OpenVPN question--missing files

I’m working on an OpenVPN issue with 4.2.2 stable on a BerylAX. (the connection is made but the server is unreachable). In the course of that I noticed from the log a few scripts are missing:

Sat Jun 3 08:58:08 2023 daemon.notice netifd: ovpnclient (8461): * Running script '/etc/firewall.nat6' Sat Jun 3 08:58:08 2023 daemon.notice netifd: ovpnclient (8461): * Running script '/etc/firewall.swap_wan_in_conn_mark.sh' Sat Jun 3 08:58:08 2023 daemon.notice netifd: ovpnclient (8461): ! Skipping due to path error: No such file or directory Sat Jun 3 08:58:08 2023 daemon.notice netifd: ovpnclient (8461): * Running script '/etc/firewall.vpn_server_policy.sh' Sat Jun 3 08:58:08 2023 daemon.notice netifd: ovpnclient (8461): * Running script '/var/etc/gls2s.include' Sat Jun 3 08:58:08 2023 daemon.notice netifd: ovpnclient (8461): ! Skipping due to path error: No such file or directory Sat Jun 3 08:58:08 2023 daemon.notice netifd: ovpnclient (8461): * Running script '/usr/bin/gl_block.sh' Sat Jun 3 08:58:08 2023 user.notice mwan3[9116]: Execute ifup event on interface ovpnclient (ovpnclient) Sat Jun 3 08:58:09 2023 user.notice mwan3[9116]: Starting tracker on interface ovpnclient (ovpnclient) Sat Jun 3 08:58:10 2023 daemon.warn ovpnclient[8461]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Sat Jun 3 08:58:10 2023 daemon.notice ovpnclient[8461]: Initialization Sequence Completed Sat Jun 3 08:58:10 2023 user.notice firewall: Reloading firewall due to ifup of ovpnclient (ovpnclient)"

/var/etc/gls2s.include and /firewall.swap_wan_in_conn_mark.sh are indeed missing. Is that important?

These files are missing in 4.2.3r1 beta as well. I don’t know if it is related to my problem, which is that I can make an ovpn connection to my server, but no traffic flows. That sounds like a routing issue to me, and maybe because these files are missing.

Should not be related to the issue you encounter.

Is it only DNS query fail or the internet connection totally not reachable?
How about using the same config file with OpenVPN connect app?

The server is at 192.168.50.1, and when I go directly to that, its web interface isn’t available. I also cant SSH into the server. True whether I am using Auto Detect or Global Proxy.

With other devices, the ovpn configuration file works just fine.

I tested with upgrade to version 4.2.3 release1. The firewall.swap_wan_in_conn_mark.sh file will be there. Could we start anydesk session for a check?

You are right, that file is in 4.2.3r1; the other one is missing.

It seems to be working if I turn IP masquerading on. Not sure why.

IP masquerading is required if the OpenVPN server side doesn’t have a route to BerylAX’s clients.

Interesting. This had worked before, but my server was recently upgraded to 2.6.3 and some options are removed. I speculate this is on the server side, and I’ll investigate.

Thanks.

1 Like