pfSense openvpn client auto reconnect

Look like pfSense doesn’t  reconnect to VPN server when disconnect. Administrators need to reconnect/restart openVPN client service manually. This so annoying task. To solve this problem  we have to add some script do that things for us.

Shell into pfSense console

ssh [email protected]ur.pfSense

Create shell script for ping test to VPN gateway and reconnect when fail

#!/usr/bin/env sh

if /sbin/ping -c 3 {private.vpn.gateway.ip}; then
    # Success, Nothing to do
    exit 0
else
    # Fail, Reconnect VPN
    /usr/local/sbin/pfSsh.php playback svc restart openvpn client {your openVPN client id}
fi

exit 1

Note: You will see opvnVPN client id in pfSense openVPN client config files like this /var/etc/openvpn/client{ID}.conf then use ID into script

Add cronjob for auto run script

crontab -e

*/5 * * * * /root/chkOvpn.sh > /dev/null
โซเชียล

Kawin Viriyaprasopsook

System administrator at Zercle Technology Co., Ltd.
System admin กากๆ
รักในการเล่นเกม
ชอบดู Anime ญี่ปุ่น
โซเชียล

6 Replies to “pfSense openvpn client auto reconnect”

  1. Exactly what I needed. I have one service that mysteriously goes down sometimes. Thank you so much for sharing!

  2. Thanks for the snippet! This works for OPNSense to restart the OpenVPN client.

    #!/usr/bin/env sh
    VPNSRCIP=”$(/sbin/ifconfig ovpnc1 | grep ‘inet ‘ | cut -f1 -d ‘-‘ | awk ‘{ print $2}’)”
    if /sbin/ping -S “${VPNSRCIP}” -c 3 1.0.0.1; then
    # Success, Nothing to do
    exit 0
    else
    # Fail, Reconnect VPN
    configctl openvpn reload
    fi

    exit 1

  3. Thanks for the snippet! This code works for OPNSense and pings the gateway address, restarting the OpenVPN service if no connection. It should work with PFSense as well with your snippet!

    #!/usr/bin/env sh
    VPNSRCIP=”$(/sbin/ifconfig ovpnc1 | grep ‘inet ‘ | cut -f1 -d ‘-‘ | awk ‘{ print $2}’)”
    VPNGWIP=”$(/sbin/ifconfig ovpnc1 | grep ‘inet ‘ | cut -d ‘ ‘ -f 4)”
    if /sbin/ping -S “${VPNSRCIP}” -c 3 “${VPNGWIP}”; then
    # Success, Nothing to do
    exit 0
    else
    # Fail, Reconnect VPN
    configctl openvpn reload
    fi

    exit 1

  4. thanks for the snippet.

    in my case (PFSense 2.4.3) the id was different ..

    Note: You will see opvnVPN client id on address bar in pfSense openVPN client edit page like this https://your.pfSense.ip/vpn_openvpn_client.php?act=edit&id=0 then use id + 1 into script
    would give id = 1 .. but it turned out to be id = 3

    this id=3 i could find in the dashboard below the services tab ..
    the services were :
    openvpn
    openvpn_2
    openvpn_3

    and i needed to restart the 3rd of them..

Leave a Reply