After upgrading to "OPNsense 23.7.1_3-amd64" (from 23.1) my OpenVPN server instance is no longer starting and errors out with the following errors:
2023-08-22T14:37:11-04:00 Error openvpn_server2 FreeBSD ifconfig failed: external program exited with error status: 1
2023-08-22T14:37:11-04:00 Warning openvpn_server2 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-08-22T14:37:11-04:00 Warning openvpn_server2 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
I'm assuming only the first one is the error that keeps it from starting.
I have not yet migrated to the new "instances" way of configuring OpenVPN. Is that a requirement now, or should my legacy setup still be working?
This is a standard road warrior setup and follows previous guidlines on how to set this up.
I'm grateful for any help in this, as I am about to go on vacation later today :)
Edit: Even after setting up a new instance (the new way), I am still getting the same "ifconfig failed" error.
Hmm, I figured it out. The VPN route was disabled in System > Routes > Configuration. I don't know how this happened, but I re-enabled it, and now the VPN service starts just fine.
Thanks for posting this! I had the same issue, it seems to persist regardless of the new "instance" vs the legacy system.
In my case, I had to disable the route that existed (apparently it was conflicting). I had created an interface on top of the OpenVPN connection and that was doing weird stuff.