Strange behaviour of OpenVPN on ubuntu 22.04 (at least)

Dear all,

Following my question on a supposed issue of the NFS server (NFS compatibility kodi/libnfs) I made some tests.
I changed the SD card and the NFS works like a charm on local network. However it still does not work over OpenVPN.

I investigated on my laptop (ubuntu 22.04 LTS) openvpn 2.5.5 with openSSL 3.0.2
If I use the VPN connection from the gnome-openvpn pluging on which I imported the .zip file from the openvpn WUI of IPfire, everything works, NFS,ssh,…
However if I use the exact same file Iimported in gnome plugin for openvpn, nothing works except the ping. I can ping ipfire, but no ssh, no nfs. I was wondering why this strange behaviour. It is not ever a new configuration file.

I then tried with the “new” configuration zip downloaded from WUI of IpFire and still does not work

What I have notice is the routes are different:
With the command line sudo openvpn --config blabla.ovpn I got

Table de routage IP du noyau
Destination     Passerelle      Genmask         Indic Metric Ref    Use Iface
default         _gateway        0.0.0.0         UG    0      0        0 wlp0s20f3
default         _gateway        0.0.0.0         UG    600    0        0 wlp0s20f3
10.210.130.0    10.210.130.33   255.255.255.0   UG    0      0        0 tun0
10.210.130.33   0.0.0.0         255.255.255.255 UH    0      0        0 tun0
10.210.131.0    10.210.130.33   255.255.255.0   UG    0      0        0 tun0
10.210.132.0    10.210.130.33   255.255.255.0   UG    0      0        0 tun0
link-local      0.0.0.0         255.255.0.0     U     1000   0        0 wlp0s20f3
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
192.168.0.0     0.0.0.0         255.255.255.0   U     600    0        0 wlp0s20f3
192.168.10.0    10.210.130.33   255.255.255.0   UG    0      0        0 tun0
192.168.30.0    10.210.130.33   255.255.255.0   UG    0      0        0 tun0

Whereas with the gnome plugin I got

Table de routage IP du noyau
Destination     Passerelle      Genmask         Indic Metric Ref    Use Iface
default         _gateway        0.0.0.0         UG    0      0        0 wlp0s20f3
default         _gateway        0.0.0.0         UG    50     0        0 tun0
default         _gateway        0.0.0.0         UG    600    0        0 wlp0s20f3
10.210.130.0    _gateway        255.255.255.0   UG    50     0        0 tun0
_gateway        0.0.0.0         255.255.255.255 UH    50     0        0 tun0
10.210.131.0    _gateway        255.255.255.0   UG    50     0        0 tun0
10.210.132.0    _gateway        255.255.255.0   UG    50     0        0 tun0
abordeaux-257-1 _gateway        255.255.255.255 UGH   50     0        0 wlp0s20f3
link-local      0.0.0.0         255.255.0.0     U     1000   0        0 wlp0s20f3
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
192.168.0.0     0.0.0.0         255.255.255.0   U     600    0        0 wlp0s20f3
_gateway        0.0.0.0         255.255.255.255 UH    50     0        0 wlp0s20f3
192.168.10.0    _gateway        255.255.255.0   UG    50     0        0 tun0
192.168.30.0    _gateway        255.255.255.0   UG    50     0        0 tun0

I hope this is not a problem to post the subnets. 10.210.X.X are openvpn subnets and 192.168.X are ipfire local networks.

As I am not an expert, now it is hard for me to figure out what could be the probleme. Does it come from my ubuntu ? or from openvpn ?

Funny fact, if I connect from the gnome plugin, then disconnect and reconnect very quicly with the command line, it works ! The route might not have been removed or updated I guess.

Thanks you

Well I got it working by removing all options added for OTP

auth-token-user USER
auth-token TOTP
auth-retry interact

and removing

mssfix 0

Now NFS works fine ! even with all SD card

I am not surprised that all your problems were due to a failing SD card. In my experience your 3/4 years of normal activity is some sort of record. Failure happens much more frequently even if you limit the writing cycles using a ram disk.