Show Posts
1
21.7 Legacy Series / OpenVPN Site2Site after Upgrade won't start
« on: August 12, 2021, 10:17:24 am »
Hello, I am new here.
I've got two Site2Site Tunnels with OPNsese 21.1.x running fine. After Upgrade the Server to 21.7.1, they do not came up.
I already read
https://forum.opnsense.org/index.php?topic=23934.0
https://forum.opnsense.org/index.php?topic=23855.0
But this does not solve my Problem.
When I start the Server in System|Log File|General I get
/vpn_openvpn_server.php: The command '/usr/local/sbin/openvpn --config '/var/etc/openvpn/server3.conf'' returned exit code '1', the output was ''
Whe I start the Server via
/usr/local/sbin/openvpn --config '/var/etc/openvpn/server3.conf
there is no output and no openvpn process is running.
I figured out, when I comment out the Line
client-config-dir /var/etc/openvpn-csc/3
in the file /var/etc/openvpn/server3.conf the Server starts an the Tunnel will come up.
The Directory /var/etc/openvpn-csc/3 is empty.
I also created an new Server with the same Settings on the 21.7.1 release, but the config file looks the same.
Any suggestions?
Thank you
The config File
dev ovpns3
verb 6
dev-type tun
tun-ipv6
dev-node /dev/tun3
writepid /var/run/openvpn_server3.pid
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-256-CBC
auth SHA256
up /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkup
down /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkdown
local x.x.x.x
tls-server
#client-config-dir /var/etc/openvpn-csc/3
ifconfig 10.0.0.1 10.0.0.2
tls-verify "/usr/local/etc/inc/plugins.inc.d/openvpn/ovpn_auth_verify tls 'Cert' 1"
lport 1194
management /var/etc/openvpn/server1.sock unix
push "route 172.16.0.0 255.255.0.0"
route 192.168.0.0 255.255.255.0
ca /var/etc/openvpn/server3.ca
cert /var/etc/openvpn/server3.cert
key /var/etc/openvpn/server3.key
dh /usr/local/etc/dh-parameters.2048.sample
tls-auth /var/etc/openvpn/server3.tls-auth 0
I've got two Site2Site Tunnels with OPNsese 21.1.x running fine. After Upgrade the Server to 21.7.1, they do not came up.
I already read
https://forum.opnsense.org/index.php?topic=23934.0
https://forum.opnsense.org/index.php?topic=23855.0
But this does not solve my Problem.
When I start the Server in System|Log File|General I get
/vpn_openvpn_server.php: The command '/usr/local/sbin/openvpn --config '/var/etc/openvpn/server3.conf'' returned exit code '1', the output was ''
Whe I start the Server via
/usr/local/sbin/openvpn --config '/var/etc/openvpn/server3.conf
there is no output and no openvpn process is running.
I figured out, when I comment out the Line
client-config-dir /var/etc/openvpn-csc/3
in the file /var/etc/openvpn/server3.conf the Server starts an the Tunnel will come up.
The Directory /var/etc/openvpn-csc/3 is empty.
I also created an new Server with the same Settings on the 21.7.1 release, but the config file looks the same.
Any suggestions?
Thank you
The config File
dev ovpns3
verb 6
dev-type tun
tun-ipv6
dev-node /dev/tun3
writepid /var/run/openvpn_server3.pid
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-256-CBC
auth SHA256
up /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkup
down /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkdown
local x.x.x.x
tls-server
#client-config-dir /var/etc/openvpn-csc/3
ifconfig 10.0.0.1 10.0.0.2
tls-verify "/usr/local/etc/inc/plugins.inc.d/openvpn/ovpn_auth_verify tls 'Cert' 1"
lport 1194
management /var/etc/openvpn/server1.sock unix
push "route 172.16.0.0 255.255.0.0"
route 192.168.0.0 255.255.255.0
ca /var/etc/openvpn/server3.ca
cert /var/etc/openvpn/server3.cert
key /var/etc/openvpn/server3.key
dh /usr/local/etc/dh-parameters.2048.sample
tls-auth /var/etc/openvpn/server3.tls-auth 0