OPNsense Forum
English Forums => Virtual private networks => Topic started by: williamk on April 07, 2021, 07:05:24 pm
-
Hi,
On the latest and greatest version of OPNsense. Have a vpn Server on OPNsense router that a client connects to for a site to site vpn. Anytime a router on either side reboots, or if there is a network blip, the tunnel dies, and I have to login to router and start the openvpn service. I tried following this tutorial, but cannot get it to work.
https://forum.opnsense.org/index.php?topic=6979.0
I can create the monit service for pinging the gateway of the remote network, but am stuck at how to get monit to actually restart the openvpn server. Can anyone give me some guidance?
On command line I can see the service. If I run ps aux | grep openvpn I get:
root 88677 0.0 0.4 1073220 8632 - Ss 08:16 0:00.26 /usr/local/sbin/openvpn --config /var/etc/openvpn/server1.conf
-
https://forum.opnsense.org/index.php?topic=19240.0
8)
-
Hello,
From my point of view there are two commands to restart the client, it worked so far on the console:
a
ps aux | grep openvpn
shows the running openvpn servers, in my case three, one of them is the client, number three.
This task is apparently also a start command for my client:
/usr/local/sbin/openvpn --config /var/etc/openvpn/client3.conf
Alternatively, it also does a on the console:
pluginctl -s openvpn start 3
Both start the openvpnclient on the console again and the connection is established, a refresh of the dashboard GUI shows the success.
I would now like to have one of the commands from Monit execute as a start and could use some help.
pluginctl -s openvpn start 3
is not accepted as a start command in the MonitGui,
/ usr / local / sbin / openvpn --config /var/etc/openvpn/client3.conf
is apparently not executed as a start command.
I'm still testing / looking further, but would be very grateful for some help, could you solve it?
https://forum.opnsense.org/index.php?topic=22745.msg108537#msg108537
-
Try perhaps:
/bin/sh -c '/usr/local/sbin/pluginctl -s openvpn start 3'
A guess based on a monit task I have (for dpinger)
-
THX thats it!
To do this, I copied a service test settings "failed ping" in the Monit Gui and selected an Execute with the path above as the action. Under Service Settings then Ping test, Type Remote Host and in Tests the Ping and the Ping with Execute selected.
In general settings, set the polling interval to 300 so that the name server can adapt.
The client will now start again automatically after a WAN interruption.
-
i've found this thread...
also i want to restart my opnvpn clients on my opnsense (22.7.9_3)
in CLI i can successfully
root@OPNsense:~ # ps aux | grep openvpn
root 95966 25.8 0.0 17928 7952 - Ss 12:38 0:16.58 /usr/local/sbin/openvpn --config /var/etc/openvpn/client15.conf
root 23564 0.0 0.0 17928 7808 - Ss 12:38 0:00.41 /usr/local/sbin/openvpn --config /var/etc/openvpn/client19.conf
root 60688 0.0 0.0 17928 7952 - Ss 12:40 0:00.04 /usr/local/sbin/openvpn --config /var/etc/openvpn/client12.conf
and also then successfully
root@OPNsense:~ # pluginctl -s openvpn start 19
Service `openvpn' has been started.
root@OPNsense:~ # pluginctl -s openvpn start 15
Service `openvpn' has been started.
root@OPNsense:~ # pluginctl -s openvpn start 12
Service `openvpn' has been started.
When i follow your steps, you created a copy of "ping failed" test and changed it to executable, which i did then too..
The failed ping test copy i can save successfully, but as soon as i select it in the service settings, i get issues
i see this in cli under " cat /usr/local/etc/monitrc"
"
check host OpenVPNClientGateway address 8.8.4.4
if failed ping then alert
if failedpingGW then exec /bin/sh -c '/usr/local/sbin/pluginctl -s openvpn start 12'
"
so basically the ping test and the script are there, but i can't save via webgui as i always get an error..
"
Error monit /usr/local/etc/monitrc:32: syntax error 'failedpingGW'
"
can you help me here please?
-
i've found this thread...
also i want to restart my opnvpn clients on my opnsense (22.7.9_3)
in CLI i can successfully
root@OPNsense:~ # ps aux | grep openvpn
root 95966 25.8 0.0 17928 7952 - Ss 12:38 0:16.58 /usr/local/sbin/openvpn --config /var/etc/openvpn/client15.conf
root 23564 0.0 0.0 17928 7808 - Ss 12:38 0:00.41 /usr/local/sbin/openvpn --config /var/etc/openvpn/client19.conf
root 60688 0.0 0.0 17928 7952 - Ss 12:40 0:00.04 /usr/local/sbin/openvpn --config /var/etc/openvpn/client12.conf
and also then successfully
root@OPNsense:~ # pluginctl -s openvpn start 19
Service `openvpn' has been started.
root@OPNsense:~ # pluginctl -s openvpn start 15
Service `openvpn' has been started.
root@OPNsense:~ # pluginctl -s openvpn start 12
Service `openvpn' has been started.
When i follow your steps, you created a copy of "ping failed" test and changed it to executable, which i did then too..
The failed ping test copy i can save successfully, but as soon as i select it in the service settings, i get issues
i see this in cli under " cat /usr/local/etc/monitrc"
"
check host OpenVPNClientGateway address 8.8.4.4
if failed ping then alert
if failedpingGW then exec /bin/sh -c '/usr/local/sbin/pluginctl -s openvpn start 12'
"
so basically the ping test and the script are there, but i can't save via webgui as i always get an error..
"
Error monit /usr/local/etc/monitrc:32: syntax error 'failedpingGW'
"
can you help me here please?
aarrghh...
if i use the correct command...it works..
"
check host OpenVPNClientGateway address 8.8.4.4
if failed ping then alert
if failed ping then exec /bin/sh -c '/usr/local/sbin/pluginctl -s openvpn start 12'
"