Jump to content
Not connected, Your IP: 3.16.203.27

Recommended Posts

Hi.

 

When connected to an AirVPN-server through a VPN-router... Are there any fixed IPs on the VPN-server that can be used to ping for monitoring the quality of the VPN connection (RRD graphs etc)? I used to be able to use 10.x.0.1 but they do not seem to respond to pings anymore. What is the correct IP to use for this purpose?

 

Kind regards,

Share this post


Link to post

Hi.

 

When connected to an AirVPN-server through a VPN-router... Are there any fixed IPs on the VPN-server that can be used to ping for monitoring the quality of the VPN connection (RRD graphs etc)? I used to be able to use 10.x.0.1 but they do not seem to respond to pings anymore. What is the correct IP to use for this purpose?

 

Kind regards,

 

You can ping the VPN default gateway address as usual.

 

Kind regards

Share this post


Link to post

 

Hi.

 

When connected to an AirVPN-server through a VPN-router... Are there any fixed IPs on the VPN-server that can be used to ping for monitoring the quality of the VPN connection (RRD graphs etc)? I used to be able to use 10.x.0.1 but they do not seem to respond to pings anymore. What is the correct IP to use for this purpose?

 

Kind regards,

 

You can ping the VPN default gateway address as usual.

 

Kind regards

 

The problem is that with each different connection the gateway IP will be different.  So, with each new connection a person must manually change the monitor IP.  We're just wishing for something that always works.

Share this post


Link to post

I started using Google's DNS server:  8.8.8.8 and Cloudflare's:  1.1.1.1 as monitoring IPs.  Seems to work really well.

 

Yes, I could do that but 1) it adds more variability to the path between me the IP I'm monitoring and 2) I pay for AirVPN so I don't mind pinging them continuously but I'd feel like I'd be abusing whatever public DNS I ping.

Share this post


Link to post

The problem is that with each different connection the gateway IP will be different.  So, with each new connection a person must manually change the monitor IP.  We're just wishing for something that always works.

 

 

Hello,

 

why can't you get the VPN gateway address at each connection and automatically use it for your purposes?

 

Kind regards

Share this post


Link to post

 

The problem is that with each different connection the gateway IP will be different.  So, with each new connection a person must manually change the monitor IP.  We're just wishing for something that always works.

 

 

Hello,

 

why can't you get the VPN gateway address at each connection and automatically use it for your purposes?

 

Kind regards

 

 

by default pfsense will monitor my end of the VPN, not the gateway.  (but, it monitors the gateway my ISP WAN properly)  I have to manually change the monitor IP.  It's a good question and something people bug pfsense devs about often.

Share this post


Link to post

by default pfsense will monitor my end of the VPN, not the gateway.  (but, it monitors the gateway my ISP WAN properly)  I have to manually change the monitor IP.  It's a good question and something people bug pfsense devs about often.

 

It should not be a problem to extract a string with the IP address of the default gateway of the tun (or whatever) interface, with something like:

 

pingip=$(ip route list dev tun0 | grep link | awk -F '/' {'print $1'} | sed 's/\.0/\.1/g')
ping $pingip

 

Fix and refine it according to your needs and pfSense nomenclature, interface names... Note that the last "sed" invocation is gross because it just replaces any ".0" with a ".1"  so it will not work if you have a gateway with a 0 octet that's not the last one.

 

Kind regards

Share this post


Link to post

 

by default pfsense will monitor my end of the VPN, not the gateway.  (but, it monitors the gateway my ISP WAN properly)  I have to manually change the monitor IP.  It's a good question and something people bug pfsense devs about often.

Not sure what is wrong on your end but my pfsense can ping the GW ip.

 

Check System > Routing > Gateways

My gateay is set to dynamic. That works no matter which IP you get.

Share this post


Link to post

by default pfsense will monitor my end of the VPN, not the gateway.  (but, it monitors the gateway my ISP WAN properly)  I have to manually change the monitor IP.  It's a good question and something people bug pfsense devs about often.

Not sure what is wrong on your end but my pfsense can ping the GW ip.

 

Check System > Routing > Gateways

My gateay is set to dynamic. That works no matter which IP you get.

 

Yes, that's how setup.  RTT for that by default is always 0.1ms because it's pinging my VPN internal IP, not the gateway.

Share this post


Link to post

MOnUtuG.jpg

 

 

Nice.  I wonder what setting is causing that.  It's obviously something other than dynamic in the gateway settings because that's how mine is set.  For your VPN interfaces what is your "ipv4 configuration type" set to?  mine is "none".

Share this post


Link to post

I'm so confused about why this sometimes works and sometimes doesn't.

I just rebooted my pfSense box and now pinging 10.4.0.1 works again.

 

@Staff - Are you guys making changes, or are we dealing with something weird in pfSense? Should we always be able to ping 10.4.0.1, or not?

Share this post


Link to post

 

MOnUtuG.jpg

 

 

Nice.  I wonder what setting is causing that.  It's obviously something other than dynamic in the gateway settings because that's how mine is set.  For your VPN interfaces what is your "ipv4 configuration type" set to?  mine is "none".

None for me too. I mainly followed the tutorial here to 99%

Share this post


Link to post

 

 

MOnUtuG.jpg

 

 

Nice.  I wonder what setting is causing that.  It's obviously something other than dynamic in the gateway settings because that's how mine is set.  For your VPN interfaces what is your "ipv4 configuration type" set to?  mine is "none".

None for me too. I mainly followed the tutorial here to 99%

 

 

we've entered the twilight zone 

Share this post


Link to post

I think I've narrowed in (slightly) on a work around.

 

Can someone having problems with this (cannot ping 10.4.0.1) try the following:

 

1: Set the monitor IP to 10.4.0.1

2: In the OpenVPN Client configuration, set it to disabled (the topmost checkbox in the client configuration)

3: Save the client config

4: Reboot pfSense 

5: Once pfSense is back up, log in, go to the OpenVPN client configuration, and uncheck the Disabled box, then save.

 

At this point, does the monitoring IP work?

 

My guess as to what is happening is that pfSense is trying to start the openvpn client before some of the other networking has finished initializing. This is resulting in an error about the TUN interface being busy (can be found in the openvpn logs). The gateway address (10.4.0.1) is then being assigned to a local interface, instead of to the ovpnc1 interface (this can be seen in the route list). At this point, pinging 10.4.0.1 doesn't work, and, additionally, I can no longer stop and restart the openvpn service in pfSense (requires a reboot).

 

If I manually start the openvpn service after boot up, everything appears to work normally.

 

Can anybody confirm that this process works for them?

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...