Thank you for the suggestion Chris. This installation is indeed running 2.1.3. Going to try that soon and will report back.
Holger 2014-07-01 22:10 GMT+02:00 Chris Buechler <c...@pfsense.com>: > > > > On Tue, Jul 1, 2014 at 1:37 AM, Holger Bauer <holger.ba...@gmail.com> > wrote: > >> Hi, >> >> I'm experiencing OpenVPN-server-restarts, when clients use one of our >> WAN-links heavily. This WAN is only used for open-vpnm-clients to tunnel >> in. However, it also acts as failover wan if our other wans go down. Now if >> a client for example starts downloading an ISO through the tunnel apinger >> will trigger an alert which then causes the open-vpn-server to be restarted >> which of course kicks off all users. After everybody has been kicked and >> the delay causing traffic is gone apinger puts the link back in service >> after a few seconds. >> >> This configuration worked for a long time without issues when using >> pfSense 2.0.3, however when upgrading to 2.1.x it all started. >> > > Guessing you must be on a pre-2.1.4 version, looks like it's detecting an > IP change when none really occurred. Upgrade to 2.1.4 and that should fix > it. > > > > >> Things I have tried so far without luck: >> - Playing around with Gatewaymonitoring-Options (raising delay, package >> loss, disabling gatewaymonitoring) >> - Tried to give priority to icmp on that wan (but I guess that only works >> for traffic going through the pfsense and not originating from the pfsense >> itself) >> >> Any recommendations what to try next? Or is this a bug that can be fixed? >> >> >> Some Systemlogs: >> >> Gatwaylog: >> Jun 30 15:20:59 apinger: ALARM: GW_OPT11(x.x.x.x) *** delay *** Jun 30 >> 15:21:21 apinger: alarm canceled: GW_OPT11(x.x.x.x) *** delay *** >> Systemlog: >> Jun 30 15:21:09 check_reload_status: updating dyndns GW_OPT11 Jun 30 >> 15:21:09 check_reload_status: Restarting ipsec tunnels Jun 30 15:21:09 >> check_reload_status: >> Restarting OpenVPN tunnels/interfaces Jun 30 15:21:09 check_reload_status: >> Reloading filter Jun 30 15:21:11 php: rc.openvpn: OpenVPN: One or more >> OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that >> may use GW_OPT11. >> >> >> >> >> >> >> >> >> Regards >> Holger >> >> _______________________________________________ >> List mailing list >> List@lists.pfsense.org >> https://lists.pfsense.org/mailman/listinfo/list >> > > > _______________________________________________ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list >
_______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
