Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenVPN running but dashboard says no #2010

Closed
borisneubert opened this issue Dec 21, 2017 · 3 comments
Closed

OpenVPN running but dashboard says no #2010

borisneubert opened this issue Dec 21, 2017 · 3 comments

Comments

@borisneubert
Copy link

OPNsense 17.7.10-amd64
FreeBSD 11.0-RELEASE-p17

root@opnsense:~ # ps ax|grep openvpn
42860  -  Ss     0:00.81 /usr/local/sbin/openvpn --config /var/etc/openvpn/client1.conf

OpenVPN is running but the Dashboard show the red icon and the OpenVPN widget says "Unable to contact daemon Service not running?"

This is an intermittent issue. The red icon and message stay for some time (minutes?), then I see the green icon for a while, and then it's back to red. I update the Dashboard frequently by clicking on the OPNsense logo.
@fichtner
Copy link
Member

Same as #1931 I think.

@borisneubert
Copy link
Author

This could be. For me OpenVPN was stable since 18:54 but the icon was red. I had a reconnect for no obvious reason at 19:22 (three attempts required) and then the icon turned green and stayed green. Actually no flapping like in #1931 but the issues seems to occur after reboot.

...
Dec 21 18:54:44 opnsense openvpn[42860]: OPTIONS IMPORT: adjusting link_mtu to 1625
Dec 21 18:54:44 opnsense openvpn[42860]: OPTIONS IMPORT: data channel crypto options modified
Dec 21 18:54:44 opnsense openvpn[42860]: Data Channel: using negotiated cipher 'AES-256-GCM'
Dec 21 18:54:44 opnsense openvpn[42860]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Dec 21 18:54:44 opnsense openvpn[42860]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Dec 21 18:54:44 opnsense openvpn[42860]: Preserving previous TUN/TAP instance: ovpnc1
Dec 21 18:54:44 opnsense openvpn[42860]: Initialization Sequence Completed
Dec 21 19:22:33 opnsense openvpn[90857]: OpenVPN 2.4.4 amd64-portbld-freebsd11.0 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Oct  3 2017
Dec 21 19:22:33 opnsense openvpn[90857]: library versions: OpenSSL 1.0.2n  7 Dec 2017, LZO 2.10
Dec 21 19:22:33 opnsense openvpn[91095]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
Dec 21 19:22:33 opnsense openvpn[91095]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Dec 21 19:22:33 opnsense openvpn[91095]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 21 19:22:33 opnsense openvpn[91095]: Initializing OpenSSL support for engine 'rdrand'
Dec 21 19:22:33 opnsense openvpn[91095]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 21 19:22:33 opnsense openvpn[91095]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
...

@AdSchellevis
Copy link
Member

duplicate

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@fichtner @borisneubert @AdSchellevis