Openvpn Server interface: dco_set_ifmode: failed

Started by GreenMatter, July 25, 2024, 07:12:43 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 25, 2024, 07:12:43 PM

After upgrading to 24.7 (for test purposes  :D ) openvpn UDP server (legacy) doesn't work anymore and throws following errors:
Code Select
2024-07-25T19:06:21 Warning openvpn_server9 dco_set_ifmode: failed to set ifmode=00008002: Invalid argument (errno=22)
2024-07-25T19:06:21 Warning openvpn_server9 Failed to create interface ovpns9 (SIOCSIFNAME): File exists (errno=17)


Ho to fix it?
OPNsense on:
Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz (4 cores)
8 GB RAM
50 GB HDD
and plenty of vlans ;-)
July 25, 2024, 07:29:06 PM #1
Meh, OpenVPN tries to kick it into DCO mode... Can you add this to advanced settings and try again?

disable-dco


Cheers,
Franco
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
July 25, 2024, 07:49:35 PM #2
Quote from: franco on July 25, 2024, 07:29:06 PM
disable-dco
Yes, that restored UDP server...
But how to change config to use DCO?
OPNsense on:
Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz (4 cores)
8 GB RAM
50 GB HDD
and plenty of vlans ;-)
July 25, 2024, 07:54:37 PM #3
Not going to be in legacy client/server, sorry.


Cheers,
Franco
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
July 25, 2024, 07:56:40 PM #4
Quote from: franco on July 25, 2024, 07:54:37 PM
Not going to be in legacy client/server, sorry.
Thus I need to migrate to "instances"?
OPNsense on:
Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz (4 cores)
8 GB RAM
50 GB HDD
and plenty of vlans ;-)
July 25, 2024, 08:03:00 PM #5
Correct. For better or worse the legacy section is considered "feature complete" and this consistency fix was unfortunately missed.

https://github.com/opnsense/core/commit/89135cdc

In any case thanks for the report. I have a few things I'm going to hotfix until tomorrow.


Cheers,
Franco
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
July 25, 2024, 08:16:35 PM #6
Thanks, but what keeps stopping me from migration is missing TLS authentication (TLS Shared Key) in instances config.
Will it be added there?
OPNsense on:
Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz (4 cores)
8 GB RAM
50 GB HDD
and plenty of vlans ;-)
July 25, 2024, 08:21:09 PM #7
It would be best to raise a feature request for instances as long as the feature is not a deprecated OpenVPN option.


Cheers,
Franco
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
July 25, 2024, 11:00:02 PM #8
One more thing.
Openvpn TCP server (legacy) was fully running.
But UDP server (legacy) was running but there was no connectivity. I mean netcat was showing replies from hosts on various ports but nothing could go through browser.
I gave up and restored 24.1.10...
OPNsense on:
Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz (4 cores)
8 GB RAM
50 GB HDD
and plenty of vlans ;-)
July 26, 2024, 02:14:44 AM #9
Quote from: franco on July 25, 2024, 07:29:06 PM
Meh, OpenVPN tries to kick it into DCO mode... Can you add this to advanced settings and try again?

disable-dco

This also worked for me.  Thanks for posting.



Print
Go Up Pages1
User actions