[SOLVED] OpenVPN Client Error: --client-connect requires --mode server

Started by DanMc85, July 12, 2018, 02:02:20 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
August 16, 2018, 01:44:00 PM #15
Quote from: franco on August 16, 2018, 08:15:06 AM
Ok, we're working on this issue here. There is a patch for your issue that should work already:

https://github.com/opnsense/core/issues/2625


Cheers,
Franco

I ran patch 71043f1

I still see "Configuring Firewall... failed" during the boot sequence. However, it passes right by, instead of hanging there for 5-10 minutes as it was doing before.

Also it may be unrelated but it also stays at "Configuring Dynamic DNS" for a few minutes, as well.

I still have 5 Notices in the GUI. Two of them are new after running the patch. (I acknowledged notices before redoing a reboot)

New:
There were error(s) loading the rules: /tmp/rules.debug:84: no translation address with matching address family found. - The line in question reads [84]: nat on ovpns3 inet proto {tcp udp} from (ovpns3:network) to {PRIVATE IP} port {53} -> ovpns3 port 1024:65535 #

The other notices are the same no IP address found for ovpns3, ovpns4, and ovpnc2:0
August 16, 2018, 02:31:59 PM #16
The hangs and error messages point to traffic being pushed over OpenVPN links that are not yet set up / active.

The line in question reads [84]: nat on ovpns3 inet proto {tcp udp} from (ovpns3:network) to {PRIVATE IP} port {53} -> ovpns3 port 1024:65535 #

Points to "ovpns3" causing the error, again, because it's being configured without being up/configured itself. I've added more () magic here in subsequent commits but testing is difficult and we need to give it some time on -devel.


Cheers,
Franco
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
August 16, 2018, 03:01:00 PM #17


Quote from: franco on August 16, 2018, 02:31:59 PM
The hangs and error messages point to traffic being pushed over OpenVPN links that are not yet set up / active.

The line in question reads [84]: nat on ovpns3 inet proto {tcp udp} from (ovpns3:network) to {PRIVATE IP} port {53} -> ovpns3 port 1024:65535 #

Points to "ovpns3" causing the error, again, because it's being configured without being up/configured itself. I've added more () magic here in subsequent commits but testing is difficult and we need to give it some time on -devel.


Cheers,
Franco

If I switch from Production to Development build. Are those changes part of the update download or would another patch be needed to test?

Sent from my SM-N950U using Tapatalk

August 16, 2018, 03:53:47 PM #18
Most went in after the latest devel version was built. You should stay on production for now.


Cheers,
Franco
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
Print
Go Up Pages 1 2
User actions