wunderbar 26 Posted ... Hi. When connected to an AirVPN-server through a VPN-router... Are there any fixed IPs on the VPN-server that can be used to ping for monitoring the quality of the VPN connection (RRD graphs etc)? I used to be able to use 10.x.0.1 but they do not seem to respond to pings anymore. What is the correct IP to use for this purpose? Kind regards, Quote Share this post Link to post
go558a83nk 362 Posted ... Yep, since 10.4.0.1 isn't pingable anymore there's nothing that just works anymore. Good question. Quote Share this post Link to post
Staff 9971 Posted ... Hi. When connected to an AirVPN-server through a VPN-router... Are there any fixed IPs on the VPN-server that can be used to ping for monitoring the quality of the VPN connection (RRD graphs etc)? I used to be able to use 10.x.0.1 but they do not seem to respond to pings anymore. What is the correct IP to use for this purpose? Kind regards, You can ping the VPN default gateway address as usual. Kind regards Quote Share this post Link to post
go558a83nk 362 Posted ... Hi. When connected to an AirVPN-server through a VPN-router... Are there any fixed IPs on the VPN-server that can be used to ping for monitoring the quality of the VPN connection (RRD graphs etc)? I used to be able to use 10.x.0.1 but they do not seem to respond to pings anymore. What is the correct IP to use for this purpose? Kind regards, You can ping the VPN default gateway address as usual. Kind regards The problem is that with each different connection the gateway IP will be different. So, with each new connection a person must manually change the monitor IP. We're just wishing for something that always works. Quote Share this post Link to post
ableounceony 6 Posted ... I started using Google's DNS server: 8.8.8.8 and Cloudflare's: 1.1.1.1 as monitoring IPs. Seems to work really well. Quote Share this post Link to post
go558a83nk 362 Posted ... I started using Google's DNS server: 8.8.8.8 and Cloudflare's: 1.1.1.1 as monitoring IPs. Seems to work really well. Yes, I could do that but 1) it adds more variability to the path between me the IP I'm monitoring and 2) I pay for AirVPN so I don't mind pinging them continuously but I'd feel like I'd be abusing whatever public DNS I ping. Quote Share this post Link to post
Staff 9971 Posted ... The problem is that with each different connection the gateway IP will be different. So, with each new connection a person must manually change the monitor IP. We're just wishing for something that always works. Hello, why can't you get the VPN gateway address at each connection and automatically use it for your purposes? Kind regards Quote Share this post Link to post
go558a83nk 362 Posted ... The problem is that with each different connection the gateway IP will be different. So, with each new connection a person must manually change the monitor IP. We're just wishing for something that always works. Hello, why can't you get the VPN gateway address at each connection and automatically use it for your purposes? Kind regards by default pfsense will monitor my end of the VPN, not the gateway. (but, it monitors the gateway my ISP WAN properly) I have to manually change the monitor IP. It's a good question and something people bug pfsense devs about often. Quote Share this post Link to post
Staff 9971 Posted ... by default pfsense will monitor my end of the VPN, not the gateway. (but, it monitors the gateway my ISP WAN properly) I have to manually change the monitor IP. It's a good question and something people bug pfsense devs about often. It should not be a problem to extract a string with the IP address of the default gateway of the tun (or whatever) interface, with something like: pingip=$(ip route list dev tun0 | grep link | awk -F '/' {'print $1'} | sed 's/\.0/\.1/g') ping $pingip Fix and refine it according to your needs and pfSense nomenclature, interface names... Note that the last "sed" invocation is gross because it just replaces any ".0" with a ".1" so it will not work if you have a gateway with a 0 octet that's not the last one. Kind regards 1 go558a83nk reacted to this Quote Share this post Link to post
Judas4all 3 Posted ... by default pfsense will monitor my end of the VPN, not the gateway. (but, it monitors the gateway my ISP WAN properly) I have to manually change the monitor IP. It's a good question and something people bug pfsense devs about often.Not sure what is wrong on your end but my pfsense can ping the GW ip. Check System > Routing > GatewaysMy gateay is set to dynamic. That works no matter which IP you get. Quote Share this post Link to post
go558a83nk 362 Posted ... by default pfsense will monitor my end of the VPN, not the gateway. (but, it monitors the gateway my ISP WAN properly) I have to manually change the monitor IP. It's a good question and something people bug pfsense devs about often.Not sure what is wrong on your end but my pfsense can ping the GW ip. Check System > Routing > GatewaysMy gateay is set to dynamic. That works no matter which IP you get. Yes, that's how setup. RTT for that by default is always 0.1ms because it's pinging my VPN internal IP, not the gateway. Quote Share this post Link to post
go558a83nk 362 Posted ... Nice. I wonder what setting is causing that. It's obviously something other than dynamic in the gateway settings because that's how mine is set. For your VPN interfaces what is your "ipv4 configuration type" set to? mine is "none". Quote Share this post Link to post
MrFricken 1 Posted ... I'm so confused about why this sometimes works and sometimes doesn't.I just rebooted my pfSense box and now pinging 10.4.0.1 works again. @Staff - Are you guys making changes, or are we dealing with something weird in pfSense? Should we always be able to ping 10.4.0.1, or not? Quote Share this post Link to post
Judas4all 3 Posted ... Nice. I wonder what setting is causing that. It's obviously something other than dynamic in the gateway settings because that's how mine is set. For your VPN interfaces what is your "ipv4 configuration type" set to? mine is "none".None for me too. I mainly followed the tutorial here to 99% Quote Share this post Link to post
go558a83nk 362 Posted ... Nice. I wonder what setting is causing that. It's obviously something other than dynamic in the gateway settings because that's how mine is set. For your VPN interfaces what is your "ipv4 configuration type" set to? mine is "none".None for me too. I mainly followed the tutorial here to 99% we've entered the twilight zone Quote Share this post Link to post
MrFricken 1 Posted ... I think I've narrowed in (slightly) on a work around. Can someone having problems with this (cannot ping 10.4.0.1) try the following: 1: Set the monitor IP to 10.4.0.12: In the OpenVPN Client configuration, set it to disabled (the topmost checkbox in the client configuration)3: Save the client config4: Reboot pfSense 5: Once pfSense is back up, log in, go to the OpenVPN client configuration, and uncheck the Disabled box, then save. At this point, does the monitoring IP work? My guess as to what is happening is that pfSense is trying to start the openvpn client before some of the other networking has finished initializing. This is resulting in an error about the TUN interface being busy (can be found in the openvpn logs). The gateway address (10.4.0.1) is then being assigned to a local interface, instead of to the ovpnc1 interface (this can be seen in the route list). At this point, pinging 10.4.0.1 doesn't work, and, additionally, I can no longer stop and restart the openvpn service in pfSense (requires a reboot). If I manually start the openvpn service after boot up, everything appears to work normally. Can anybody confirm that this process works for them? Quote Share this post Link to post
Not connected, Your IP: 13.58.200.16
Online: 25335 users - 299417 Mbit/s total BW