Re: [leaf-user] OpenVPN Issues

[Robert K C. J. -I. F. D. Corp. <bco...@in...>]

   In my case, I had created a DNAT rule that globally passed udp traffic
   to another box via DNAT.   I think I was testing something....  But
   when I found that, everything made sense.

   I am definitely having another issue that I don't believe was caused by
   my incompetence.

   When restarting openvpn -sometimes- I will get an error like this:

   dpyroute# /etc/init.d/openvpn restart
   Stopping virtual private network daemon:rm: can't remove
   '/var/run/openvpn.c_bieri_dpyroute.pid': No such file or directory

   When I look at /var/run, that file is indeed gone, but the .status file
   remains, and any other openvpn processes are still running and their
   .pid files (and .status) are still there.

   If I remark out the rm portion of the stop_vpn subroutine, this problem
   disappears.  It seems like the kill line above it also removes the pid
   file.

   stop_vpn () {
     kill `cat $PIDFILE` || true
     #rm $PIDFILE
     rm -f /var/run/openvpn.$NAME.status 2> /dev/null
   }

   - Bob

   On 12/6/2024 1:42:33 AM, Otto Halák - TeleLarm wrote:

     Hello Robert,
     I faced similar problem and it was caused by statement "routefilter"
     in /etc/shorewall/interfaces, see:
     #ZONE           INTERFACE               OPTIONS
     net             eth0                    dhcp,routefilter
     loc             eth1                    dhcp,routeback
     vpn             tun+
     I used routefilter form many many years but it started to cause
     problems with newer leafs.
     Without routefilter OpenVPN works like a charm.
     Otto

--
Robert K Coffman Jr.
Info From Data Corp.
3307249000
[1]su...@in...

References

   1. mailto:su...@in...