Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - senses118

Pages1
#1
Virtual private networks / Re: OpenVPN Instances - Ignore Redirect Gateway
December 31, 2025, 12:13:40 PM
Quote from: Patrick M. Hausen on September 20, 2024, 07:24:22 PMOPNsense is the server. Why would you configure a client side setting there? This goes into the config file for the client.

If you are using OPNsense as a client you did not say so and the most common scenario for OpenVPN is OPNsense as server and users with PCs, Macs, ... as clients.

I too would like some way to use "pull-filter ignore redirect-gateway" if it's possible.

Patrick, I have opted to use OpenVPN client instances with my setup where I simultaneously connect to both my provider's UDP and TCP servers in a failover group. The significant benefit of OpenVPN clients are their ability to hold a large list of server addresses in the client config and connect to them at random using the 'remote-random' option. I run all my WAN traffic through the VPN failover group 24/7 and this allows me to use Home Assistant automation to force either client to reconnect when latency or packet loss gets high during peak times. Some servers are usually less crowded than others. I find this works really well. WireGuard, to my knowledge, can't do this?
#2
24.7, 24.10 Legacy Series / Re: DNS Call to upgrade repositories every 30 seconds
November 21, 2024, 08:04:22 PM
Another relative newb here... I'm sorry I don't have an answer for you but I saw your post while also investigating the huge number of queries in my Unbound for:

opn-repo.routerperformance.net  (32% of total queries)
pkg.opensense.org (32% of total queries)

They each have 25 or so A and AAAA cache lookups every 30 seconds. Like you I would love to understand why this is necessary?
#3
General Discussion / Re: Scheduled OpenVPN client reconnect
August 27, 2024, 05:57:03 PM
Good to know it was useful!
#4
General Discussion / Re: Scheduled OpenVPN client reconnect
August 08, 2024, 07:28:24 PM
Got what I needed working. Instead of leaving this as a worthless empty post for someone to trip over while searching for a solution (be handy if we could delete posts?), here's what I did in summary:

1. SSH into OPNsense as root or a user with su
2. Go to: /usr/local/opnsense/service/conf/actions.d/
3. Create a new file called something like: actions_custom.conf
4. File should contain:

Code Select

[stop]
command:/usr/local/sbin/pluginctl -s openvpn stop
parameters:
type:script_output
message:stop openvpn service
description:Stop OpenVPN Service

[start]
command:/usr/local/sbin/pluginctl -s openvpn start
parameters:
type:script_output
message:start openvpn service
description:Start OpenVPN Service

[restart]
command:/usr/local/sbin/pluginctl -s openvpn restart
parameters:
type:script_output
message:restart openvpn service
description:Restart OpenVPN Service


5. Once saved, load the new template using: # service configd restart
6. In OPNsense GUI go to: System > Settings > Cron
7. Click + to add a new job and under the 'Command' lookup you should see the new Stop, Start and Restart OpenVPN options listed.

#5
General Discussion / Scheduled OpenVPN client reconnect
August 07, 2024, 01:57:19 PM
I'm running an OpenVPN client on opnsense to a VPN provider for all my network devices to share. I would like to reconnect daily to refresh the IP. Looking at the standard Cron options there is 'Periodic interface reset' which doesn't seem to create a new IP when used on the VPN interface. I see there is also 'Restart Wireguard'. But nothing for OpenVPN by default.

Can anyone offer a suitable command and parameters to cron an OpenVPN disconnect / reconnect? Any help greatly appreciated.
Pages1