OpenConnect Startup - deletion failed for interface

[imidoriya]

I'm getting this error on startup, which appears to prevent OpenConnect from starting. I have to start it manually.

kernel: ocvpn0: link state changed to DOWN
kernel: ifa_maintain_loopback_route: deletion failed for interface ocvpn0: 3
kernel: OK
kernel: tun30000: changing name to 'ocvpn0'
kernel: tun30000: link state changed to UP

I'm trying to understand how best to NAT. In this documentation, it states to use the OpenConnect "interface" (which doesn't show up as an Interface, but does show up under Firewall Rules). However, in other places 1, 2, it is suggested creating an interface and locking it. But then you end up with two things under Firewall rules. I just need this thing to be persistent after reboot where it starts up automatically and NAT rules apply.

[chriscorns]

I have the same problem and the same messages in error log in my test installation: OpenConnect could not start automaticly after startup. I use the last version 19.7.3. What is the problem? I also tried to setup OPNsense without explicitly assigning the interface ocvpn0...

Sep  9 16:05:58 OPNsense kernel: OK
Sep  9 16:06:00 OPNsense kernel: tun30000: link state changed to UP
Sep  9 16:06:04 OPNsense kernel: tun30000: changing name to 'ocvpn0'
Sep  9 16:06:05 OPNsense monit[77410]: Starting Monit 5.26.0 daemon with http interface at /var/run/monit.sock 
Sep  9 16:06:05 OPNsense monit[46259]: Monit will delay for 120s on first start after reboot ... 
Sep  9 16:06:05 OPNsense kernel: ipfw2 (+ipv6) initialized, divert loadable, nat loadable, default to accept, logging disabled
Sep  9 16:06:05 OPNsense kernel: DUMMYNET 0 with IPv6 initialized (100409)
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched FIFO loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched QFQ loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched RR loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched WF2Q+ loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched PRIO loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched FQ_CODEL loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched FQ_PIE loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_aqm dn_aqm CODEL loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_aqm dn_aqm PIE loaded
Sep  9 16:06:05 OPNsense kernel: Bump sched buckets to 256 (was 0)
Sep  9 16:06:05 OPNsense kernel: Bump sched buckets to 256 (was 0)
Sep  9 16:06:07 OPNsense kernel: OK
Sep  9 16:06:08 OPNsense kernel: SHA256 93 E3 6E 71 1B 17 F1 39 EE 1A 87 BA 77 7A 8C 55
Sep  9 16:06:08 OPNsense kernel: ifa_maintain_loopback_route: deletion failed for interface ocvpn0: 3
Sep  9 16:06:08 OPNsense kernel: ocvpn0: link state changed to DOWN

A manual start is no problem:

Sep  9 16:34:46 OPNsense kernel: ocvpn0: link state changed to UP

@mimugmail: Can you have a look at the issue next time, please? THX

[onlineque]

Having the same here (OPNsense 21.7.1-amd64):

Aug 26 00:57:36 zwartedoos opnsense[62535]: plugins_configure openvpn_prepare (,ocvpn0)
Aug 26 00:57:36 zwartedoos opnsense[62535]: plugins_configure openvpn_prepare (execute task : openvpn_prepare(,ocvpn0))
Aug 26 00:57:36 zwartedoos opnsense[62535]: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'ocvpn0' inet6 -accept_rtadv' returned exit code '1', the output was 'ifconfig: interface ocvpn0 does not exist'
Aug 26 00:57:36 zwartedoos opnsense[62535]: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'ocvpn0' -staticarp' returned exit code '1', the output was 'ifconfig: interface ocvpn0 does not exist'
Aug 26 00:58:28 zwartedoos kernel: tun30000: changing name to 'ocvpn0'
Aug 26 00:58:38 zwartedoos kernel: ocvpn0: deletion failed: 3
Aug 26 00:58:38 zwartedoos kernel: ocvpn0: link state changed to DOWN

[mimugmail]

Having the same here (OPNsense 21.7.1-amd64):

Aug 26 00:57:36 zwartedoos opnsense[62535]: plugins_configure openvpn_prepare (,ocvpn0)
Aug 26 00:57:36 zwartedoos opnsense[62535]: plugins_configure openvpn_prepare (execute task : openvpn_prepare(,ocvpn0))
Aug 26 00:57:36 zwartedoos opnsense[62535]: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'ocvpn0' inet6 -accept_rtadv' returned exit code '1', the output was 'ifconfig: interface ocvpn0 does not exist'
Aug 26 00:57:36 zwartedoos opnsense[62535]: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'ocvpn0' -staticarp' returned exit code '1', the output was 'ifconfig: interface ocvpn0 does not exist'
Aug 26 00:58:28 zwartedoos kernel: tun30000: changing name to 'ocvpn0'
Aug 26 00:58:38 zwartedoos kernel: ocvpn0: deletion failed: 3
Aug 26 00:58:38 zwartedoos kernel: ocvpn0: link state changed to DOWN

This looks like a different error, did you assign the interface?

[onlineque]

Definitely, and If I try to connect it manually once opnsense is up, it works perfectly, without any issue. Or, to be exact, I always need to connect twice to be connected. The first attempt fails everytime. Maybe it's due to the fact there's Okta 2FA on the server side - and even if I do the 2FA, it fails for the first time from unknown reason...

[mimugmail]

Can you follow the display output during startup?

[onlineque]

Definitely, I will put the output here in the evening, I cannot reboot the firewall during the workday.

[onlineque]

Here the complete log during the startup; normally I am just asked to supply 2FA (to confirm the access in Okta application) during the openconnect is started; shortly after that, when the machines is booted up I can even see that the IP for that VPN connection (ocvpn0) has been assigned, but then it probably fails somehow and disconnects...
Maybe it has some relation to the fact I already mentioned, that even after opnsense is booted up, and I try to connect manually, I have to connect two times in a row (for the first time it fails, the for the second time it always works).

Aug 27 23:43:33 zwartedoos kernel: ---<>---
Aug 27 23:43:33 zwartedoos kernel: Copyright (c) 2013-2019 The HardenedBSD Project.
Aug 27 23:43:33 zwartedoos kernel: Copyright (c) 1992-2019 The FreeBSD Project.
Aug 27 23:43:33 zwartedoos kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
Aug 27 23:43:33 zwartedoos kernel: The Regents of the University of California. All rights reserved.
Aug 27 23:43:33 zwartedoos kernel: FreeBSD is a registered trademark of The FreeBSD Foundation.
Aug 27 23:43:33 zwartedoos kernel: FreeBSD 12.1-RELEASE-p19-HBSD #0 f692db99f3c(stable/21.7)-dirty: Mon Aug 2 13:29:29 CEST 2021
Aug 27 23:43:33 zwartedoos kernel: root@sensey:/usr/obj/usr/src/amd64.amd64/sys/SMP amd64
Aug 27 23:43:33 zwartedoos kernel: FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1)
Aug 27 23:43:33 zwartedoos kernel: VT(vga): text 80x25
Aug 27 23:43:33 zwartedoos kernel: HardenedBSD: initialize and check features (__HardenedBSD_version 1200059 __FreeBSD_version 1201000).
Aug 27 23:43:33 zwartedoos kernel: CPU: Intel Core Processor (Haswell, no TSX, IBRS) (2500.07-MHz K8-class CPU)
Aug 27 23:43:33 zwartedoos kernel: Origin="GenuineIntel" Id=0x306c1 Family=0x6 Model=0x3c Stepping=1
Aug 27 23:43:33 zwartedoos kernel: Features=0xf83fbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE,SSE2,SS>
Aug 27 23:43:33 zwartedoos kernel: Features2=0xfffa3223<SSE3,PCLMULQDQ,VMX,SSSE3,FMA,CX16,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,TSCDLT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND,HV>
Aug 27 23:43:33 zwartedoos kernel: AMD Features=0x2c100800<SYSCALL,NX,Page1GB,RDTSCP,LM>
Aug 27 23:43:33 zwartedoos kernel: AMD Features2=0x21<LAHF,ABM>
Aug 27 23:43:33 zwartedoos kernel: Structured Extended Features=0x7ab<FSGSBASE,TSCADJ,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID>
Aug 27 23:43:33 zwartedoos kernel: Structured Extended Features2=0x4
Aug 27 23:43:33 zwartedoos kernel: Structured Extended Features3=0xac000400<MD_CLEAR,IBPB,STIBP,ARCH_CAP,SSBD>
Aug 27 23:43:33 zwartedoos kernel: XSAVE Features=0x1
Aug 27 23:43:33 zwartedoos kernel: IA32_ARCH_CAPS=0x48<SKIP_L1DFL_VME>
Aug 27 23:43:33 zwartedoos kernel: AMD Extended Feature Extensions ID EBX=0x100d000
Aug 27 23:43:33 zwartedoos kernel: VT-x: PAT,HLT,MTF,PAUSE,EPT,UG,VPID,VID,PostIntr
Aug 27 23:43:33 zwartedoos kernel: Hypervisor: Origin = "KVMKVMKVM"
Aug 27 23:43:33 zwartedoos kernel: real memory = 4294967296 (4096 MB)
Aug 27 23:43:33 zwartedoos kernel: avail memory = 4097003520 (3907 MB)
Aug 27 23:43:33 zwartedoos kernel: Event timer "LAPIC" quality 600
Aug 27 23:43:33 zwartedoos kernel: ACPI APIC Table:
Aug 27 23:43:33 zwartedoos kernel: random: unblocking device.
Aug 27 23:43:33 zwartedoos kernel: ioapic0 <Version 1.1> irqs 0-23 on motherboard
Aug 27 23:43:33 zwartedoos kernel: Timecounter "TSC-low" frequency 1250033924 Hz quality 800
Aug 27 23:43:33 zwartedoos kernel: wlan: mac acl policy registered
Aug 27 23:43:33 zwartedoos kernel: random: entropy device external interface
Aug 27 23:43:33 zwartedoos kernel: kbd1 at kbdmux0
Aug 27 23:43:33 zwartedoos kernel: module_register_init: MOD_LOAD (vesa, 0xffffffff812907f0, 0) error 19
Aug 27 23:43:33 zwartedoos kernel: random: registering fast source Intel Secure Key RNG
Aug 27 23:43:33 zwartedoos kernel: random: fast provider: "Intel Secure Key RNG"
Aug 27 23:43:33 zwartedoos kernel: 000.000050 [4344] netmap_init netmap: loaded module
Aug 27 23:43:33 zwartedoos kernel: [ath_hal] loaded
Aug 27 23:43:33 zwartedoos kernel: nexus0
Aug 27 23:43:33 zwartedoos kernel: vtvga0: on motherboard
Aug 27 23:43:33 zwartedoos kernel: cryptosoft0: on motherboard
Aug 27 23:43:33 zwartedoos kernel: acpi0: on motherboard
Aug 27 23:43:33 zwartedoos kernel: acpi0: Power Button (fixed)
Aug 27 23:43:33 zwartedoos kernel: cpu0: on acpi0
Aug 27 23:43:33 zwartedoos kernel: atrtc0: port 0x70-0x71,0x72-0x77 irq 8 on acpi0
Aug 27 23:43:33 zwartedoos kernel: atrtc0: registered as a time-of-day clock, resolution 1.000000s
Aug 27 23:43:33 zwartedoos kernel: Event timer "RTC" frequency 32768 Hz quality 0
Aug 27 23:43:33 zwartedoos kernel: Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
Aug 27 23:43:33 zwartedoos kernel: acpi_timer0: <24-bit timer at 3.579545MHz> port 0x608-0x60b on acpi0
Aug 27 23:43:33 zwartedoos kernel: pcib0: port 0xcf8-0xcff on acpi0
Aug 27 23:43:33 zwartedoos kernel: pci0: on pcib0
Aug 27 23:43:33 zwartedoos kernel: isab0: at device 1.0 on pci0
Aug 27 23:43:33 zwartedoos kernel: isa0: on isab0
Aug 27 23:43:33 zwartedoos kernel: atapci0: port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xc180-0xc18f at device 1.1 on pci0
Aug 27 23:43:33 zwartedoos kernel: ata0: at channel 0 on atapci0
Aug 27 23:43:33 zwartedoos kernel: ata1: at channel 1 on atapci0
Aug 27 23:43:33 zwartedoos kernel: pci0: at device 1.3 (no driver attached)
Aug 27 23:43:33 zwartedoos kernel: vgapci0: port 0xc080-0xc09f mem 0xf4000000-0xf7ffffff,0xf8000000-0xfbffffff,0xfc0d4000-0xfc0d5fff irq 10 at device 2.0 on pci0
Aug 27 23:43:33 zwartedoos kernel: vgapci0: Boot video device
Aug 27 23:43:33 zwartedoos kernel: virtio_pci0: port 0xc0a0-0xc0bf mem 0xfc0d6000-0xfc0d6fff,0xfebe8000-0xfebebfff irq 11 at device 3.0 on pci0
Aug 27 23:43:33 zwartedoos kernel: vtnet0: on virtio_pci0
Aug 27 23:43:33 zwartedoos kernel: vtnet0: Ethernet address: 52:54:00:1c:e1:35
Aug 27 23:43:33 zwartedoos kernel: vtnet0: netmap queues/slots: TX 1/256, RX 1/128
Aug 27 23:43:33 zwartedoos kernel: 000.000758 [ 450] vtnet_netmap_attach vtnet attached txq=1, txd=256 rxq=1, rxd=128
Aug 27 23:43:33 zwartedoos kernel: virtio_pci1: port 0xc0c0-0xc0df mem 0xfc0d7000-0xfc0d7fff,0xfebec000-0xfebeffff irq 11 at device 4.0 on pci0
Aug 27 23:43:33 zwartedoos kernel: vtnet1: on virtio_pci1
Aug 27 23:43:33 zwartedoos kernel: vtnet1: Ethernet address: 52:54:00:3e:5a:12
Aug 27 23:43:33 zwartedoos kernel: vtnet1: netmap queues/slots: TX 1/256, RX 1/128
Aug 27 23:43:33 zwartedoos kernel: 000.000759 [ 450] vtnet_netmap_attach vtnet attached txq=1, txd=256 rxq=1, rxd=128
Aug 27 23:43:33 zwartedoos kernel: hdac0: <Intel 82801F HDA Controller> mem 0xfc0d0000-0xfc0d3fff irq 10 at device 5.0 on pci0
Aug 27 23:43:33 zwartedoos kernel: uhci0: <Intel 82801I (ICH9) USB controller> port 0xc0e0-0xc0ff irq 10 at device 6.0 on pci0
Aug 27 23:43:33 zwartedoos kernel: usbus0 on uhci0
Aug 27 23:43:33 zwartedoos kernel: uhci1: <Intel 82801I (ICH9) USB controller> port 0xc100-0xc11f irq 11 at device 6.1 on pci0
Aug 27 23:43:33 zwartedoos kernel: usbus1 on uhci1
Aug 27 23:43:33 zwartedoos kernel: uhci2: <Intel 82801I (ICH9) USB controller> port 0xc120-0xc13f irq 11 at device 6.2 on pci0
Aug 27 23:43:33 zwartedoos kernel: usbus2 on uhci2
Aug 27 23:43:33 zwartedoos kernel: ehci0: <Intel 82801I (ICH9) USB 2.0 controller> mem 0xfc0d8000-0xfc0d8fff irq 10 at device 6.7 on pci0
Aug 27 23:43:33 zwartedoos kernel: usbus3: EHCI version 1.0
Aug 27 23:43:33 zwartedoos kernel: usbus3 on ehci0
Aug 27 23:43:33 zwartedoos kernel: virtio_pci2: port 0xc000-0xc03f mem 0xfc0d9000-0xfc0d9fff,0xfebf0000-0xfebf3fff irq 11 at device 7.0 on pci0
Aug 27 23:43:33 zwartedoos kernel: virtio_pci3: port 0xc040-0xc07f mem 0xfc0da000-0xfc0dafff,0xfebf4000-0xfebf7fff irq 11 at device 8.0 on pci0
Aug 27 23:43:33 zwartedoos kernel: vtblk0: on virtio_pci3
Aug 27 23:43:33 zwartedoos kernel: vtblk0: 40960MB (83886080 512 byte sectors)
Aug 27 23:43:33 zwartedoos kernel: virtio_pci4: port 0xc140-0xc15f mem 0xfebf8000-0xfebfbfff irq 10 at device 9.0 on pci0
Aug 27 23:43:33 zwartedoos kernel: vtballoon0: on virtio_pci4
Aug 27 23:43:33 zwartedoos kernel: virtio_pci5: port 0xc160-0xc17f mem 0xfc0db000-0xfc0dbfff,0xfebfc000-0xfebfffff irq 10 at device 10.0 on pci0
Aug 27 23:43:33 zwartedoos kernel: vtnet2: on virtio_pci5
Aug 27 23:43:33 zwartedoos kernel: vtnet2: Ethernet address: 52:54:00:58:e7:37
Aug 27 23:43:33 zwartedoos kernel: vtnet2: netmap queues/slots: TX 1/256, RX 1/128
Aug 27 23:43:33 zwartedoos kernel: 000.000766 [ 450] vtnet_netmap_attach vtnet attached txq=1, txd=256 rxq=1, rxd=128
Aug 27 23:43:33 zwartedoos kernel: acpi_syscontainer0: on acpi0
Aug 27 23:43:33 zwartedoos kernel: acpi_syscontainer1: port 0xaf00-0xaf0b on acpi0
Aug 27 23:43:33 zwartedoos kernel: acpi_syscontainer2: port 0xafe0-0xafe3 on acpi0
Aug 27 23:43:33 zwartedoos kernel: acpi_syscontainer3: port 0xae00-0xae13 on acpi0
Aug 27 23:43:33 zwartedoos kernel: atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0
Aug 27 23:43:33 zwartedoos kernel: atkbd0: irq 1 on atkbdc0
Aug 27 23:43:33 zwartedoos kernel: kbd0 at atkbd0
Aug 27 23:43:33 zwartedoos kernel: atkbd0: [GIANT-LOCKED]
Aug 27 23:43:33 zwartedoos kernel: psm0: <PS/2 Mouse> irq 12 on atkbdc0
Aug 27 23:43:33 zwartedoos kernel: psm0: [GIANT-LOCKED]
Aug 27 23:43:33 zwartedoos kernel: psm0: model IntelliMouse Explorer, device ID 4
Aug 27 23:43:33 zwartedoos kernel: fdc0: <floppy drive controller (FDE)> port 0x3f2-0x3f5,0x3f7 irq 6 drq 2 on acpi0
Aug 27 23:43:33 zwartedoos kernel: fdc0: does not respond
Aug 27 23:43:33 zwartedoos kernel: device_attach: fdc0 attach returned 6
Aug 27 23:43:33 zwartedoos kernel: uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
Aug 27 23:43:33 zwartedoos kernel: orm0: at iomem 0xe9800-0xeffff pnpid ORM0000 on isa0
Aug 27 23:43:33 zwartedoos kernel: vga0: at port 0x3c0-0x3df iomem 0xa0000-0xbffff pnpid PNP0900 on isa0
Aug 27 23:43:33 zwartedoos kernel: attimer0: at port 0x40 on isa0
Aug 27 23:43:33 zwartedoos kernel: Timecounter "i8254" frequency 1193182 Hz quality 0
Aug 27 23:43:33 zwartedoos kernel: Event timer "i8254" frequency 1193182 Hz quality 100
Aug 27 23:43:33 zwartedoos kernel: fdc0: No FDOUT register!
Aug 27 23:43:33 zwartedoos kernel: Timecounters tick every 10.000 msec
Aug 27 23:43:33 zwartedoos kernel: hdacc0: <Generic (0x1af40022) HDA CODEC> at cad 0 on hdac0
Aug 27 23:43:33 zwartedoos kernel: hdaa0: <Generic (0x1af40022) Audio Function Group> at nid 1 on hdacc0
Aug 27 23:43:33 zwartedoos kernel: pcm0: <Generic (0x1af40022) (Analog)> at nid 3 and 5 on hdaa0
Aug 27 23:43:33 zwartedoos kernel: usbus0: 12Mbps Full Speed USB v1.0
Aug 27 23:43:33 zwartedoos kernel: usbus1: 12Mbps Full Speed USB v1.0
Aug 27 23:43:33 zwartedoos kernel: usbus2: 12Mbps Full Speed USB v1.0
Aug 27 23:43:33 zwartedoos kernel: usbus3: 480Mbps High Speed USB v2.0
Aug 27 23:43:33 zwartedoos kernel: ugen0.1: at usbus0
Aug 27 23:43:33 zwartedoos kernel: uhub0: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0
Aug 27 23:43:33 zwartedoos kernel: ugen2.1: at usbus2
Aug 27 23:43:33 zwartedoos kernel: uhub1: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus2
Aug 27 23:43:33 zwartedoos kernel: ugen1.1: at usbus1
Aug 27 23:43:33 zwartedoos kernel: uhub2: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus1
Aug 27 23:43:33 zwartedoos kernel: ugen3.1: at usbus3
Aug 27 23:43:33 zwartedoos kernel: uhub3: <Intel EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus3
Aug 27 23:43:33 zwartedoos kernel: cd0 at ata0 bus 0 scbus0 target 0 lun 0
Aug 27 23:43:33 zwartedoos kernel: cd0: <QEMU QEMU DVD-ROM 2.5+> Removable CD-ROM SCSI device
Aug 27 23:43:33 zwartedoos kernel: cd0: Serial Number QM00001
Aug 27 23:43:33 zwartedoos kernel: cd0: 16.700MB/s transfers (WDMA2, ATAPI 12bytes, PIO 65534bytes)
Aug 27 23:43:33 zwartedoos kernel: cd0: Attempt to query device size failed: NOT READY, Medium not present
Aug 27 23:43:33 zwartedoos kernel: Trying to mount root from ufs:/dev/gpt/rootfs [rw]...
Aug 27 23:43:33 zwartedoos kernel: uhub0: 2 ports with 2 removable, self powered
Aug 27 23:43:33 zwartedoos kernel: uhub1: 2 ports with 2 removable, self powered
Aug 27 23:43:33 zwartedoos kernel: uhub2: 2 ports with 2 removable, self powered
Aug 27 23:43:33 zwartedoos kernel: uhub3: 6 ports with 6 removable, self powered
Aug 27 23:43:33 zwartedoos kernel: intsmb0: irq 9 at device 1.3 on pci0
Aug 27 23:43:33 zwartedoos kernel: intsmb0: intr IRQ 9 enabled revision 0
Aug 27 23:43:33 zwartedoos kernel: smbus0: on intsmb0
Aug 27 23:43:33 zwartedoos kernel: lo0: link state changed to UP
Aug 27 23:43:33 zwartedoos kernel: aesni0: <AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS> on motherboard
Aug 27 23:43:33 zwartedoos syslog-ng[57940]: syslog-ng starting up; version='3.33.2'
Aug 27 23:43:33 zwartedoos kernel: done.
Aug 27 23:43:33 zwartedoos opnsense[54740]: plugins_configure loopback_prepare (1)
Aug 27 23:43:33 zwartedoos kernel: done.
Aug 27 23:43:33 zwartedoos opnsense[54740]: plugins_configure loopback_prepare (execute task : loopback_configure_interface(1))
Aug 27 23:43:33 zwartedoos opnsense[54740]: plugins_configure openvpn_prepare (1)
Aug 27 23:43:33 zwartedoos opnsense[54740]: plugins_configure openvpn_prepare (execute task : openvpn_prepare(1))
Aug 27 23:43:34 zwartedoos kernel:
Aug 27 23:43:34 zwartedoos kernel: tun1: changing name to 'ovpns1'
Aug 27 23:43:34 zwartedoos kernel: tun3: changing name to 'ovpnc3'
Aug 27 23:43:34 zwartedoos kernel: tun2: changing name to 'ovpnc2'
Aug 27 23:43:34 zwartedoos kernel: tun4: changing name to 'ovpnc4'
Aug 27 23:43:34 zwartedoos kernel:
Aug 27 23:43:34 zwartedoos kernel: vtnet2: link state changed to UP
Aug 27 23:43:34 zwartedoos kernel:
Aug 27 23:43:34 zwartedoos kernel: vtnet0: link state changed to UP
Aug 27 23:43:34 zwartedoos opnsense[54740]: plugins_configure openvpn_prepare (,ocvpn0)
Aug 27 23:43:34 zwartedoos kernel: done.
Aug 27 23:43:34 zwartedoos opnsense[54740]: plugins_configure openvpn_prepare (execute task : openvpn_prepare(,ocvpn0))
Aug 27 23:43:34 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'ocvpn0' inet6 -accept_rtadv' returned exit code '1', the output was 'ifconfig: interface ocvpn0 does not exist'
Aug 27 23:43:34 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'ocvpn0' -staticarp' returned exit code '1', the output was 'ifconfig: interface ocvpn0 does not exist'
Aug 27 23:43:34 zwartedoos kernel:
Aug 27 23:43:34 zwartedoos kernel: vtnet1: link state changed to UP
Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The command `/sbin/ifconfig 'gif0' destroy' failed to execute
Aug 27 23:43:35 zwartedoos kernel:
Aug 27 23:43:35 zwartedoos kernel: gif0: link state changed to UP
Aug 27 23:43:35 zwartedoos kernel: done.
Aug 27 23:43:35 zwartedoos kernel: gif0: link state changed to DOWN
Aug 27 23:43:35 zwartedoos kernel: gif0: link state changed to UP
Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: entering configure using 'opt1'
Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: IPv4 default gateway set to wan
Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: skipping IPv4 default route
Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: IPv6 default gateway set to opt1
Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: setting IPv6 default route to 2001:666:6e:940::1
Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: creating /tmp/gif0_defaultgwv6 using '2001:666:6e:940::1'
Aug 27 23:43:35 zwartedoos opnsense[54740]: plugins_configure ipsec_prepare (1)
Aug 27 23:43:35 zwartedoos kernel: done.
Aug 27 23:43:35 zwartedoos opnsense[54740]: plugins_configure ipsec_prepare (execute task : ipsec_configure_vti(1))
Aug 27 23:43:35 zwartedoos opnsense[54740]: plugins_configure vxlan_prepare (1)
Aug 27 23:43:35 zwartedoos opnsense[54740]: plugins_configure vxlan_prepare (execute task : vxlan_configure_interface(1))
Aug 27 23:43:35 zwartedoos kernel: ...
Aug 27 23:43:36 zwartedoos kernel: ..
Aug 27 23:43:36 zwartedoos opnsense[54740]: plugins_configure early (1)
Aug 27 23:43:36 zwartedoos kernel: done.
Aug 27 23:43:36 zwartedoos kernel: pflog0: permanently promiscuous mode enabled
Aug 27 23:43:36 zwartedoos opnsense[54740]: plugins_configure early (execute task : openssh_configure_do(1))
Aug 27 23:43:36 zwartedoos opnsense[54740]: plugins_configure early (execute task : unbound_cache_flush(1))
Aug 27 23:43:36 zwartedoos kernel: done.
Aug 27 23:43:36 zwartedoos sshd[79858]: Server listening on ::1 port 22.
Aug 27 23:43:36 zwartedoos sshd[79858]: Server listening on 127.0.0.1 port 22.
Aug 27 23:43:36 zwartedoos sshd[79858]: Server listening on 2001:666:6f:940::1 port 22.
Aug 27 23:43:36 zwartedoos sshd[79858]: Server listening on 192.168.100.200 port 22.
Aug 27 23:43:36 zwartedoos opnsense[54740]: plugins_configure early (execute task : webgui_configure_do(1))
Aug 27 23:43:36 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: entering configure using defaults
Aug 27 23:43:36 zwartedoos kernel: done.
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: IPv4 default gateway set to wan
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: setting IPv4 default route to 192.168.17.1
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: creating /tmp/vtnet1_defaultgw using '192.168.17.1'
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: IPv6 default gateway set to opt1
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: setting IPv6 default route to 2001:666:6e:940::1
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: keeping current default gateway '2001:666:6e:940::1'
Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure hosts ()
Aug 27 23:43:37 zwartedoos kernel: done.
Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure hosts (execute task : dnsmasq_hosts_generate())
Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure hosts (execute task : unbound_hosts_generate())
Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dhcp (1)
Aug 27 23:43:37 zwartedoos kernel: done.
Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dhcp (execute task : dhcpd_dhcp_configure(1))
Aug 27 23:43:37 zwartedoos kernel: done.
Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dhcrelay (1)
Aug 27 23:43:37 zwartedoos kernel: done.
Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dhcrelay (execute task : dhcpd_dhcrelay_configure(1))
Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dns (1)
Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dns (execute task : dnsmasq_configure_do(1))
Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dns (execute task : unbound_configure_do(1))
Aug 27 23:43:37 zwartedoos kernel: done.
Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure monitor (1)
Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure monitor (execute task : dpinger_configure_do(1))
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping.
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The ROBOTICT_VPNV6 monitor address is empty, skipping.
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The ROBOTICT_VPNV4 monitor address is empty, skipping.
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The CRYPKIT_VPNV6 monitor address is empty, skipping.
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The CRYPKIT_VPNV4 monitor address is empty, skipping.
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The PRIVAMED_VPNV6 monitor address is empty, skipping.
Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The PRIVAMED_VPNV4 monitor address is empty, skipping.
Aug 27 23:43:37 zwartedoos kernel: done.
Aug 27 23:43:37 zwartedoos kernel: ...
Aug 27 23:43:38 zwartedoos kernel: ..
Aug 27 23:43:38 zwartedoos kernel: done.
Aug 27 23:43:39 zwartedoos opnsense[54740]: plugins_configure vpn (1)
Aug 27 23:43:39 zwartedoos kernel: done.
Aug 27 23:43:39 zwartedoos opnsense[54740]: plugins_configure vpn (execute task : ipsec_configure_do(1))
Aug 27 23:43:41 zwartedoos opnsense[54740]: plugins_configure vpn (execute task : openvpn_configure_do(1))
Aug 27 23:43:41 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: Resyncing OpenVPN instances.
Aug 27 23:43:41 zwartedoos kernel:
Aug 27 23:43:41 zwartedoos kernel: ovpns1: link state changed to UP
Aug 27 23:43:41 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: OpenVPN server 1 instance started on PID 67721.
Aug 27 23:43:42 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: OpenVPN client 3 instance started on PID 23794.
Aug 27 23:43:42 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: OpenVPN client 2 instance started on PID 73110.
Aug 27 23:43:42 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: OpenVPN client 4 instance started on PID 20933.
Aug 27 23:43:42 zwartedoos opnsense[54740]: plugins_configure bootup (1)
Aug 27 23:43:42 zwartedoos opnsense[54740]: plugins_configure bootup (execute task : dyndns_configure_do(1))
Aug 27 23:43:42 zwartedoos opnsense[54740]: plugins_configure bootup (execute task : ntpd_configure_do(1))
Aug 27 23:43:42 zwartedoos kernel:
Aug 27 23:43:42 zwartedoos kernel: ovpnc3: link state changed to UP
Aug 27 23:43:43 zwartedoos opnsense[49743]: /usr/local/etc/rc.newwanip: IP renewal deferred during boot on 'ovpns1'
Aug 27 23:43:43 zwartedoos opnsense[87257]: /usr/local/etc/rc.newwanip: IP renewal deferred during boot on 'ovpnc3'
Aug 27 23:43:43 zwartedoos opnsense[54740]: plugins_configure bootup (execute task : opendns_configure_do(1))
Aug 27 23:43:43 zwartedoos opnsense[54740]: plugins_configure bootup (execute task : unbound_configure_do(1))
Aug 27 23:43:43 zwartedoos kernel: done.
Aug 27 23:43:43 zwartedoos kernel:
Aug 27 23:43:43 zwartedoos kernel: ovpnc4: link state changed to UP
Aug 27 23:43:44 zwartedoos opnsense[72167]: /usr/local/etc/rc.newwanip: IP renewal deferred during boot on 'ovpnc4'
Aug 27 23:43:44 zwartedoos kernel: ovpnc2: link state changed to UP
Aug 27 23:43:44 zwartedoos opnsense[667]: /usr/local/etc/rc.newwanip: IP renewal deferred during boot on 'ovpnc2'
Aug 27 23:43:45 zwartedoos syslogd: exiting on signal 15
Aug 27 23:43:45 zwartedoos syslogd: kernel boot file is /boot/kernel/kernel
Aug 27 23:43:46 zwartedoos syslog-ng[10069]: syslog-ng starting up; version='3.33.2'
Aug 27 23:43:46 zwartedoos kernel: done.
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: IPv4 renewal is starting on 'ovpns1'
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: On (IP address: 192.168.200.1) (interface: OPENVPN[opt3]) (real interface: ovpns1).
Aug 27 23:43:46 zwartedoos opnsense[55464]: plugins_configure hosts ()
Aug 27 23:43:46 zwartedoos opnsense[55464]: plugins_configure hosts (execute task : dnsmasq_hosts_generate())
Aug 27 23:43:46 zwartedoos opnsense[55464]: plugins_configure hosts (execute task : unbound_hosts_generate())
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'opt3'
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv4 default route
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt1
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route
Aug 27 23:43:46 zwartedoos opnsense[55464]: plugins_configure monitor ()
Aug 27 23:43:46 zwartedoos opnsense[55464]: plugins_configure monitor (execute task : dpinger_configure_do())
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping.
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV6 monitor address is empty, skipping.
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV4 monitor address is empty, skipping.
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV6 monitor address is empty, skipping.
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV4 monitor address is empty, skipping.
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV6 monitor address is empty, skipping.
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV4 monitor address is empty, skipping.
Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The OPENVPN_GW monitor address is empty, skipping.
Aug 27 23:43:48 zwartedoos opnsense[55464]: plugins_configure vpn (,opt3)
Aug 27 23:43:48 zwartedoos opnsense[55464]: plugins_configure vpn (execute task : ipsec_configure_do(,opt3))
Aug 27 23:43:48 zwartedoos opnsense[55464]: plugins_configure vpn (execute task : openvpn_configure_do(,opt3))
Aug 27 23:43:48 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: Resyncing OpenVPN instances for interface OPENVPN.
Aug 27 23:43:48 zwartedoos opnsense[55464]: plugins_configure newwanip (,opt3)
Aug 27 23:43:48 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : dyndns_configure_do(,opt3))
Aug 27 23:43:48 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : ntpd_configure_do())
Aug 27 23:43:49 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : opendns_configure_do())
Aug 27 23:43:49 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : openssh_configure_do(,opt3))
Aug 27 23:43:49 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : unbound_configure_do(,opt3))
Aug 27 23:43:49 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : vxlan_configure_interface())
Aug 27 23:43:49 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : webgui_configure_do(,opt3))
Aug 27 23:43:50 zwartedoos kernel: OK
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: IPv4 renewal is starting on 'ovpnc3'
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: On (IP address: 10.0.8.2) (interface: CRYPKIT[opt5]) (real interface: ovpnc3).
Aug 27 23:43:50 zwartedoos opnsense[90164]: plugins_configure hosts ()
Aug 27 23:43:50 zwartedoos opnsense[90164]: plugins_configure hosts (execute task : dnsmasq_hosts_generate())
Aug 27 23:43:50 zwartedoos opnsense[90164]: plugins_configure hosts (execute task : unbound_hosts_generate())
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'opt5'
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv4 default route
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt1
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route
Aug 27 23:43:50 zwartedoos opnsense[90164]: plugins_configure monitor ()
Aug 27 23:43:50 zwartedoos opnsense[90164]: plugins_configure monitor (execute task : dpinger_configure_do())
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping.
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV6 monitor address is empty, skipping.
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV4 monitor address is empty, skipping.
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV6 monitor address is empty, skipping.
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV4 monitor address is empty, skipping.
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV6 monitor address is empty, skipping.
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV4 monitor address is empty, skipping.
Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The OPENVPN_GW monitor address is empty, skipping.
Aug 27 23:43:52 zwartedoos opnsense[90164]: plugins_configure vpn (,opt5)
Aug 27 23:43:52 zwartedoos opnsense[90164]: plugins_configure vpn (execute task : ipsec_configure_do(,opt5))
Aug 27 23:43:52 zwartedoos opnsense[90164]: plugins_configure vpn (execute task : openvpn_configure_do(,opt5))
Aug 27 23:43:52 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: Resyncing OpenVPN instances for interface CRYPKIT.
Aug 27 23:43:52 zwartedoos opnsense[90164]: plugins_configure newwanip (,opt5)
Aug 27 23:43:52 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : dyndns_configure_do(,opt5))
Aug 27 23:43:52 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : ntpd_configure_do())
Aug 27 23:43:55 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : opendns_configure_do())
Aug 27 23:43:55 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : openssh_configure_do(,opt5))
Aug 27 23:43:55 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : unbound_configure_do(,opt5))
Aug 27 23:43:56 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : vxlan_configure_interface())
Aug 27 23:43:56 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : webgui_configure_do(,opt5))
Aug 27 23:43:56 zwartedoos kernel: OK
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: IPv4 renewal is starting on 'ovpnc4'
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: On (IP address: 192.168.120.10) (interface: ROBOTICT[opt6]) (real interface: ovpnc4).
Aug 27 23:43:56 zwartedoos opnsense[1766]: plugins_configure hosts ()
Aug 27 23:43:56 zwartedoos opnsense[1766]: plugins_configure hosts (execute task : dnsmasq_hosts_generate())
Aug 27 23:43:56 zwartedoos opnsense[1766]: plugins_configure hosts (execute task : unbound_hosts_generate())
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'opt6'
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv4 default route
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt1
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route
Aug 27 23:43:56 zwartedoos opnsense[1766]: plugins_configure monitor ()
Aug 27 23:43:56 zwartedoos opnsense[1766]: plugins_configure monitor (execute task : dpinger_configure_do())
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping.
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV6 monitor address is empty, skipping.
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV4 monitor address is empty, skipping.
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV6 monitor address is empty, skipping.
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV4 monitor address is empty, skipping.
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV6 monitor address is empty, skipping.
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV4 monitor address is empty, skipping.
Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The OPENVPN_GW monitor address is empty, skipping.
Aug 27 23:43:59 zwartedoos opnsense[1766]: plugins_configure vpn (,opt6)
Aug 27 23:43:59 zwartedoos opnsense[1766]: plugins_configure vpn (execute task : ipsec_configure_do(,opt6))
Aug 27 23:43:59 zwartedoos opnsense[1766]: plugins_configure vpn (execute task : openvpn_configure_do(,opt6))
Aug 27 23:43:59 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: Resyncing OpenVPN instances for interface ROBOTICT.
Aug 27 23:43:59 zwartedoos opnsense[1766]: plugins_configure newwanip (,opt6)
Aug 27 23:43:59 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : dyndns_configure_do(,opt6))
Aug 27 23:43:59 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : ntpd_configure_do())
Aug 27 23:44:02 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : opendns_configure_do())
Aug 27 23:44:02 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : openssh_configure_do(,opt6))
Aug 27 23:44:02 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : unbound_configure_do(,opt6))
Aug 27 23:44:03 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : vxlan_configure_interface())
Aug 27 23:44:03 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : webgui_configure_do(,opt6))
Aug 27 23:44:03 zwartedoos kernel: OK
Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: IPv4 renewal is starting on 'ovpnc2'
Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: On (IP address: 10.1.8.6) (interface: PRIVAMED[opt4]) (real interface: ovpnc2).
Aug 27 23:44:03 zwartedoos opnsense[88519]: plugins_configure hosts ()
Aug 27 23:44:03 zwartedoos opnsense[88519]: plugins_configure hosts (execute task : dnsmasq_hosts_generate())
Aug 27 23:44:03 zwartedoos opnsense[88519]: plugins_configure hosts (execute task : unbound_hosts_generate())
Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'opt4'
Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan
Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv4 default route
Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt1
Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route
Aug 27 23:44:04 zwartedoos opnsense[88519]: plugins_configure monitor ()
Aug 27 23:44:04 zwartedoos opnsense[88519]: plugins_configure monitor (execute task : dpinger_configure_do())
Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping.
Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV6 monitor address is empty, skipping.
Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV4 monitor address is empty, skipping.
Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV6 monitor address is empty, skipping.
Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV4 monitor address is empty, skipping.
Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV6 monitor address is empty, skipping.
Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV4 monitor address is empty, skipping.
Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The OPENVPN_GW monitor address is empty, skipping.
Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure vpn (,opt4)
Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure vpn (execute task : ipsec_configure_do(,opt4))
Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure vpn (execute task : openvpn_configure_do(,opt4))
Aug 27 23:44:05 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: Resyncing OpenVPN instances for interface PRIVAMED.
Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure newwanip (,opt4)
Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : dyndns_configure_do(,opt4))
Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : ntpd_configure_do())
Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : opendns_configure_do())
Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : openssh_configure_do(,opt4))
Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : unbound_configure_do(,opt4))
Aug 27 23:44:06 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : vxlan_configure_interface())
Aug 27 23:44:06 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : webgui_configure_do(,opt4))
Aug 27 23:44:06 zwartedoos kernel: OK
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: entering configure using defaults
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: IPv4 default gateway set to wan
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: setting IPv4 default route to 192.168.17.1
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: keeping current default gateway '192.168.17.1'
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: IPv6 default gateway set to opt1
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: setting IPv6 default route to 2001:666:6e:940::1
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: keeping current default gateway '2001:666:6e:940::1'
Aug 27 23:44:06 zwartedoos opnsense[59326]: plugins_configure monitor (1)
Aug 27 23:44:06 zwartedoos opnsense[59326]: plugins_configure monitor (execute task : dpinger_configure_do(1))
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping.
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The ROBOTICT_VPNV6 monitor address is empty, skipping.
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The ROBOTICT_VPNV4 monitor address is empty, skipping.
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The CRYPKIT_VPNV6 monitor address is empty, skipping.
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The CRYPKIT_VPNV4 monitor address is empty, skipping.
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The PRIVAMED_VPNV6 monitor address is empty, skipping.
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The PRIVAMED_VPNV4 monitor address is empty, skipping.
Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The OPENVPN_GW monitor address is empty, skipping.
Aug 27 23:44:07 zwartedoos kernel: OK
Aug 27 23:44:24 zwartedoos kernel: tun30000: link state changed to UP
Aug 27 23:44:28 zwartedoos kernel: tun30000: changing name to 'ocvpn0'
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.766Z caller=node_exporter.go:178 msg="Starting node_exporter" version="(version=1.1.2, branch=release-1.1, revision=0)"
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.766Z caller=node_exporter.go:179 msg="Build context" build_context="(go=go1.16.6, user=root, date=)"
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.767Z caller=filesystem_common.go:74 collector=filesystem msg="Parsed flag --collector.filesystem.ignored-mount-points" flag=^/(dev)($|/)
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.769Z caller=filesystem_common.go:76 collector=filesystem msg="Parsed flag --collector.filesystem.ignored-fs-types" flag=^devfs$
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:106 msg="Enabled collectors"
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=boottime
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=cpu
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=exec
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=filesystem
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=loadavg
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=meminfo
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=netdev
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=textfile
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=time
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=uname
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:195 msg="Listening on" address=192.168.100.200:9100
Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.773Z caller=tls_config.go:191 msg="TLS is disabled." http2=false
Aug 27 23:44:31 zwartedoos syslog-ng[10069]: syslog-ng shutting down; version='3.33.2'
Aug 27 23:44:31 zwartedoos kernel: .
Aug 27 23:44:31 zwartedoos syslog-ng[13396]: syslog-ng starting up; version='3.33.2'
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: entering configure using defaults
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: IPv4 default gateway set to wan
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: setting IPv4 default route to 192.168.17.1
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: keeping current default gateway '192.168.17.1'
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: IPv6 default gateway set to opt1
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: setting IPv6 default route to 2001:666:6e:940::1
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: keeping current default gateway '2001:666:6e:940::1'
Aug 27 23:44:32 zwartedoos opnsense[51926]: plugins_configure monitor (1)
Aug 27 23:44:32 zwartedoos kernel: done.
Aug 27 23:44:32 zwartedoos opnsense[51926]: plugins_configure monitor (execute task : dpinger_configure_do(1))
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping.
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The ROBOTICT_VPNV6 monitor address is empty, skipping.
Aug 27 23:44:32 zwartedoos kernel: done.
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The ROBOTICT_VPNV4 monitor address is empty, skipping.
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The CRYPKIT_VPNV6 monitor address is empty, skipping.
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The CRYPKIT_VPNV4 monitor address is empty, skipping.
Aug 27 23:44:32 zwartedoos kernel: .
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The PRIVAMED_VPNV6 monitor address is empty, skipping.
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The PRIVAMED_VPNV4 monitor address is empty, skipping.
Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The OPENVPN_GW monitor address is empty, skipping.
Aug 27 23:44:32 zwartedoos kernel: ...
Aug 27 23:44:33 zwartedoos kernel: ..
Aug 27 23:44:33 zwartedoos kernel: done.
Aug 27 23:44:33 zwartedoos kernel: done.
Aug 27 23:44:34 zwartedoos kernel: OK
Aug 27 23:44:38 zwartedoos kernel: SHA256 16 6B C0 95 EE 09 C1 48 AD D4 F0 70 67 69 5A F5
Aug 27 23:44:38 zwartedoos kernel: SHA256 mQXzeZAqYsTVs15OIcyjBTRQ46bcGW0jv1vaUglr2cQ (ECDSA)
Aug 27 23:44:38 zwartedoos kernel: SHA256 UdJv0HGBHAYLVZkfh1W5spmD4W90XSUw4OPBVzN5tFE (ED25519)
Aug 27 23:44:38 zwartedoos kernel: ocvpn0: deletion failed: 3
Aug 27 23:44:38 zwartedoos kernel: ocvpn0: link state changed to DOWN
Aug 27 23:44:58 zwartedoos sshd[78511]: Accepted keyboard-interactive/pam for root from 192.168.100.27 port 36348 ssh2
Aug 27 23:44:59 zwartedoos kernel: gif0: promiscuous mode enabled
Aug 27 23:44:59 zwartedoos kernel: vtnet0: promiscuous mode enabled
Aug 27 23:44:59 zwartedoos kernel: vtnet1: promiscuous mode enabled

[mimugmail]

It seems your default gateway is not available during startup so openconnect fails.
Sadly it behaves a bit different than openvpn. If it fails cause if timeout, it quits and doesn't try again.

[vizv]

@minugmail I also have the same problem, the ocvpn0 goes down after boot.

Note I can receive Okta Push Verify for OpenConnect (AnyConnect) MFA so the connection between client and VPN server should be fine.

I also have issue that after ocvpn0 goes down I lose all my connectivity, and I found OpenConnect updates routing table using vpnc-script which changed the default gateway so I created PR #2601 to stop OpenConnect updates default gateway.

OPNsense kernel: tun30000: link state changed to UP
OPNsense kernel: tun30000: changing name to 'ocvpn0'
...
OPNsense kernel: ifa_maintain_loopback_route: deletion failed for interface ocvpn0: 3
OPNsense kernel: ocvpn0: link state changed to DOWN

I think the issue is similar to #866, but I can't figure out how to fix it

[OPNsense-bot]

This issue has been automatically timed-out (after 180 days of inactivity).

For more information about the policies for this repository,
please read https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md for further details.

If someone wants to step up and work on this issue,
just let us know, so we can reopen the issue and assign an owner to it.

[Clifra-Jones]

You should reopen this because it is still a problem.

1. The gateway is up because I can log into the endpoint VPN, get 2FA push notification.
2. I removed the >/dev/null from the service file and I can see the VPN being configured properly.
3. Then last line in the log file is
   [code]
   ocvpn0: link state changed to DOWN
   [/code]

Go to system->Diagnostics->Services and start OpenConnect and it works perfectly.

I did notice that after openconnect starts the system attempts to start openvpn. Open VPN is not configured on my system, why would it try to start?

On another subject, the password for the VPN is stored in both the config and in a secrets file in CLEAR TEXT. That's not good at all!
This could easily be done with openssl to encrypt the password in the secrets file.