search

opnsense / plugins

OPNsense plugin collection
https://opnsense.org/
BSD 2-Clause "Simplified" License
832 stars 619 forks source link

OpenConnect Startup - deletion failed for interface #1359

Closed imidoriya closed 1 year ago

imidoriya commented 5 years ago

I'm getting this error on startup, which appears to prevent OpenConnect from starting. I have to start it manually.

kernel: ocvpn0: link state changed to DOWN
kernel: ifa_maintain_loopback_route: deletion failed for interface ocvpn0: 3
kernel: OK
kernel: tun30000: changing name to 'ocvpn0'
kernel: tun30000: link state changed to UP

I'm trying to understand how best to NAT. In this documentation, it states to use the OpenConnect "interface" (which doesn't show up as an Interface, but does show up under Firewall Rules). However, in other places 1, 2, it is suggested creating an interface and locking it. But then you end up with two things under Firewall rules. I just need this thing to be persistent after reboot where it starts up automatically and NAT rules apply.

chriscorns commented 5 years ago

I have the same problem and the same messages in error log in my test installation: OpenConnect could not start automaticly after startup. I use the last version 19.7.3. What is the problem? I also tried to setup OPNsense without explicitly assigning the interface ocvpn0...

Sep  9 16:05:58 OPNsense kernel: OK
Sep  9 16:06:00 OPNsense kernel: tun30000: link state changed to UP
Sep  9 16:06:04 OPNsense kernel: tun30000: changing name to 'ocvpn0'
Sep  9 16:06:05 OPNsense monit[77410]: Starting Monit 5.26.0 daemon with http interface at /var/run/monit.sock 
Sep  9 16:06:05 OPNsense monit[46259]: Monit will delay for 120s on first start after reboot ... 
Sep  9 16:06:05 OPNsense kernel: ipfw2 (+ipv6) initialized, divert loadable, nat loadable, default to accept, logging disabled
Sep  9 16:06:05 OPNsense kernel: DUMMYNET 0 with IPv6 initialized (100409)
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched FIFO loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched QFQ loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched RR loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched WF2Q+ loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched PRIO loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched FQ_CODEL loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_sched dn_sched FQ_PIE loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_aqm dn_aqm CODEL loaded
Sep  9 16:06:05 OPNsense kernel: load_dn_aqm dn_aqm PIE loaded
Sep  9 16:06:05 OPNsense kernel: Bump sched buckets to 256 (was 0)
Sep  9 16:06:05 OPNsense kernel: Bump sched buckets to 256 (was 0)
Sep  9 16:06:07 OPNsense kernel: OK
Sep  9 16:06:08 OPNsense kernel: SHA256 93 E3 6E 71 1B 17 F1 39 EE 1A 87 BA 77 7A 8C 55
Sep  9 16:06:08 OPNsense kernel: ifa_maintain_loopback_route: deletion failed for interface ocvpn0: 3
Sep  9 16:06:08 OPNsense kernel: ocvpn0: link state changed to DOWN

A manual start is no problem:

Sep  9 16:34:46 OPNsense kernel: ocvpn0: link state changed to UP

@mimugmail: Can you have a look at the issue next time, please? THX

onlineque commented 3 years ago

Having the same here (OPNsense 21.7.1-amd64):

Aug 26 00:57:36 zwartedoos opnsense[62535]: plugins_configure openvpn_prepare (,ocvpn0) Aug 26 00:57:36 zwartedoos opnsense[62535]: plugins_configure openvpn_prepare (execute task : openvpn_prepare(,ocvpn0)) Aug 26 00:57:36 zwartedoos opnsense[62535]: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'ocvpn0' inet6 -accept_rtadv' returned exit code '1', the output was 'ifconfig: interface ocvpn0 does not exist' Aug 26 00:57:36 zwartedoos opnsense[62535]: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'ocvpn0' -staticarp' returned exit code '1', the output was 'ifconfig: interface ocvpn0 does not exist' Aug 26 00:58:28 zwartedoos kernel: tun30000: changing name to 'ocvpn0' Aug 26 00:58:38 zwartedoos kernel: ocvpn0: deletion failed: 3 Aug 26 00:58:38 zwartedoos kernel: ocvpn0: link state changed to DOWN

mimugmail commented 3 years ago

Having the same here (OPNsense 21.7.1-amd64):

Aug 26 00:57:36 zwartedoos opnsense[62535]: plugins_configure openvpn_prepare (,ocvpn0) Aug 26 00:57:36 zwartedoos opnsense[62535]: plugins_configure openvpn_prepare (execute task : openvpn_prepare(,ocvpn0)) Aug 26 00:57:36 zwartedoos opnsense[62535]: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'ocvpn0' inet6 -accept_rtadv' returned exit code '1', the output was 'ifconfig: interface ocvpn0 does not exist' Aug 26 00:57:36 zwartedoos opnsense[62535]: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'ocvpn0' -staticarp' returned exit code '1', the output was 'ifconfig: interface ocvpn0 does not exist' Aug 26 00:58:28 zwartedoos kernel: tun30000: changing name to 'ocvpn0' Aug 26 00:58:38 zwartedoos kernel: ocvpn0: deletion failed: 3 Aug 26 00:58:38 zwartedoos kernel: ocvpn0: link state changed to DOWN

This looks like a different error, did you assign the interface?

onlineque commented 3 years ago

Definitely, and If I try to connect it manually once opnsense is up, it works perfectly, without any issue. Or, to be exact, I always need to connect twice to be connected. The first attempt fails everytime. Maybe it's due to the fact there's Okta 2FA on the server side - and even if I do the 2FA, it fails for the first time from unknown reason...

mimugmail commented 3 years ago

Can you follow the display output during startup?

onlineque commented 3 years ago

Definitely, I will put the output here in the evening, I cannot reboot the firewall during the workday.

onlineque commented 3 years ago

Here the complete log during the startup; normally I am just asked to supply 2FA (to confirm the access in Okta application) during the openconnect is started; shortly after that, when the machines is booted up I can even see that the IP for that VPN connection (ocvpn0) has been assigned, but then it probably fails somehow and disconnects... Maybe it has some relation to the fact I already mentioned, that even after opnsense is booted up, and I try to connect manually, I have to connect two times in a row (for the first time it fails, the for the second time it always works).

Aug 27 23:43:33 zwartedoos kernel: ---<>--- Aug 27 23:43:33 zwartedoos kernel: Copyright (c) 2013-2019 The HardenedBSD Project. Aug 27 23:43:33 zwartedoos kernel: Copyright (c) 1992-2019 The FreeBSD Project. Aug 27 23:43:33 zwartedoos kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 Aug 27 23:43:33 zwartedoos kernel: The Regents of the University of California. All rights reserved. Aug 27 23:43:33 zwartedoos kernel: FreeBSD is a registered trademark of The FreeBSD Foundation. Aug 27 23:43:33 zwartedoos kernel: FreeBSD 12.1-RELEASE-p19-HBSD #0 f692db99f3c(stable/21.7)-dirty: Mon Aug 2 13:29:29 CEST 2021 Aug 27 23:43:33 zwartedoos kernel: root@sensey:/usr/obj/usr/src/amd64.amd64/sys/SMP amd64 Aug 27 23:43:33 zwartedoos kernel: FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1) Aug 27 23:43:33 zwartedoos kernel: VT(vga): text 80x25 Aug 27 23:43:33 zwartedoos kernel: HardenedBSD: initialize and check features (__HardenedBSD_version 1200059 __FreeBSD_version 1201000). Aug 27 23:43:33 zwartedoos kernel: CPU: Intel Core Processor (Haswell, no TSX, IBRS) (2500.07-MHz K8-class CPU) Aug 27 23:43:33 zwartedoos kernel: Origin="GenuineIntel" Id=0x306c1 Family=0x6 Model=0x3c Stepping=1 Aug 27 23:43:33 zwartedoos kernel: Features=0xf83fbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE,SSE2,SS> Aug 27 23:43:33 zwartedoos kernel: Features2=0xfffa3223<SSE3,PCLMULQDQ,VMX,SSSE3,FMA,CX16,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,TSCDLT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND,HV> Aug 27 23:43:33 zwartedoos kernel: AMD Features=0x2c100800<SYSCALL,NX,Page1GB,RDTSCP,LM> Aug 27 23:43:33 zwartedoos kernel: AMD Features2=0x21<LAHF,ABM> Aug 27 23:43:33 zwartedoos kernel: Structured Extended Features=0x7ab<FSGSBASE,TSCADJ,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID> Aug 27 23:43:33 zwartedoos kernel: Structured Extended Features2=0x4 Aug 27 23:43:33 zwartedoos kernel: Structured Extended Features3=0xac000400<MD_CLEAR,IBPB,STIBP,ARCH_CAP,SSBD> Aug 27 23:43:33 zwartedoos kernel: XSAVE Features=0x1 Aug 27 23:43:33 zwartedoos kernel: IA32_ARCH_CAPS=0x48 Aug 27 23:43:33 zwartedoos kernel: AMD Extended Feature Extensions ID EBX=0x100d000 Aug 27 23:43:33 zwartedoos kernel: VT-x: PAT,HLT,MTF,PAUSE,EPT,UG,VPID,VID,PostIntr Aug 27 23:43:33 zwartedoos kernel: Hypervisor: Origin = "KVMKVMKVM" Aug 27 23:43:33 zwartedoos kernel: real memory = 4294967296 (4096 MB) Aug 27 23:43:33 zwartedoos kernel: avail memory = 4097003520 (3907 MB) Aug 27 23:43:33 zwartedoos kernel: Event timer "LAPIC" quality 600 Aug 27 23:43:33 zwartedoos kernel: ACPI APIC Table: Aug 27 23:43:33 zwartedoos kernel: random: unblocking device. Aug 27 23:43:33 zwartedoos kernel: ioapic0 <Version 1.1> irqs 0-23 on motherboard Aug 27 23:43:33 zwartedoos kernel: Timecounter "TSC-low" frequency 1250033924 Hz quality 800 Aug 27 23:43:33 zwartedoos kernel: wlan: mac acl policy registered Aug 27 23:43:33 zwartedoos kernel: random: entropy device external interface Aug 27 23:43:33 zwartedoos kernel: kbd1 at kbdmux0 Aug 27 23:43:33 zwartedoos kernel: module_register_init: MOD_LOAD (vesa, 0xffffffff812907f0, 0) error 19 Aug 27 23:43:33 zwartedoos kernel: random: registering fast source Intel Secure Key RNG Aug 27 23:43:33 zwartedoos kernel: random: fast provider: "Intel Secure Key RNG" Aug 27 23:43:33 zwartedoos kernel: 000.000050 [4344] netmap_init netmap: loaded module Aug 27 23:43:33 zwartedoos kernel: [ath_hal] loaded Aug 27 23:43:33 zwartedoos kernel: nexus0 Aug 27 23:43:33 zwartedoos kernel: vtvga0: on motherboard Aug 27 23:43:33 zwartedoos kernel: cryptosoft0: on motherboard Aug 27 23:43:33 zwartedoos kernel: acpi0: on motherboard Aug 27 23:43:33 zwartedoos kernel: acpi0: Power Button (fixed) Aug 27 23:43:33 zwartedoos kernel: cpu0: on acpi0 Aug 27 23:43:33 zwartedoos kernel: atrtc0: port 0x70-0x71,0x72-0x77 irq 8 on acpi0 Aug 27 23:43:33 zwartedoos kernel: atrtc0: registered as a time-of-day clock, resolution 1.000000s Aug 27 23:43:33 zwartedoos kernel: Event timer "RTC" frequency 32768 Hz quality 0 Aug 27 23:43:33 zwartedoos kernel: Timecounter "ACPI-fast" frequency 3579545 Hz quality 900 Aug 27 23:43:33 zwartedoos kernel: acpi_timer0: <24-bit timer at 3.579545MHz> port 0x608-0x60b on acpi0 Aug 27 23:43:33 zwartedoos kernel: pcib0: port 0xcf8-0xcff on acpi0 Aug 27 23:43:33 zwartedoos kernel: pci0: on pcib0 Aug 27 23:43:33 zwartedoos kernel: isab0: at device 1.0 on pci0 Aug 27 23:43:33 zwartedoos kernel: isa0: on isab0 Aug 27 23:43:33 zwartedoos kernel: atapci0: port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xc180-0xc18f at device 1.1 on pci0 Aug 27 23:43:33 zwartedoos kernel: ata0: at channel 0 on atapci0 Aug 27 23:43:33 zwartedoos kernel: ata1: at channel 1 on atapci0 Aug 27 23:43:33 zwartedoos kernel: pci0: at device 1.3 (no driver attached) Aug 27 23:43:33 zwartedoos kernel: vgapci0: port 0xc080-0xc09f mem 0xf4000000-0xf7ffffff,0xf8000000-0xfbffffff,0xfc0d4000-0xfc0d5fff irq 10 at device 2.0 on pci0 Aug 27 23:43:33 zwartedoos kernel: vgapci0: Boot video device Aug 27 23:43:33 zwartedoos kernel: virtio_pci0: port 0xc0a0-0xc0bf mem 0xfc0d6000-0xfc0d6fff,0xfebe8000-0xfebebfff irq 11 at device 3.0 on pci0 Aug 27 23:43:33 zwartedoos kernel: vtnet0: on virtio_pci0 Aug 27 23:43:33 zwartedoos kernel: vtnet0: Ethernet address: 52:54:00:1c:e1:35 Aug 27 23:43:33 zwartedoos kernel: vtnet0: netmap queues/slots: TX 1/256, RX 1/128 Aug 27 23:43:33 zwartedoos kernel: 000.000758 [ 450] vtnet_netmap_attach vtnet attached txq=1, txd=256 rxq=1, rxd=128 Aug 27 23:43:33 zwartedoos kernel: virtio_pci1: port 0xc0c0-0xc0df mem 0xfc0d7000-0xfc0d7fff,0xfebec000-0xfebeffff irq 11 at device 4.0 on pci0 Aug 27 23:43:33 zwartedoos kernel: vtnet1: on virtio_pci1 Aug 27 23:43:33 zwartedoos kernel: vtnet1: Ethernet address: 52:54:00:3e:5a:12 Aug 27 23:43:33 zwartedoos kernel: vtnet1: netmap queues/slots: TX 1/256, RX 1/128 Aug 27 23:43:33 zwartedoos kernel: 000.000759 [ 450] vtnet_netmap_attach vtnet attached txq=1, txd=256 rxq=1, rxd=128 Aug 27 23:43:33 zwartedoos kernel: hdac0: <Intel 82801F HDA Controller> mem 0xfc0d0000-0xfc0d3fff irq 10 at device 5.0 on pci0 Aug 27 23:43:33 zwartedoos kernel: uhci0: <Intel 82801I (ICH9) USB controller> port 0xc0e0-0xc0ff irq 10 at device 6.0 on pci0 Aug 27 23:43:33 zwartedoos kernel: usbus0 on uhci0 Aug 27 23:43:33 zwartedoos kernel: uhci1: <Intel 82801I (ICH9) USB controller> port 0xc100-0xc11f irq 11 at device 6.1 on pci0 Aug 27 23:43:33 zwartedoos kernel: usbus1 on uhci1 Aug 27 23:43:33 zwartedoos kernel: uhci2: <Intel 82801I (ICH9) USB controller> port 0xc120-0xc13f irq 11 at device 6.2 on pci0 Aug 27 23:43:33 zwartedoos kernel: usbus2 on uhci2 Aug 27 23:43:33 zwartedoos kernel: ehci0: <Intel 82801I (ICH9) USB 2.0 controller> mem 0xfc0d8000-0xfc0d8fff irq 10 at device 6.7 on pci0 Aug 27 23:43:33 zwartedoos kernel: usbus3: EHCI version 1.0 Aug 27 23:43:33 zwartedoos kernel: usbus3 on ehci0 Aug 27 23:43:33 zwartedoos kernel: virtio_pci2: port 0xc000-0xc03f mem 0xfc0d9000-0xfc0d9fff,0xfebf0000-0xfebf3fff irq 11 at device 7.0 on pci0 Aug 27 23:43:33 zwartedoos kernel: virtio_pci3: port 0xc040-0xc07f mem 0xfc0da000-0xfc0dafff,0xfebf4000-0xfebf7fff irq 11 at device 8.0 on pci0 Aug 27 23:43:33 zwartedoos kernel: vtblk0: on virtio_pci3 Aug 27 23:43:33 zwartedoos kernel: vtblk0: 40960MB (83886080 512 byte sectors) Aug 27 23:43:33 zwartedoos kernel: virtio_pci4: port 0xc140-0xc15f mem 0xfebf8000-0xfebfbfff irq 10 at device 9.0 on pci0 Aug 27 23:43:33 zwartedoos kernel: vtballoon0: on virtio_pci4 Aug 27 23:43:33 zwartedoos kernel: virtio_pci5: port 0xc160-0xc17f mem 0xfc0db000-0xfc0dbfff,0xfebfc000-0xfebfffff irq 10 at device 10.0 on pci0 Aug 27 23:43:33 zwartedoos kernel: vtnet2: on virtio_pci5 Aug 27 23:43:33 zwartedoos kernel: vtnet2: Ethernet address: 52:54:00:58:e7:37 Aug 27 23:43:33 zwartedoos kernel: vtnet2: netmap queues/slots: TX 1/256, RX 1/128 Aug 27 23:43:33 zwartedoos kernel: 000.000766 [ 450] vtnet_netmap_attach vtnet attached txq=1, txd=256 rxq=1, rxd=128 Aug 27 23:43:33 zwartedoos kernel: acpi_syscontainer0: on acpi0 Aug 27 23:43:33 zwartedoos kernel: acpi_syscontainer1: port 0xaf00-0xaf0b on acpi0 Aug 27 23:43:33 zwartedoos kernel: acpi_syscontainer2: port 0xafe0-0xafe3 on acpi0 Aug 27 23:43:33 zwartedoos kernel: acpi_syscontainer3: port 0xae00-0xae13 on acpi0 Aug 27 23:43:33 zwartedoos kernel: atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0 Aug 27 23:43:33 zwartedoos kernel: atkbd0: irq 1 on atkbdc0 Aug 27 23:43:33 zwartedoos kernel: kbd0 at atkbd0 Aug 27 23:43:33 zwartedoos kernel: atkbd0: [GIANT-LOCKED] Aug 27 23:43:33 zwartedoos kernel: psm0: <PS/2 Mouse> irq 12 on atkbdc0 Aug 27 23:43:33 zwartedoos kernel: psm0: [GIANT-LOCKED] Aug 27 23:43:33 zwartedoos kernel: psm0: model IntelliMouse Explorer, device ID 4 Aug 27 23:43:33 zwartedoos kernel: fdc0: <floppy drive controller (FDE)> port 0x3f2-0x3f5,0x3f7 irq 6 drq 2 on acpi0 Aug 27 23:43:33 zwartedoos kernel: fdc0: does not respond Aug 27 23:43:33 zwartedoos kernel: device_attach: fdc0 attach returned 6 Aug 27 23:43:33 zwartedoos kernel: uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 Aug 27 23:43:33 zwartedoos kernel: orm0: at iomem 0xe9800-0xeffff pnpid ORM0000 on isa0 Aug 27 23:43:33 zwartedoos kernel: vga0: at port 0x3c0-0x3df iomem 0xa0000-0xbffff pnpid PNP0900 on isa0 Aug 27 23:43:33 zwartedoos kernel: attimer0: at port 0x40 on isa0 Aug 27 23:43:33 zwartedoos kernel: Timecounter "i8254" frequency 1193182 Hz quality 0 Aug 27 23:43:33 zwartedoos kernel: Event timer "i8254" frequency 1193182 Hz quality 100 Aug 27 23:43:33 zwartedoos kernel: fdc0: No FDOUT register! Aug 27 23:43:33 zwartedoos kernel: Timecounters tick every 10.000 msec Aug 27 23:43:33 zwartedoos kernel: hdacc0: <Generic (0x1af40022) HDA CODEC> at cad 0 on hdac0 Aug 27 23:43:33 zwartedoos kernel: hdaa0: <Generic (0x1af40022) Audio Function Group> at nid 1 on hdacc0 Aug 27 23:43:33 zwartedoos kernel: pcm0: <Generic (0x1af40022) (Analog)> at nid 3 and 5 on hdaa0 Aug 27 23:43:33 zwartedoos kernel: usbus0: 12Mbps Full Speed USB v1.0 Aug 27 23:43:33 zwartedoos kernel: usbus1: 12Mbps Full Speed USB v1.0 Aug 27 23:43:33 zwartedoos kernel: usbus2: 12Mbps Full Speed USB v1.0 Aug 27 23:43:33 zwartedoos kernel: usbus3: 480Mbps High Speed USB v2.0 Aug 27 23:43:33 zwartedoos kernel: ugen0.1: at usbus0 Aug 27 23:43:33 zwartedoos kernel: uhub0: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0 Aug 27 23:43:33 zwartedoos kernel: ugen2.1: at usbus2 Aug 27 23:43:33 zwartedoos kernel: uhub1: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus2 Aug 27 23:43:33 zwartedoos kernel: ugen1.1: at usbus1 Aug 27 23:43:33 zwartedoos kernel: uhub2: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus1 Aug 27 23:43:33 zwartedoos kernel: ugen3.1: at usbus3 Aug 27 23:43:33 zwartedoos kernel: uhub3: <Intel EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus3 Aug 27 23:43:33 zwartedoos kernel: cd0 at ata0 bus 0 scbus0 target 0 lun 0 Aug 27 23:43:33 zwartedoos kernel: cd0: <QEMU QEMU DVD-ROM 2.5+> Removable CD-ROM SCSI device Aug 27 23:43:33 zwartedoos kernel: cd0: Serial Number QM00001 Aug 27 23:43:33 zwartedoos kernel: cd0: 16.700MB/s transfers (WDMA2, ATAPI 12bytes, PIO 65534bytes) Aug 27 23:43:33 zwartedoos kernel: cd0: Attempt to query device size failed: NOT READY, Medium not present Aug 27 23:43:33 zwartedoos kernel: Trying to mount root from ufs:/dev/gpt/rootfs [rw]... Aug 27 23:43:33 zwartedoos kernel: uhub0: 2 ports with 2 removable, self powered Aug 27 23:43:33 zwartedoos kernel: uhub1: 2 ports with 2 removable, self powered Aug 27 23:43:33 zwartedoos kernel: uhub2: 2 ports with 2 removable, self powered Aug 27 23:43:33 zwartedoos kernel: uhub3: 6 ports with 6 removable, self powered Aug 27 23:43:33 zwartedoos kernel: intsmb0: irq 9 at device 1.3 on pci0 Aug 27 23:43:33 zwartedoos kernel: intsmb0: intr IRQ 9 enabled revision 0 Aug 27 23:43:33 zwartedoos kernel: smbus0: on intsmb0 Aug 27 23:43:33 zwartedoos kernel: lo0: link state changed to UP Aug 27 23:43:33 zwartedoos kernel: aesni0: <AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS> on motherboard Aug 27 23:43:33 zwartedoos syslog-ng[57940]: syslog-ng starting up; version='3.33.2' Aug 27 23:43:33 zwartedoos kernel: done. Aug 27 23:43:33 zwartedoos opnsense[54740]: plugins_configure loopback_prepare (1) Aug 27 23:43:33 zwartedoos kernel: done. Aug 27 23:43:33 zwartedoos opnsense[54740]: plugins_configure loopback_prepare (execute task : loopback_configure_interface(1)) Aug 27 23:43:33 zwartedoos opnsense[54740]: plugins_configure openvpn_prepare (1) Aug 27 23:43:33 zwartedoos opnsense[54740]: plugins_configure openvpn_prepare (execute task : openvpn_prepare(1)) Aug 27 23:43:34 zwartedoos kernel: Aug 27 23:43:34 zwartedoos kernel: tun1: changing name to 'ovpns1' Aug 27 23:43:34 zwartedoos kernel: tun3: changing name to 'ovpnc3' Aug 27 23:43:34 zwartedoos kernel: tun2: changing name to 'ovpnc2' Aug 27 23:43:34 zwartedoos kernel: tun4: changing name to 'ovpnc4' Aug 27 23:43:34 zwartedoos kernel: Aug 27 23:43:34 zwartedoos kernel: vtnet2: link state changed to UP Aug 27 23:43:34 zwartedoos kernel: Aug 27 23:43:34 zwartedoos kernel: vtnet0: link state changed to UP Aug 27 23:43:34 zwartedoos opnsense[54740]: plugins_configure openvpn_prepare (,ocvpn0) Aug 27 23:43:34 zwartedoos kernel: done. Aug 27 23:43:34 zwartedoos opnsense[54740]: plugins_configure openvpn_prepare (execute task : openvpn_prepare(,ocvpn0)) Aug 27 23:43:34 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'ocvpn0' inet6 -accept_rtadv' returned exit code '1', the output was 'ifconfig: interface ocvpn0 does not exist' Aug 27 23:43:34 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'ocvpn0' -staticarp' returned exit code '1', the output was 'ifconfig: interface ocvpn0 does not exist' Aug 27 23:43:34 zwartedoos kernel: Aug 27 23:43:34 zwartedoos kernel: vtnet1: link state changed to UP Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The command `/sbin/ifconfig 'gif0' destroy' failed to execute Aug 27 23:43:35 zwartedoos kernel: Aug 27 23:43:35 zwartedoos kernel: gif0: link state changed to UP Aug 27 23:43:35 zwartedoos kernel: done. Aug 27 23:43:35 zwartedoos kernel: gif0: link state changed to DOWN Aug 27 23:43:35 zwartedoos kernel: gif0: link state changed to UP Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: entering configure using 'opt1' Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: IPv4 default gateway set to wan Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: skipping IPv4 default route Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: IPv6 default gateway set to opt1 Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: setting IPv6 default route to 2001:666:6e:940::1 Aug 27 23:43:35 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: creating /tmp/gif0_defaultgwv6 using '2001:666:6e:940::1' Aug 27 23:43:35 zwartedoos opnsense[54740]: plugins_configure ipsec_prepare (1) Aug 27 23:43:35 zwartedoos kernel: done. Aug 27 23:43:35 zwartedoos opnsense[54740]: plugins_configure ipsec_prepare (execute task : ipsec_configure_vti(1)) Aug 27 23:43:35 zwartedoos opnsense[54740]: plugins_configure vxlan_prepare (1) Aug 27 23:43:35 zwartedoos opnsense[54740]: plugins_configure vxlan_prepare (execute task : vxlan_configure_interface(1)) Aug 27 23:43:35 zwartedoos kernel: ... Aug 27 23:43:36 zwartedoos kernel: .. Aug 27 23:43:36 zwartedoos opnsense[54740]: plugins_configure early (1) Aug 27 23:43:36 zwartedoos kernel: done. Aug 27 23:43:36 zwartedoos kernel: pflog0: permanently promiscuous mode enabled Aug 27 23:43:36 zwartedoos opnsense[54740]: plugins_configure early (execute task : openssh_configure_do(1)) Aug 27 23:43:36 zwartedoos opnsense[54740]: plugins_configure early (execute task : unbound_cache_flush(1)) Aug 27 23:43:36 zwartedoos kernel: done. Aug 27 23:43:36 zwartedoos sshd[79858]: Server listening on ::1 port 22. Aug 27 23:43:36 zwartedoos sshd[79858]: Server listening on 127.0.0.1 port 22. Aug 27 23:43:36 zwartedoos sshd[79858]: Server listening on 2001:666:6f:940::1 port 22. Aug 27 23:43:36 zwartedoos sshd[79858]: Server listening on 192.168.100.200 port 22. Aug 27 23:43:36 zwartedoos opnsense[54740]: plugins_configure early (execute task : webgui_configure_do(1)) Aug 27 23:43:36 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: entering configure using defaults Aug 27 23:43:36 zwartedoos kernel: done. Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: IPv4 default gateway set to wan Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: setting IPv4 default route to 192.168.17.1 Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: creating /tmp/vtnet1_defaultgw using '192.168.17.1' Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: IPv6 default gateway set to opt1 Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: setting IPv6 default route to 2001:666:6e:940::1 Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: ROUTING: keeping current default gateway '2001:666:6e:940::1' Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure hosts () Aug 27 23:43:37 zwartedoos kernel: done. Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure hosts (execute task : dnsmasq_hosts_generate()) Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure hosts (execute task : unbound_hosts_generate()) Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dhcp (1) Aug 27 23:43:37 zwartedoos kernel: done. Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dhcp (execute task : dhcpd_dhcp_configure(1)) Aug 27 23:43:37 zwartedoos kernel: done. Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dhcrelay (1) Aug 27 23:43:37 zwartedoos kernel: done. Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dhcrelay (execute task : dhcpd_dhcrelay_configure(1)) Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dns (1) Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dns (execute task : dnsmasq_configure_do(1)) Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure dns (execute task : unbound_configure_do(1)) Aug 27 23:43:37 zwartedoos kernel: done. Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure monitor (1) Aug 27 23:43:37 zwartedoos opnsense[54740]: plugins_configure monitor (execute task : dpinger_configure_do(1)) Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping. Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The ROBOTICT_VPNV6 monitor address is empty, skipping. Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The ROBOTICT_VPNV4 monitor address is empty, skipping. Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The CRYPKIT_VPNV6 monitor address is empty, skipping. Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The CRYPKIT_VPNV4 monitor address is empty, skipping. Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The PRIVAMED_VPNV6 monitor address is empty, skipping. Aug 27 23:43:37 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: The PRIVAMED_VPNV4 monitor address is empty, skipping. Aug 27 23:43:37 zwartedoos kernel: done. Aug 27 23:43:37 zwartedoos kernel: ... Aug 27 23:43:38 zwartedoos kernel: .. Aug 27 23:43:38 zwartedoos kernel: done. Aug 27 23:43:39 zwartedoos opnsense[54740]: plugins_configure vpn (1) Aug 27 23:43:39 zwartedoos kernel: done. Aug 27 23:43:39 zwartedoos opnsense[54740]: plugins_configure vpn (execute task : ipsec_configure_do(1)) Aug 27 23:43:41 zwartedoos opnsense[54740]: plugins_configure vpn (execute task : openvpn_configure_do(1)) Aug 27 23:43:41 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: Resyncing OpenVPN instances. Aug 27 23:43:41 zwartedoos kernel: Aug 27 23:43:41 zwartedoos kernel: ovpns1: link state changed to UP Aug 27 23:43:41 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: OpenVPN server 1 instance started on PID 67721. Aug 27 23:43:42 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: OpenVPN client 3 instance started on PID 23794. Aug 27 23:43:42 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: OpenVPN client 2 instance started on PID 73110. Aug 27 23:43:42 zwartedoos opnsense[54740]: /usr/local/etc/rc.bootup: OpenVPN client 4 instance started on PID 20933. Aug 27 23:43:42 zwartedoos opnsense[54740]: plugins_configure bootup (1) Aug 27 23:43:42 zwartedoos opnsense[54740]: plugins_configure bootup (execute task : dyndns_configure_do(1)) Aug 27 23:43:42 zwartedoos opnsense[54740]: plugins_configure bootup (execute task : ntpd_configure_do(1)) Aug 27 23:43:42 zwartedoos kernel: Aug 27 23:43:42 zwartedoos kernel: ovpnc3: link state changed to UP Aug 27 23:43:43 zwartedoos opnsense[49743]: /usr/local/etc/rc.newwanip: IP renewal deferred during boot on 'ovpns1' Aug 27 23:43:43 zwartedoos opnsense[87257]: /usr/local/etc/rc.newwanip: IP renewal deferred during boot on 'ovpnc3' Aug 27 23:43:43 zwartedoos opnsense[54740]: plugins_configure bootup (execute task : opendns_configure_do(1)) Aug 27 23:43:43 zwartedoos opnsense[54740]: plugins_configure bootup (execute task : unbound_configure_do(1)) Aug 27 23:43:43 zwartedoos kernel: done. Aug 27 23:43:43 zwartedoos kernel: Aug 27 23:43:43 zwartedoos kernel: ovpnc4: link state changed to UP Aug 27 23:43:44 zwartedoos opnsense[72167]: /usr/local/etc/rc.newwanip: IP renewal deferred during boot on 'ovpnc4' Aug 27 23:43:44 zwartedoos kernel: ovpnc2: link state changed to UP Aug 27 23:43:44 zwartedoos opnsense[667]: /usr/local/etc/rc.newwanip: IP renewal deferred during boot on 'ovpnc2' Aug 27 23:43:45 zwartedoos syslogd: exiting on signal 15 Aug 27 23:43:45 zwartedoos syslogd: kernel boot file is /boot/kernel/kernel Aug 27 23:43:46 zwartedoos syslog-ng[10069]: syslog-ng starting up; version='3.33.2' Aug 27 23:43:46 zwartedoos kernel: done. Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: IPv4 renewal is starting on 'ovpns1' Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: On (IP address: 192.168.200.1) (interface: OPENVPN[opt3]) (real interface: ovpns1). Aug 27 23:43:46 zwartedoos opnsense[55464]: plugins_configure hosts () Aug 27 23:43:46 zwartedoos opnsense[55464]: plugins_configure hosts (execute task : dnsmasq_hosts_generate()) Aug 27 23:43:46 zwartedoos opnsense[55464]: plugins_configure hosts (execute task : unbound_hosts_generate()) Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'opt3' Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv4 default route Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt1 Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route Aug 27 23:43:46 zwartedoos opnsense[55464]: plugins_configure monitor () Aug 27 23:43:46 zwartedoos opnsense[55464]: plugins_configure monitor (execute task : dpinger_configure_do()) Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping. Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV6 monitor address is empty, skipping. Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV4 monitor address is empty, skipping. Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV6 monitor address is empty, skipping. Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV4 monitor address is empty, skipping. Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV6 monitor address is empty, skipping. Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV4 monitor address is empty, skipping. Aug 27 23:43:46 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: The OPENVPN_GW monitor address is empty, skipping. Aug 27 23:43:48 zwartedoos opnsense[55464]: plugins_configure vpn (,opt3) Aug 27 23:43:48 zwartedoos opnsense[55464]: plugins_configure vpn (execute task : ipsec_configure_do(,opt3)) Aug 27 23:43:48 zwartedoos opnsense[55464]: plugins_configure vpn (execute task : openvpn_configure_do(,opt3)) Aug 27 23:43:48 zwartedoos opnsense[55464]: /usr/local/etc/rc.newwanip: Resyncing OpenVPN instances for interface OPENVPN. Aug 27 23:43:48 zwartedoos opnsense[55464]: plugins_configure newwanip (,opt3) Aug 27 23:43:48 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : dyndns_configure_do(,opt3)) Aug 27 23:43:48 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : ntpd_configure_do()) Aug 27 23:43:49 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : opendns_configure_do()) Aug 27 23:43:49 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : openssh_configure_do(,opt3)) Aug 27 23:43:49 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : unbound_configure_do(,opt3)) Aug 27 23:43:49 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : vxlan_configure_interface()) Aug 27 23:43:49 zwartedoos opnsense[55464]: plugins_configure newwanip (execute task : webgui_configure_do(,opt3)) Aug 27 23:43:50 zwartedoos kernel: OK Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: IPv4 renewal is starting on 'ovpnc3' Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: On (IP address: 10.0.8.2) (interface: CRYPKIT[opt5]) (real interface: ovpnc3). Aug 27 23:43:50 zwartedoos opnsense[90164]: plugins_configure hosts () Aug 27 23:43:50 zwartedoos opnsense[90164]: plugins_configure hosts (execute task : dnsmasq_hosts_generate()) Aug 27 23:43:50 zwartedoos opnsense[90164]: plugins_configure hosts (execute task : unbound_hosts_generate()) Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'opt5' Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv4 default route Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt1 Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route Aug 27 23:43:50 zwartedoos opnsense[90164]: plugins_configure monitor () Aug 27 23:43:50 zwartedoos opnsense[90164]: plugins_configure monitor (execute task : dpinger_configure_do()) Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping. Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV6 monitor address is empty, skipping. Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV4 monitor address is empty, skipping. Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV6 monitor address is empty, skipping. Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV4 monitor address is empty, skipping. Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV6 monitor address is empty, skipping. Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV4 monitor address is empty, skipping. Aug 27 23:43:50 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: The OPENVPN_GW monitor address is empty, skipping. Aug 27 23:43:52 zwartedoos opnsense[90164]: plugins_configure vpn (,opt5) Aug 27 23:43:52 zwartedoos opnsense[90164]: plugins_configure vpn (execute task : ipsec_configure_do(,opt5)) Aug 27 23:43:52 zwartedoos opnsense[90164]: plugins_configure vpn (execute task : openvpn_configure_do(,opt5)) Aug 27 23:43:52 zwartedoos opnsense[90164]: /usr/local/etc/rc.newwanip: Resyncing OpenVPN instances for interface CRYPKIT. Aug 27 23:43:52 zwartedoos opnsense[90164]: plugins_configure newwanip (,opt5) Aug 27 23:43:52 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : dyndns_configure_do(,opt5)) Aug 27 23:43:52 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : ntpd_configure_do()) Aug 27 23:43:55 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : opendns_configure_do()) Aug 27 23:43:55 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : openssh_configure_do(,opt5)) Aug 27 23:43:55 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : unbound_configure_do(,opt5)) Aug 27 23:43:56 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : vxlan_configure_interface()) Aug 27 23:43:56 zwartedoos opnsense[90164]: plugins_configure newwanip (execute task : webgui_configure_do(,opt5)) Aug 27 23:43:56 zwartedoos kernel: OK Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: IPv4 renewal is starting on 'ovpnc4' Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: On (IP address: 192.168.120.10) (interface: ROBOTICT[opt6]) (real interface: ovpnc4). Aug 27 23:43:56 zwartedoos opnsense[1766]: plugins_configure hosts () Aug 27 23:43:56 zwartedoos opnsense[1766]: plugins_configure hosts (execute task : dnsmasq_hosts_generate()) Aug 27 23:43:56 zwartedoos opnsense[1766]: plugins_configure hosts (execute task : unbound_hosts_generate()) Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'opt6' Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv4 default route Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt1 Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route Aug 27 23:43:56 zwartedoos opnsense[1766]: plugins_configure monitor () Aug 27 23:43:56 zwartedoos opnsense[1766]: plugins_configure monitor (execute task : dpinger_configure_do()) Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping. Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV6 monitor address is empty, skipping. Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV4 monitor address is empty, skipping. Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV6 monitor address is empty, skipping. Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV4 monitor address is empty, skipping. Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV6 monitor address is empty, skipping. Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV4 monitor address is empty, skipping. Aug 27 23:43:56 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: The OPENVPN_GW monitor address is empty, skipping. Aug 27 23:43:59 zwartedoos opnsense[1766]: plugins_configure vpn (,opt6) Aug 27 23:43:59 zwartedoos opnsense[1766]: plugins_configure vpn (execute task : ipsec_configure_do(,opt6)) Aug 27 23:43:59 zwartedoos opnsense[1766]: plugins_configure vpn (execute task : openvpn_configure_do(,opt6)) Aug 27 23:43:59 zwartedoos opnsense[1766]: /usr/local/etc/rc.newwanip: Resyncing OpenVPN instances for interface ROBOTICT. Aug 27 23:43:59 zwartedoos opnsense[1766]: plugins_configure newwanip (,opt6) Aug 27 23:43:59 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : dyndns_configure_do(,opt6)) Aug 27 23:43:59 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : ntpd_configure_do()) Aug 27 23:44:02 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : opendns_configure_do()) Aug 27 23:44:02 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : openssh_configure_do(,opt6)) Aug 27 23:44:02 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : unbound_configure_do(,opt6)) Aug 27 23:44:03 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : vxlan_configure_interface()) Aug 27 23:44:03 zwartedoos opnsense[1766]: plugins_configure newwanip (execute task : webgui_configure_do(,opt6)) Aug 27 23:44:03 zwartedoos kernel: OK Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: IPv4 renewal is starting on 'ovpnc2' Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: On (IP address: 10.1.8.6) (interface: PRIVAMED[opt4]) (real interface: ovpnc2). Aug 27 23:44:03 zwartedoos opnsense[88519]: plugins_configure hosts () Aug 27 23:44:03 zwartedoos opnsense[88519]: plugins_configure hosts (execute task : dnsmasq_hosts_generate()) Aug 27 23:44:03 zwartedoos opnsense[88519]: plugins_configure hosts (execute task : unbound_hosts_generate()) Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'opt4' Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv4 default route Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt1 Aug 27 23:44:03 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route Aug 27 23:44:04 zwartedoos opnsense[88519]: plugins_configure monitor () Aug 27 23:44:04 zwartedoos opnsense[88519]: plugins_configure monitor (execute task : dpinger_configure_do()) Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping. Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV6 monitor address is empty, skipping. Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The ROBOTICT_VPNV4 monitor address is empty, skipping. Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV6 monitor address is empty, skipping. Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The CRYPKIT_VPNV4 monitor address is empty, skipping. Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV6 monitor address is empty, skipping. Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The PRIVAMED_VPNV4 monitor address is empty, skipping. Aug 27 23:44:04 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: The OPENVPN_GW monitor address is empty, skipping. Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure vpn (,opt4) Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure vpn (execute task : ipsec_configure_do(,opt4)) Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure vpn (execute task : openvpn_configure_do(,opt4)) Aug 27 23:44:05 zwartedoos opnsense[88519]: /usr/local/etc/rc.newwanip: Resyncing OpenVPN instances for interface PRIVAMED. Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure newwanip (,opt4) Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : dyndns_configure_do(,opt4)) Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : ntpd_configure_do()) Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : opendns_configure_do()) Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : openssh_configure_do(,opt4)) Aug 27 23:44:05 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : unbound_configure_do(,opt4)) Aug 27 23:44:06 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : vxlan_configure_interface()) Aug 27 23:44:06 zwartedoos opnsense[88519]: plugins_configure newwanip (execute task : webgui_configure_do(,opt4)) Aug 27 23:44:06 zwartedoos kernel: OK Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: entering configure using defaults Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: IPv4 default gateway set to wan Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: setting IPv4 default route to 192.168.17.1 Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: keeping current default gateway '192.168.17.1' Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: IPv6 default gateway set to opt1 Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: setting IPv6 default route to 2001:666:6e:940::1 Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: ROUTING: keeping current default gateway '2001:666:6e:940::1' Aug 27 23:44:06 zwartedoos opnsense[59326]: plugins_configure monitor (1) Aug 27 23:44:06 zwartedoos opnsense[59326]: plugins_configure monitor (execute task : dpinger_configure_do(1)) Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping. Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The ROBOTICT_VPNV6 monitor address is empty, skipping. Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The ROBOTICT_VPNV4 monitor address is empty, skipping. Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The CRYPKIT_VPNV6 monitor address is empty, skipping. Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The CRYPKIT_VPNV4 monitor address is empty, skipping. Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The PRIVAMED_VPNV6 monitor address is empty, skipping. Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The PRIVAMED_VPNV4 monitor address is empty, skipping. Aug 27 23:44:06 zwartedoos opnsense[59326]: /usr/local/etc/rc.routing_configure: The OPENVPN_GW monitor address is empty, skipping. Aug 27 23:44:07 zwartedoos kernel: OK Aug 27 23:44:24 zwartedoos kernel: tun30000: link state changed to UP Aug 27 23:44:28 zwartedoos kernel: tun30000: changing name to 'ocvpn0' Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.766Z caller=node_exporter.go:178 msg="Starting node_exporter" version="(version=1.1.2, branch=release-1.1, revision=0)" Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.766Z caller=node_exporter.go:179 msg="Build context" build_context="(go=go1.16.6, user=root, date=)" Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.767Z caller=filesystem_common.go:74 collector=filesystem msg="Parsed flag --collector.filesystem.ignored-mount-points" flag=^/(dev)($|/) Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.769Z caller=filesystem_common.go:76 collector=filesystem msg="Parsed flag --collector.filesystem.ignored-fs-types" flag=^devfs$ Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:106 msg="Enabled collectors" Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=boottime Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=cpu Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=exec Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=filesystem Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=loadavg Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=meminfo Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=netdev Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=textfile Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=time Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:113 collector=uname Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.770Z caller=node_exporter.go:195 msg="Listening on" address=192.168.100.200:9100 Aug 27 23:44:30 zwartedoos node_exporter[5111]: level=info ts=2021-08-27T21:44:30.773Z caller=tls_config.go:191 msg="TLS is disabled." http2=false Aug 27 23:44:31 zwartedoos syslog-ng[10069]: syslog-ng shutting down; version='3.33.2' Aug 27 23:44:31 zwartedoos kernel: . Aug 27 23:44:31 zwartedoos syslog-ng[13396]: syslog-ng starting up; version='3.33.2' Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: entering configure using defaults Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: IPv4 default gateway set to wan Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: setting IPv4 default route to 192.168.17.1 Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: keeping current default gateway '192.168.17.1' Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: IPv6 default gateway set to opt1 Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: setting IPv6 default route to 2001:666:6e:940::1 Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: ROUTING: keeping current default gateway '2001:666:6e:940::1' Aug 27 23:44:32 zwartedoos opnsense[51926]: plugins_configure monitor (1) Aug 27 23:44:32 zwartedoos kernel: done. Aug 27 23:44:32 zwartedoos opnsense[51926]: plugins_configure monitor (execute task : dpinger_configure_do(1)) Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The HENET_IPV6_TUNNELV6 monitor address is empty, skipping. Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The ROBOTICT_VPNV6 monitor address is empty, skipping. Aug 27 23:44:32 zwartedoos kernel: done. Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The ROBOTICT_VPNV4 monitor address is empty, skipping. Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The CRYPKIT_VPNV6 monitor address is empty, skipping. Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The CRYPKIT_VPNV4 monitor address is empty, skipping. Aug 27 23:44:32 zwartedoos kernel: . Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The PRIVAMED_VPNV6 monitor address is empty, skipping. Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The PRIVAMED_VPNV4 monitor address is empty, skipping. Aug 27 23:44:32 zwartedoos opnsense[51926]: /usr/local/etc/rc.routing_configure: The OPENVPN_GW monitor address is empty, skipping. Aug 27 23:44:32 zwartedoos kernel: ... Aug 27 23:44:33 zwartedoos kernel: .. Aug 27 23:44:33 zwartedoos kernel: done. Aug 27 23:44:33 zwartedoos kernel: done. Aug 27 23:44:34 zwartedoos kernel: OK Aug 27 23:44:38 zwartedoos kernel: SHA256 16 6B C0 95 EE 09 C1 48 AD D4 F0 70 67 69 5A F5 Aug 27 23:44:38 zwartedoos kernel: SHA256 mQXzeZAqYsTVs15OIcyjBTRQ46bcGW0jv1vaUglr2cQ (ECDSA) Aug 27 23:44:38 zwartedoos kernel: SHA256 UdJv0HGBHAYLVZkfh1W5spmD4W90XSUw4OPBVzN5tFE (ED25519) Aug 27 23:44:38 zwartedoos kernel: ocvpn0: deletion failed: 3 Aug 27 23:44:38 zwartedoos kernel: ocvpn0: link state changed to DOWN Aug 27 23:44:58 zwartedoos sshd[78511]: Accepted keyboard-interactive/pam for root from 192.168.100.27 port 36348 ssh2 Aug 27 23:44:59 zwartedoos kernel: gif0: promiscuous mode enabled Aug 27 23:44:59 zwartedoos kernel: vtnet0: promiscuous mode enabled Aug 27 23:44:59 zwartedoos kernel: vtnet1: promiscuous mode enabled

mimugmail commented 3 years ago

It seems your default gateway is not available during startup so openconnect fails. Sadly it behaves a bit different than openvpn. If it fails cause if timeout, it quits and doesn't try again.

vizv commented 2 years ago

@minugmail I also have the same problem, the ocvpn0 goes down after boot.

Note I can receive Okta Push Verify for OpenConnect (AnyConnect) MFA so the connection between client and VPN server should be fine.

I also have issue that after ocvpn0 goes down I lose all my connectivity, and I found OpenConnect updates routing table using vpnc-script which changed the default gateway so I created PR #2601 to stop OpenConnect updates default gateway.

OPNsense kernel: tun30000: link state changed to UP
OPNsense kernel: tun30000: changing name to 'ocvpn0'
...
OPNsense kernel: ifa_maintain_loopback_route: deletion failed for interface ocvpn0: 3
OPNsense kernel: ocvpn0: link state changed to DOWN

I think the issue is similar to #866, but I can't figure out how to fix it

OPNsense-bot commented 1 year ago

This issue has been automatically timed-out (after 180 days of inactivity).

For more information about the policies for this repository, please read https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md for further details.

If someone wants to step up and work on this issue, just let us know, so we can reopen the issue and assign an owner to it.

Clifra-Jones commented 9 months ago

You should reopen this because it is still a problem.

  1. The gateway is up because I can log into the endpoint VPN, get 2FA push notification.
  2. I removed the >/dev/null from the service file and I can see the VPN being configured properly.
  3. Then last line in the log file is [code] ocvpn0: link state changed to DOWN [/code]

Go to system->Diagnostics->Services and start OpenConnect and it works perfectly.

I did notice that after openconnect starts the system attempts to start openvpn. Open VPN is not configured on my system, why would it try to start?

On another subject, the password for the VPN is stored in both the config and in a secrets file in CLEAR TEXT. That's not good at all! This could easily be done with openssl to encrypt the password in the secrets file.