Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
OpenVPN Server refusing to accept packets
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenVPN Server refusing to accept packets (Read 1180 times)
guest42255
Guest
OpenVPN Server refusing to accept packets
«
on:
January 14, 2024, 08:22:08 pm »
Hello,
I have a firewall with a lot of WAN IP addresses. The primary address is configured on the interface and all IP addresses are configured as IP Alias of that interface. The OpenVPN server is selected to run on the primary IP alias. There is a firewall rule for allowing 1194/udp to any. The OpenVPN client can't connect and the firewall doesn't even bother seeing the incoming packets. The firewall log doesn't show anything coming from my IP. I created a rule to ping the WAN IP from the WAN and I get a response. But the log doesn't bother to show me that either. I am completely unable to debug the issue as the log is completely useless. It shows a lot of packets but it refuses to show any from my IP or when I filter by port 1194 it shows also nothing.
I am playing around with this load of bugs in the datacenter since many hours and there is no fix.
Logged
guest42255
Guest
Re: OpenVPN Server refusing to accept packets
«
Reply #1 on:
January 15, 2024, 03:31:56 pm »
After a full day of trying around I found out that the OpenVPN connection is established, the client sends PUSH_REQUEST, the firewall shows that in the OpenVPN log, shows also that it responds, the client receives P_ACK_V1 as seen in Wireshark but nothing happens. The client keeps stating it would receive no reponse (which is clearly a lie) and the firewall doesn't show any errors or warnings at all. I can't even find a hint in the internet. Nothing I tried works, no additional firewall rules, no outbound NAT rules, nothing...
Logged
lshantz
Full Member
Posts: 109
Karma: 3
Re: OpenVPN Server refusing to accept packets
«
Reply #2 on:
January 16, 2024, 06:14:25 pm »
This is not an answer to your problem, but I have had a remote OpenVPN setup to a remote firewall, plus one for the road when I travel. Both are non-functional now. The only thing that changed was the latest update. I suspect something has changed in how it handles traffic?
My logs show on my roadwarrior connect that we make the connection and it stays connected, but not packets pass. A packet trace shows the remote querying overf and over but no response from the firewall. The persistent connect to a remote firewall says add route. So hopefully this is a clue to those smarter than me. I'm just now starting to look at what is wrong. IF I figure it out I will post here. But I head out for surgery in a little over an hour. Would greatly appreciate it if anyone knows the answer to respond to what has changed.
Logged
guest42255
Guest
Re: OpenVPN Server refusing to accept packets
«
Reply #3 on:
January 22, 2024, 07:32:04 pm »
The issue seems to have been resolved by an update to 23.7.12.
Logged
lshantz
Full Member
Posts: 109
Karma: 3
Re: OpenVPN Server refusing to accept packets
«
Reply #4 on:
February 15, 2024, 10:00:25 pm »
Agreed. all is well now.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
OpenVPN Server refusing to accept packets