I have a strange issue using pfsense2.5 and protectli appliance. This firewall is client on a site to site configuration, ISP is WAN DHCP. Server firewall has static public IP.
The tunnel was up and fine, until an incident.
I had to physicly go on-site to start the open VPN Service again. Please note from the moment i manually press start service, is working properly.
I don’t know why didn’t retry to re-establish the tunnel, and i don’t know why the service stopped.
Is there any settings for that , retry, re-establish etc ?
after checking the logs i found the following:
fault here
Mar 29 19:42:21 openvpn 19774 /usr/local/sbin/ovpn-linkdown ovpnc1 1500 1560 172.17.27.2 172.17.27.1 init
Mar 29 19:42:21 openvpn 19774 Exiting due to fatal error
Mar 29 19:42:21 openvpn 19774 TCP/UDP: Socket bind failed on local address [AF_INET]192.168.10.242:0: Can’t assign requested address (errno=49)
Mar 29 19:42:21 openvpn 19774 TCP/UDP: Preserving recently used remote address: [AF_INET][publicIP+port]
Mar 29 19:42:21 openvpn 19774 Preserving previous TUN/TAP instance: ovpnc1
Mar 29 19:42:21 openvpn 19774 Re-using pre-shared static key
Mar 29 19:42:21 openvpn 19774 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mar 29 19:42:16 openvpn 19774 SIGUSR1[soft,ping-restart] received, process restarting
Mar 29 19:42:16 openvpn 19774 Inactivity timeout (–ping-restart), restarting
Mar 29 19:42:15 openvpn 19774 write UDPv4: No route to host (code=65)
Mar 29 19:42:15 openvpn 19774 write UDPv4: No route to host (code=65)
Mar 29 19:42:14 openvpn 19774 write UDPv4: No route to host (code=65)
Mar 29 19:42:14 openvpn 19774 write UDPv4: No route to host (code=65)
After i press start service
Mar 30 08:20:57 openvpn 63636 Peer Connection Initiated with [AF_INET][publicIP+port]
Mar 30 08:20:57 openvpn 63636 UDPv4 link remote: [AF_INET][publicIP+port]
Mar 30 08:20:57 openvpn 63636 UDPv4 link local (bound): [AF_INET]192.168.10.242:0
Mar 30 08:20:57 openvpn 63636 TCP/UDP: Preserving recently used remote address: [AF_INET][publicIP+port]
Mar 30 08:20:57 openvpn 63636 /usr/local/sbin/ovpn-linkup ovpnc1 1500 1560 172.17.27.2 172.17.27.1 init
Mar 30 08:20:57 openvpn 63636 /sbin/ifconfig ovpnc1 172.17.27.2 172.17.27.1 mtu 1500 netmask 255.255.255.255 up
Mar 30 08:20:57 openvpn 63636 TUN/TAP device /dev/tun1 opened
Mar 30 08:20:57 openvpn 63636 TUN/TAP device ovpnc1 exists previously, keep at program end
Mar 30 08:20:57 openvpn 63636 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mar 30 08:20:57 openvpn 63567 library versions: OpenSSL 1.1.1i-freebsd 8 Dec 2020, LZO 2.10
Mar 30 08:20:57 openvpn 63567 OpenVPN 2.5.0 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Feb 5 2021
Mar 30 08:20:57 openvpn 63567 Cipher negotiation is disabled since neither P2MP client nor server mode is enabled