spotcatbug
Dabbler
- Joined
- Nov 6, 2017
- Messages
- 43
I had a working OpenVPN iocage jail. It stopped working. Unfortunately, I hadn't used the VPN in a while (a couple of months), so I don't know exactly when it stopped working - that is, I'm not sure what I did to make it break. I've been spending a lot of time on this. I need help! Please.
What does "stopped working" mean? I couldn't connect the VPN on my iPhone (attempting to connect to the server timed-out). I discovered that the jail had no networking. It failed the ping test. After much fiddling ping works and I can connect to the server from the client (my iPhone on the cell network, will connect to the OpenVPN server on my LAN). However, even though the connection looks good and established, I can't connect to anything on my LAN through the VPN.
I remember having this issue when I first set-up the jail. Same symptoms: connection looked good but no traffic through the VPN. Turned out I needed a static route on my router to send the VPN subnet (10.8.0.0/24) traffic to the OpenVPN server (10.0.1.52/24). I added that static route to my home router and that fixed it. Not this time, though. The static route is there still. I tried removing it and putting it back, in case the router was having an issue - no change.
I'm guessing there's some other networking issue at play, but I'm not good enough at this to know what that is. I'm hoping somebody looking at my ifconfig listings might see a problem or have ideas.
host ifconfig:
OpenVPN jail ifconfig:
Anything else I should supply?
Thanks for any help.
What does "stopped working" mean? I couldn't connect the VPN on my iPhone (attempting to connect to the server timed-out). I discovered that the jail had no networking. It failed the ping test. After much fiddling ping works and I can connect to the server from the client (my iPhone on the cell network, will connect to the OpenVPN server on my LAN). However, even though the connection looks good and established, I can't connect to anything on my LAN through the VPN.
I remember having this issue when I first set-up the jail. Same symptoms: connection looked good but no traffic through the VPN. Turned out I needed a static route on my router to send the VPN subnet (10.8.0.0/24) traffic to the OpenVPN server (10.0.1.52/24). I added that static route to my home router and that fixed it. Not this time, though. The static route is there still. I tried removing it and putting it back, in case the router was having an issue - no change.
I'm guessing there's some other networking issue at play, but I'm not good enough at this to know what that is. I'm hoping somebody looking at my ifconfig listings might see a problem or have ideas.
host ifconfig:
igb0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM>
ether d0:50:99:c2:f0:1f
hwaddr d0:50:99:c2:f0:1f
nd6 options=9<PERFORMNUD,IFDISABLED>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=98<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether d0:50:99:c2:f0:1f
hwaddr d0:50:99:c2:f0:20
nd6 options=9<PERFORMNUD,IFDISABLED>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
lagg0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=98<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether d0:50:99:c2:f0:1f
inet 10.0.1.114 netmask 0xffffff00 broadcast 10.0.1.255
inet 10.0.1.63 netmask 0xffffff00 broadcast 10.0.1.255
nd6 options=9<PERFORMNUD,IFDISABLED>
media: Ethernet autoselect
status: active
groups: lagg
laggproto loadbalance lagghash l2,l3,l4
laggport: igb0 flags=4<ACTIVE>
laggport: em0 flags=4<ACTIVE>
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:81:c5:8a:b2:00
nd6 options=1<PERFORMNUD>
groups: bridge
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
bridge1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:81:c5:8a:b2:01
nd6 options=9<PERFORMNUD,IFDISABLED>
groups: bridge
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: vnet0:5 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 6 priority 128 path cost 2000
member: epair2a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 9 priority 128 path cost 2000
member: epair1a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 8 priority 128 path cost 2000
member: lagg0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 4 priority 128 path cost 10000
epair1a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:9d:50:00:08:0a
hwaddr 02:9d:50:00:08:0a
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
epair2a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:9d:50:00:09:0a
hwaddr 02:9d:50:00:09:0a
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
vnet0:5: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: associated with jail: OpenVPN
options=8<VLAN_MTU>
ether 02:ff:60:9b:c8:7f
hwaddr 02:9d:50:00:06:0a
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
OpenVPN jail ifconfig:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:60:9b:c8:80
hwaddr 02:9d:a0:00:0a:0b
inet 10.0.1.52 netmask 0xffffff00 broadcast 10.0.1.255
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet 10.8.0.1 --> 10.8.0.2 netmask 0xffffffff
nd6 options=1<PERFORMNUD>
groups: tun
Anything else I should supply?
Thanks for any help.