scalable]
    May 15 23:35:46 openvpn 39624 MULTI: REAP range 16 -> 32
    May 15 23:35:46 openvpn 39624 MULTI: multi_create_instance called
    May 15 23:35:46 openvpn 39624 PO_INIT maxevents=4 flags=0x00000002
    May 15 23:35:46 openvpn 39624 Re-using SSL/TLS context
    May 15 23:35:46 openvpn 39624 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 68 bytes
    May 15 23:35:46 openvpn 39624 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 40 bytes
    May 15 23:35:46 openvpn 39624 LZO compression initialized
    May 15 23:35:46 openvpn 39624 TLS: tls_session_init: entry
    May 15 23:35:46 openvpn 39624 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
    May 15 23:35:46 openvpn 39624 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
    May 15 23:35:46 openvpn 39624 TLS: tls_session_init: new session object, sid=fcd5dc5e 754af44a
    May 15 23:35:46 openvpn 39624 TLS: tls_session_init: entry
    May 15 23:35:46 openvpn 39624 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
    May 15 23:35:46 openvpn 39624 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
    May 15 23:35:46 openvpn 39624 TLS: tls_session_init: new session object, sid=5905bae3 c14aa278
    May 15 23:35:46 openvpn 39624 Control Channel MTU parms [ L:1572 D:1170 EF:80 EB:0 ET:0 EL:3 ]
    May 15 23:35:46 openvpn 39624 MTU DYNAMIC mtu=1379, flags=2, 1572 -> 1379
    May 15 23:35:46 openvpn 39624 Data Channel MTU parms [ L:1572 D:1379 EF:72 EB:143 ET:0 EL:3 AF:3/1 ]
    May 15 23:35:46 openvpn 39624 Local Options String: 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-server'
    May 15 23:35:46 openvpn 39624 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client'
    May 15 23:35:46 openvpn 39624 Local Options hash (VER=V4): '165db97f'
    May 15 23:35:46 openvpn 39624 Expected Remote Options hash (VER=V4): '504bba81'
    May 15 23:35:46 openvpn 39624 STREAM: RESET
    May 15 23:35:46 openvpn 39624 STREAM: INIT maxlen=1575
    May 15 23:35:46 openvpn 39624 TCP connection established with [AF_INET]166.172.60.159:59737
    May 15 23:35:46 openvpn 39624 TCPv4_SERVER link local: [undef]
    May 15 23:35:46 openvpn 39624 TCPv4_SERVER link remote: [AF_INET]166.172.60.159:59737
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 SENT PING
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TIMER: coarse timer wakeup 1 seconds
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TLS: tls_multi_process: i=0 state=S_INITIAL, mysid=fcd5dc5e 754af44a, stored-sid=00000000 00000000, stored-ip=[AF_INET]166.172.60.159:59737
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TLS: tls_process: chg=0 ks=S_INITIAL lame=S_UNDEF to_link->len=0 wakeup=604800
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 ACK mark active outgoing ID 0
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TLS: Initial Handshake, sid=fcd5dc5e 754af44a
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 ACK reliable_can_send active=1 current=1 : [1] 0
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 SSL state (accept): before/accept initialization
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TLS: tls_process: chg=1 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 ACK reliable_can_send active=1 current=1 : [1] 0
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 ACK reliable_send_timeout 0 [1] 0
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TLS: tls_process: timeout set to 1
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=5905bae3 c14aa278, stored-sid=00000000 00000000, stored-ip=[undef]
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 RANDOM USEC=214946
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 SCHEDULE: schedule_add_modify wakeup=[Sun May 15 23:35:47 2016 us=824650] pri=0
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 MULTI TCP: instance added: 166.172.60.159:59737
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 MULTI TCP: multi_tcp_action a=TA_INITIAL p=0
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 MULTI TCP: multi_tcp_dispatch a=TA_INITIAL mi=0x801c70800
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 STREAM: SET NEXT, buf=[220,0] next=[220,1575] len=-1 maxlen=1575
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 PO_CTL rwflags=0x0001 ev=9 arg=0x801c70800
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=fcd5dc5e 754af44a, stored-sid=00000000 00000000, stored-ip=[AF_INET]166.172.60.159:59737
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 ACK reliable_can_send active=1 current=1 : [1] 0
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 ACK reliable_send_timeout 0 [1] 0
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TLS: tls_process: timeout set to 1
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=5905bae3 c14aa278, stored-sid=00000000 00000000, stored-ip=[undef]
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 STREAM: SET NEXT, buf=[220,0] next=[220,1575] len=-1 maxlen=1575
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 MULTI TCP: multi_tcp_post TA_INITIAL -> TA_UNDEF
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 SCHEDULE: schedule_find_least wakeup=[Sun May 15 23:35:47 2016 us=824650] pri=535345864
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 PO_WAIT[3,0] fd=9 rev=0x00000001 rwflags=0x0001 arg=0x801c70800 [scalable]
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 MULTI TCP: multi_tcp_action a=TA_SOCKET_READ p=0
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 MULTI TCP: multi_tcp_dispatch a=TA_SOCKET_READ mi=0x801c70800
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 STREAM: GET NEXT len=1575
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 STREAM: ADD length_added=218
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 Non-OpenVPN client protocol detected
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 PORT SHARE: sendmsg sd=9 len=218
    May 15 23:35:46 openvpn 39624 166.172.60.159:59737 SIGTERM[soft,port-share-redirect] received, client-instance exiting
    May 15 23:35:46 openvpn 39624 MULTI: multi_close_instance called
    May 15 23:35:46 openvpn 39624 PO_DEL ev=9
    May 15 23:35:46 openvpn 39624 PID packet_id_free
    May 15 23:35:46 openvpn 39624 PID packet_id_free
    May 15 23:35:46 openvpn 39624 PID packet_id_free
    May 15 23:35:46 openvpn 39624 PID packet_id_free
    May 15 23:35:46 openvpn 39624 PID packet_id_free
    May 15 23:35:46 openvpn 39624 PID packet_id_free
    May 15 23:35:46 openvpn 39624 PID packet_id_free
    May 15 23:35:46 openvpn 39624 PID packet_id_free
    May 15 23:35:46 openvpn 39624 TCP/UDP: Closing socket
    May 15 23:35:46 openvpn 39624 PID packet_id_free
    May 15 23:35:46 openvpn 39624 MULTI TCP: multi_tcp_post TA_SOCKET_READ -> TA_UNDEF
    May 15 23:35:46 openvpn 39624 SCHEDULE: schedule_find_least NULL
    May 15 23:35:47 openvpn 39624 PO_WAIT[0,0] fd=6 rev=0x00000001 rwflags=0x0001 arg=0x00000001 [scalable]
    May 15 23:35:47 openvpn 39624 MULTI: REAP range 32 -> 48
    May 15 23:35:47 openvpn 39624 MULTI: multi_create_instance called
    May 15 23:35:47 openvpn 39624 PO_INIT maxevents=4 flags=0x00000002
    May 15 23:35:47 openvpn 39624 Re-using SSL/TLS context
    May 15 23:35:47 openvpn 39624 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 68 bytes
    May 15 23:35:47 openvpn 39624 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 40 bytes
    May 15 23:35:47 openvpn 39624 LZO compression initialized
    May 15 23:35:47 openvpn 39624 TLS: tls_session_init: entry
    May 15 23:35:47 openvpn 39624 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
    May 15 23:35:47 openvpn 39624 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
    May 15 23:35:47 openvpn 39624 TLS: tls_session_init: new session object, sid=2d693e74 5b28b586
    May 15 23:35:47 openvpn 39624 TLS: tls_session_init: entry
    May 15 23:35:47 openvpn 39624 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
    May 15 23:35:47 openvpn 39624 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
    May 15 23:35:47 openvpn 39624 TLS: tls_session_init: new session object, sid=8778852e cf58d700
    May 15 23:35:47 openvpn 39624 Control Channel MTU parms [ L:1572 D:1170 EF:80 EB:0 ET:0 EL:3 ]
    May 15 23:35:47 openvpn 39624 MTU DYNAMIC mtu=1379, flags=2, 1572 -> 1379
    May 15 23:35:47 openvpn 39624 Data Channel MTU parms [ L:1572 D:1379 EF:72 EB:143 ET:0 EL:3 AF:3/1 ]
    May 15 23:35:47 openvpn 39624 Local Options String: 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-server'
    May 15 23:35:47 openvpn 39624 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client'
    May 15 23:35:47 openvpn 39624 Local Options hash (VER=V4): '165db97f'
    May 15 23:35:47 openvpn 39624 Expected Remote Options hash (VER=V4): '504bba81'
    May 15 23:35:47 openvpn 39624 STREAM: RESET
    May 15 23:35:47 openvpn 39624 STREAM: INIT maxlen=1575
    May 15 23:35:47 openvpn 39624 TCP connection established with [AF_INET]166.172.60.159:58183
    May 15 23:35:47 openvpn 39624 TCPv4_SERVER link local: [undef]
    May 15 23:35:47 openvpn 39624 TCPv4_SERVER link remote: [AF_INET]166.172.60.159:58183
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 SENT PING
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TIMER: coarse timer wakeup 1 seconds
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TLS: tls_multi_process: i=0 state=S_INITIAL, mysid=2d693e74 5b28b586, stored-sid=00000000 00000000, stored-ip=[AF_INET]166.172.60.159:58183
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TLS: tls_process: chg=0 ks=S_INITIAL lame=S_UNDEF to_link->len=0 wakeup=604800
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 ACK mark active outgoing ID 0
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TLS: Initial Handshake, sid=2d693e74 5b28b586
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 ACK reliable_can_send active=1 current=1 : [1] 0
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 SSL state (accept): before/accept initialization
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TLS: tls_process: chg=1 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 ACK reliable_can_send active=1 current=1 : [1] 0
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 ACK reliable_send_timeout 0 [1] 0
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TLS: tls_process: timeout set to 1
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8778852e cf58d700, stored-sid=00000000 00000000, stored-ip=[undef]
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 RANDOM USEC=218246
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 SCHEDULE: schedule_add_modify wakeup=[Sun May 15 23:35:49 2016 us=19504] pri=0
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 MULTI TCP: instance added: 166.172.60.159:58183
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 MULTI TCP: multi_tcp_action a=TA_INITIAL p=0
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 MULTI TCP: multi_tcp_dispatch a=TA_INITIAL mi=0x801c70800
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 STREAM: SET NEXT, buf=[220,0] next=[220,1575] len=-1 maxlen=1575
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 PO_CTL rwflags=0x0001 ev=9 arg=0x801c70800
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=2d693e74 5b28b586, stored-sid=00000000 00000000, stored-ip=[AF_INET]166.172.60.159:58183
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 ACK reliable_can_send active=1 current=1 : [1] 0
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 ACK reliable_send_timeout 0 [1] 0
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TLS: tls_process: timeout set to 1
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8778852e cf58d700, stored-sid=00000000 00000000, stored-ip=[undef]
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 STREAM: SET NEXT, buf=[220,0] next=[220,1575] len=-1 maxlen=1575
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 MULTI TCP: multi_tcp_post TA_INITIAL -> TA_UNDEF
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 SCHEDULE: schedule_find_least wakeup=[Sun May 15 23:35:49 2016 us=19504] pri=1032959891
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 PO_WAIT[3,0] fd=9 rev=0x00000001 rwflags=0x0001 arg=0x801c70800 [scalable]
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 MULTI TCP: multi_tcp_action a=TA_SOCKET_READ p=0
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 MULTI TCP: multi_tcp_dispatch a=TA_SOCKET_READ mi=0x801c70800
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 STREAM: GET NEXT len=1575
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 STREAM: ADD length_added=218
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 Non-OpenVPN client protocol detected
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 PORT SHARE: sendmsg sd=9 len=218
    May 15 23:35:47 openvpn 39624 166.172.60.159:58183 SIGTERM[soft,port-share-redirect] received, client-instance exiting
    May 15 23:35:47 openvpn 39624 MULTI: multi_close_instance called
    May 15 23:35:47 openvpn 39624 PO_DEL ev=9
    May 15 23:35:47 openvpn 39624 PID packet_id_free
    May 15 23:35:47 openvpn 39624 PID packet_id_free
    May 15 23:35:47 openvpn 39624 PID packet_id_free
    May 15 23:35:47 openvpn 39624 PID packet_id_free
    May 15 23:35:47 openvpn 39624 PID packet_id_free
    May 15 23:35:47 openvpn 39624 PID packet_id_free
    May 15 23:35:47 openvpn 39624 PID packet_id_free
    May 15 23:35:47 openvpn 39624 PID packet_id_free
    May 15 23:35:47 openvpn 39624 TCP/UDP: Closing socket
    May 15 23:35:47 openvpn 39624 PID packet_id_free
    May 15 23:35:47 openvpn 39624 MULTI TCP: multi_tcp_post TA_SOCKET_READ -> TA_UNDEF
    May 15 23:35:47 openvpn 39624 SCHEDULE: schedule_find_least NULL

    I ran tcpdump on the the firewall and the server and I see traffic being sent from the firewall to the server when a browser connects.  But the browser keeps complaining that the connection was reset by the host…  I did find this bug reported to the OpenVPN team https://community.openvpn.net/openvpn/ticket/336 stating that their maybe an issue with Port Sharing and OpenVPN 2.3.x.  It appears that OpenVPN 2.2.2 isn't affected...

    Two questions...
    1.  Is the bug I found the root of my issue and if so, is there a workaround?
    2.  Can I install OpenVPN 2.2.2 on Pfsense 2.3.1?

    Thanks
    Niten


  • LAYER 8 Global Moderator

    openvpn 2.2.2 – why would you want that.. 2.3.11 is current openvpn..

    Does it work on 2.3.. I don't use the port share option but I do listen on 443, so could forward it into something and test it.



  • Maybe the port share issue noted fixed in OpenVPN 2.3.11?
    https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23

    we bumped 2.3.1 to OpenVPN 2.3.11 today, it'll be in the next snapshot run finished within the next hour or so.



  • @johnpoz:

    openvpn 2.2.2 – why would you want that.. 2.3.11 is current openvpn..

    Does it work on 2.3.. I don't use the port share option but I do listen on 443, so could forward it into something and test it.

    From the OpenVPN bug report, one of the reporters stated that it worked with 2.2.2… that's why I wanted to go back...



  • @cmb:

    Maybe the port share issue noted fixed in OpenVPN 2.3.11?
    https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23

    we bumped 2.3.1 to OpenVPN 2.3.11 today, it'll be in the next snapshot run finished within the next hour or so.

    I'll give it a shot and report back…

    Thanks!



  • I don't think it's a OpenVPN 2.3.x bug because it works fine on pfSense 2.3 (where OpenVPN version should be 2.3.9).

    I have OpenVPN server on port 443 shared with a nginx server in LAN.



  • @cmb:

    Maybe the port share issue noted fixed in OpenVPN 2.3.11?
    https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23

    we bumped 2.3.1 to OpenVPN 2.3.11 today, it'll be in the next snapshot run finished within the next hour or so.

    I upgraded this morning and no joy… the browser still complains that the connection is reset.

    @Gabri.91:

    I don't think it's a OpenVPN 2.3.x bug because it works fine on pfSense 2.3 (where OpenVPN version should be 2.3.9).

    I have OpenVPN server on port 443 shared with a nginx server in LAN.

    Can you share with me how you have set yours up?  Mine was working flawlessly until I upgraded to Pfsense 2.3…  my pfsense box is 192.168.25.1 and my webserver on 192.168.25.25.  Now when a non open vpn client connects, the browser complains that the connection has been reset.  If I setup a straight port forward it works.

    Thanks for your help



  • See attachments, I have two internal networks: 192.168.5.0/24 and 192.168.6.0/24
    nginx webserver used in portshare it's 192.168.6.2







Log in to reply