Hi, On 04/02/2012 10:21 AM Josh Karli wrote: > issue 1: > Running 2.0.1 release i386. Had upgraded some time ago from 2.0 release. > Had several VPN servers carried over from the 2.0 upgrade. Today I > reconfigured the VPN servers with the same settings as the old ones, just > with new certs and users. I did this by deleting the old VPN servers, > creating all new users, creating new server and user certs, and then using > the wizard to recreate the new VPN servers. Afterwards I rebooted the box. > Previously I was able to have all of the VPN servers active at once. Now I > can only have one active at a time. To change the one that is active, I > have to go into the services and stop the active server service, then start > another server service. Otherwise client-server interaction seem to be > working flawlessly. Is this a bug? The forum doesn't seem to mention it.
did you choose a dedicated port for each of your vpn servers? > issue 2: > Also, the IP address of the last client to connect during my most recent > test (3 hours ago) is still pingable, but there is no ARP entry or DHCP > lease. There were never any routes set referring to this IP address. I > thought perhaps this is because OpenVPN bindings aren't listed in either of > those lists. A look into the OpenVPN logs shows that the offending IP > address was assigned a little over 5 hours ago, and that sigterm[hard] was > used to terminate the connection. I did terminate the connection by > clicking the X icon next to it once the client disconnected and the > connection remained listed in the GUI for a good 5 minutes afterwards. > Rebooting the box does not free up the offending address, it is still > pingable. Stopping/restarting the OpenVPN server service from the webGUI > has no effect. Any ideas on how to free up this IP address? Have not > checked to see if the IP address behaves normally if a client reconnects. Are you totally sure that the respective address isn't assigned to the box itself? Just have a look in your routing table and check if this address isn't routed elsewhere in case your running outbound vpn connections as well (overlapping subnets?). It would be great to have a look at your configuration. Try grabbing for the address in your xml configuration under /conf/config.xml. HTH - Jan
signature.asc
Description: OpenPGP digital signature
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
