After upgrading from 182 to 183 I noticed that there is no OpenVPN connection anymore. The updated machine is an OpenVPN client which connects to an office.
Therefore the local ovpn server is not running.
Strange is, that all according logs are completely empty!
Connection and status control show a red “DISCONNECTED” state.
Without any logs it’s hard to find a cause. HDD has enough space ans system health is fine.
Does anyone has a hint?
That sounds very strange. My Net to Net OpenVPN connections worked fine with CU183 and are still working fine with CU184 Testing.
If you untick the enable/disable checkbox and then tick it again, there are no N2N logs created in IPFire?
I just tried that with one of my N2N connections and I got lots of logs. I would at least expect to see the logs from the IPFire end being disabled/enabled trying to make a connection.
Also you say that the box is showing a red DISCONNECTED status. When my N2N connections are disabled they show up as a blue DISCONNECTED status.
I will have to look up what the red colouring means for the status.
EDIT:
The red colouring for the N2N connection status means that the “client” end attempted a connection to the “server” end and got no reply back.
Definitely try disabling and then enabling that N2N connection. Doing that should create logs on your “client” machine for it setting itself up and trying to make the connection
.
My hint: check for a possible libssl version mismatch, I have problems with freeradius not starting because of this (13590 – Freeradius not starting: libssl version mismatch).
This issue here is openvpn not freeradius.
Openvpn is a core program and so is shipped every Core Update together with openssl so any openssl version update will be linked correctly with openvpn.
The issue with freeradius is that it is an addon and therefore it needs to be recognised, remembered etc that freeradius is linked to openssl and when openssl is updated to also increment the freradius addon version number and ship the freeradius addon with the core update.
Yeah, got it. I was wondering if openvpn was probably also linked to the wrong libssl version.
I just checked on my openvpn server on Core Update 183 and it is linked and running with openssl-3.2.1
Thanks a lot for looking into it and taking the time.
The wrong SSL lib was my first thought, too, but this is too obvious. 
Disable/Enable the N2N connection was the first I did. Disable is no problem, status gets blue, enable makes the site hang until a gateway timeout.
The strange thing is, that there are not log entries, not a single line of VPN messages in /var/log/messages after the 183er update.
By the way, the “reboot” cmd doesn’t work either, it just hangs and does not reboot the system.
I think, it’s time to reinstall that box.
That sounds like something very wrong occurred during the update.
It might be worth keeping a copy of the Core Update 183 log to see what occurred during the update before you do the fresh install.
Hi,
I also get OpenVPN problems running core 183.
After upgrade all seems fine. Existing OpenVPN configuration works.
But !!! trying to build a new root/host certificate, ipfire reports error 256 with some log entries of problems in libssl
Same issue if I install 183 from scratch. Impossible to build the host certificate. (same installation steps as with core 182)
For now, I reinstalled 182 which solves the problem.
system: ipfire on raspberry pi4
This is covered in another post from today.
https://community.ipfire.org/t/openvpn-fails-to-generate-server-certificate/11128
I dont know, if it helps, but in my case the error was caused by the next 2 lines in the config file:
auth-token-user USER
auth-token TOTP
After deleting both lines, and restarting the service the connection was established without any issues.