OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: Ulrar on August 03, 2017, 04:04:42 pm

Title: OpenVPN client not working after upgrade
Post by: Ulrar on August 03, 2017, 04:04:42 pm
Hi,

I used to run 17-rc1 until a few days ago, when I upgraded all the way up to 17.7.
The only problem I seem to have with this is my OpenVPN client, which is not working great anymore.

Basically it still connects, and incoming packets work fine (I can ping from outside trough the VPN), but not the other way around.
ping -S <VPN IP> 8.8.8.8 with a tcpdump running on the vpn interface and another tcpdump running on the WAN interface shows that the packets are actually trying to come out of the WAN interface with the VPN IP, which makes no sense.
The same test on a different opensense installed recently shows packets coming out of the VPN interface, as expected.

So what could cause ping -S to send packets out of the wrong interface ?
I've tried deleting and re-creating the VPN interface and the firewall rules, no luck. I've even tried adding a firewall rule on the VPN interface to force the VPN Gateway, didn't change anything. I don't have any floating rule or anything exotic except a bit of QoS on the WAN, but I don't expect that to be responsible.
Title: Re: OpenVPN client not working after upgrade
Post by: Ulrar on August 03, 2017, 04:56:29 pm
Discussing this on IRC and I tried the f25d8b7 patch, not better. Sadly, it must be a different bug.

I checked and the other Opnsense I used to test is a 17.1, so the bug seems to only be in 17.7. I might revert
Title: Re: OpenVPN client not working after upgrade
Post by: franco on August 03, 2017, 05:28:59 pm
Assuming you have a client OpenVPN and have this assigned as a separate interface: did you set a gateway there? If so, which?

It could be this, trying couldn't hurt:

https://github.com/opnsense/core/commit/511cdd471


# opnsense-patch 511cdd471


Cheers,
Franco
Title: Re: OpenVPN client not working after upgrade
Post by: franco on August 03, 2017, 05:33:31 pm
PS: also needs a reload from Firewall: Diagnostics: Filter reload.
Title: Re: OpenVPN client not working after upgrade
Post by: Ulrar on August 03, 2017, 07:19:17 pm
As discussed on IRC, that patch does solve my problem :)
Thanks