The webconfig/access_log is full with redirection requests (307) to ibVPN app such as the following:

192.168.0.145 - - [22/Oct/2017:01:06:59 +0300] "GET /app/ibvpn HTTP/1.1" 307 - "https://server.local:81/app/log_viewer/index" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36"

I upgraded a virtual clearOS 7.3 installation earlier today to 7.4 and the ibVPN app stopped working there also.

Could anyone please confirm this issue in 7.4 by going to Network -> VPN -> ibVPN and see if the app's page loads or not?

Thank you.

Hi Mansoor,
The devs are aware and are actively investigating. No ETA for a fix yet.

Thank you Nick for the feedback.

Mansoor wrote:

ibVPN app stopped working inside webconfig after upgrading my clearOS community server to version 7.4. I rebooted the server and uninstalled/reinstalled the app, but still the app's page isn't working.

Visiting the page https://server.local:81/app/ibvpn hangs the Chrome browser for a while the results in the following error page:

This page isn’t working

server.local redirected you too many times.

Try clearing your cookies.

ERR_TOO_MANY_REDIRECTS

EDIT: this issue is related to the ibVPN App in the ClearOS' WebConfig. It has nothing to do with service provided by ibVPN company. The issue is about the app's page not loading in the webconfig.

The issue has been fixed in version 1.2.1. You can update to the latest version using the following command:

# yum update --enablerepo=clearos-updates-testing app-ibvpn

Darryl Sokoloski wrote:

The issue has been fixed in version 1.2.1. You can update to the latest version using the following command:

# yum update --enablerepo=clearos-updates-testing app-ibvpn

Nothing found to update.

[root@server ~]# yum update --enablerepo=clearos-updates-testing app-ibvpn

Loaded plugins: clearcenter-marketplace, fastestmirror

ClearCenter Marketplace: fetching repositories...

Loading mirror speeds from cached hostfile

 * clearos: mirror1-amsterdam.clearos.com

 * clearos-centos: download3.clearsdn.com

 * clearos-centos-sclo-rh: download3.clearsdn.com

 * clearos-centos-updates: download3.clearsdn.com

 * clearos-contribs: mirror1-amsterdam.clearos.com

 * clearos-epel: download3.clearsdn.com

 * clearos-fast-updates: download3.clearsdn.com

 * clearos-infra: mirror1-amsterdam.clearos.com

 * clearos-updates: mirror1-amsterdam.clearos.com

 * clearos-updates-testing: mirror1-amsterdam.clearos.com

 * private-clearcenter-dnsthingy: download1.clearsdn.com:80

 * private-clearcenter-dyndns: download4.clearsdn.com:80

 * private-clearcenter-plex: download2.clearsdn.com:80

No packages marked for update

It has sync'd up to my mirror now but I found it in clearos-contribs-testing.

yum update --enablerepo=clearos-contribs-testing app-ibvpn

You may have to wait a bit longer. Just keep trying.

Thank you Nick. I found it in clearos-contribs-testing.

The app's page is accessible now from within webconfig now, but the service cannot be started! The "Status" remains "Stopped" after clicking on Start button. I tried to look for some log files for this app to see what's going on, but couldn't find any.

You may well find the startup logs in /var/log/massages or /var/log/system.

Also, try going to the command line, then stop and restart the service manually and check its status with:

systemctl stop|start|status ibvpn.service

Let's see what Darryl says when he drops by.

Ok, I found some logs in /var/log/system. It seems the system is trying to restart the ibvpn service every 5 minutes:

Nov  2 02:30:34 srv servicewatch: restarting ibvpn

Nov  2 02:35:01 srv servicewatch: sanity checking ibvpn

Nov  2 02:35:33 srv servicewatch: restarting ibvpn

Nov  2 02:40:01 srv servicewatch: sanity checking ibvpn

Nov  2 02:40:34 srv servicewatch: restarting ibvpn

Nov  2 02:45:02 srv servicewatch: sanity checking ibvpn

Nov  2 02:45:34 srv servicewatch: restarting ibvpn

Nov  2 02:50:02 srv servicewatch: sanity checking ibvpn

Nov  2 02:50:34 srv servicewatch: restarting ibvpn

Nov  2 02:55:01 srv servicewatch: sanity checking ibvpn

Nov  2 02:55:34 srv servicewatch: restarting ibvpn

The service status reports the following:

[root@srv ~]# systemctl status ibvpn.service

● ibvpn.service - ibVPN Service

   Loaded: loaded (/usr/lib/systemd/system/ibvpn.service; enabled; vendor preset: disabled)

   Active: failed (Result: start-limit) since Thu 2017-11-02 02:56:07 +03; 21s ago

  Process: 32543 ExecStopPost=/usr/libexec/ibvpn/ibvpn-exec-post.sh (code=exited, status=0/SUCCESS)

  Process: 32540 ExecStart=/usr/sbin/ibvpn --daemon ibvpn --config ${IBVPN_CONFIG} --cd ${IBVPN_CD} --local ${IBVPN_WANIP} --lport ${IBVPN_PORT} (code=exited, status=0/SUCCESS)

  Process: 32527 ExecStartPre=/usr/libexec/ibvpn/ibvpn-exec-pre.sh (code=exited, status=0/SUCCESS)

 Main PID: 32541 (code=exited, status=1/FAILURE)



Nov 02 02:56:06 srv systemd[1]: Unit ibvpn.service entered failed state.

Nov 02 02:56:06 srv systemd[1]: ibvpn.service failed.

Nov 02 02:56:07 srv systemd[1]: ibvpn.service holdoff time over, scheduling restart.

Nov 02 02:56:07 srv systemd[1]: start request repeated too quickly for ibvpn.service

Nov 02 02:56:07 srv systemd[1]: Failed to start ibVPN Service.

Nov 02 02:56:07 srv systemd[1]: Unit ibvpn.service entered failed state.

Nov 02 02:56:07 srv systemd[1]: ibvpn.service failed.

Problem persists. Any ETA on resolution?

To anyone experiencing issues with the ibVPN app for ClearOS; try the following:

Under Server Location, select Edit. Then verify the ibVPN Server is correct and click Update (always click on Update even if it is correct so a new configuration file is generated). Click on Start. The service should remain running... if not, please post the output frrom the following command:

# grep ibvpn /var/log/messages | tail -n 40

Still not working. Here is the log output:

Nov  6 19:41:29 serverd ibvpn[8988]: library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06

Nov  6 19:41:29 serverd ibvpn[8989]: WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.

Nov  6 19:41:29 serverd ibvpn[8989]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Nov  6 19:41:29 serverd ibvpn[8989]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1420)

Nov  6 19:41:29 serverd ibvpn[8989]: RESOLVE: Cannot resolve host address: :1190 (Name or service not known)

Nov  6 19:41:29 serverd ibvpn[8989]: Exiting due to fatal error

Nov  6 19:41:29 serverd systemd: ibvpn.service: main process exited, code=exited, status=1/FAILURE

Nov  6 19:41:29 serverd systemd: Unit ibvpn.service entered failed state.

Nov  6 19:41:29 serverd systemd: ibvpn.service failed.

Nov  6 19:41:29 serverd systemd: ibvpn.service holdoff time over, scheduling restart.

Nov  6 19:41:29 serverd ibvpn-exec-pre.sh: Command line is not complete. Try option "help"

Nov  6 19:41:29 serverd ibvpn[9009]: DEPRECATED OPTION: --max-routes option ignored.The number of routes is unlimited as of version 2.4. This option will be removed in a future version, please remove it from your configuration.

Nov  6 19:41:29 serverd ibvpn[9009]: OpenVPN 2.4.3 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 21 2017

Nov  6 19:41:29 serverd ibvpn[9009]: library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06

Nov  6 19:41:29 serverd systemd: PID file /var/run/ibvpn/ibvpn.pid not readable (yet?) after start.

Nov  6 19:41:29 serverd ibvpn[9010]: WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.

Nov  6 19:41:29 serverd ibvpn[9010]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Nov  6 19:41:29 serverd ibvpn[9010]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1420)

Nov  6 19:41:29 serverd ibvpn[9010]: RESOLVE: Cannot resolve host address: :1190 (Name or service not known)

Nov  6 19:41:29 serverd ibvpn[9010]: Exiting due to fatal error

Nov  6 19:41:29 serverd systemd: ibvpn.service: main process exited, code=exited, status=1/FAILURE

Nov  6 19:41:29 serverd systemd: Unit ibvpn.service entered failed state.

Nov  6 19:41:29 serverd systemd: ibvpn.service failed.

Nov  6 19:41:29 serverd systemd: ibvpn.service holdoff time over, scheduling restart.

Nov  6 19:41:29 serverd ibvpn-exec-pre.sh: Command line is not complete. Try option "help"

Nov  6 19:41:29 serverd ibvpn[9030]: DEPRECATED OPTION: --max-routes option ignored.The number of routes is unlimited as of version 2.4. This option will be removed in a future version, please remove it from your configuration.

Nov  6 19:41:29 serverd ibvpn[9030]: OpenVPN 2.4.3 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 21 2017

Nov  6 19:41:29 serverd ibvpn[9030]: library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06

Nov  6 19:41:29 serverd ibvpn[9031]: WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.

Nov  6 19:41:29 serverd ibvpn[9031]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Nov  6 19:41:29 serverd ibvpn[9031]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1420)

Nov  6 19:41:29 serverd ibvpn[9031]: RESOLVE: Cannot resolve host address: :1190 (Name or service not known)

Nov  6 19:41:29 serverd ibvpn[9031]: Exiting due to fatal error

Nov  6 19:41:29 serverd systemd: ibvpn.service: main process exited, code=exited, status=1/FAILURE

Nov  6 19:41:29 serverd systemd: Unit ibvpn.service entered failed state.

Nov  6 19:41:29 serverd systemd: ibvpn.service failed.

Nov  6 19:41:29 serverd systemd: ibvpn.service holdoff time over, scheduling restart.

Nov  6 19:41:30 serverd systemd: start request repeated too quickly for ibvpn.service

Nov  6 19:41:30 serverd systemd: Unit ibvpn.service entered failed state.

Nov  6 19:41:30 serverd systemd: ibvpn.service failed.

Thank you.

There was bug introduced with the addition of MultiWAN support. For those with only one external interface (most of us), the external interface was not being set resulting in an error from OpenVPN. I have fixed the bug and submitted a new build to the build system. The version is 1.2.2. The update will take several hours to propagate to our mirror servers. Anyone experiencing issues can wait to upgrade to the latest version and follow my previous steps:

Under Server Location, select Edit. Then verify the ibVPN Server is correct and click Update (always click on Update even if it is correct so a new configuration file is generated). Click on Start.

Or if you would prefer to get going now, you can simply edit /etc/clearos/ibvpn.conf and add the name of your external network interface to the line:

external_interface=""

(This key should NOT be empty -- that is a bug!)

Start/restart ibVPN:

# systemctl restart ibvpn.service

Great! Version 1.2.2 fixed it. Thank you.

Problem persists. I have a new install and ibvpn never worked. Once installed, there is no way to configure, as clicking the link in the navigation pane post install gives you the “too many redirects” error in the browser.

I manually edited the conf file.

Service status output:
ibvpn.service: control process exited, code=exited status=1
Nov 07 08:48:52 gateway.starwars.co.za systemd[1]: Failed to start ibVPN Service.
Nov 07 08:48:52 gateway.starwars.co.za systemd[1]: Unit ibvpn.service entered failed state.
Nov 07 08:48:52 gateway.starwars.co.za systemd[1]: ibvpn.service failed.
Nov 07 08:48:53 gateway.starwars.co.za systemd[1]: ibvpn.service holdoff time over, scheduling restart.
Nov 07 08:48:53 gateway.starwars.co.za systemd[1]: start request repeated too quickly for ibvpn.service
Nov 07 08:48:53 gateway.starwars.co.za systemd[1]: Failed to start ibVPN Service.
Nov 07 08:48:53 gateway.starwars.co.za systemd[1]: Unit ibvpn.service entered failed state.
Nov 07 08:48:53 gateway.starwars.co.za systemd[1]: ibvpn.service failed.

From log:
Nov 7 07:16:20 gateway ibvpn-exec-pre.sh: Can not start ibVPN, not configured.
Nov 7 07:16:20 gateway systemd: ibvpn.service: control process exited, code=exited status=1
Nov 7 07:16:20 gateway systemd: Unit ibvpn.service entered failed state.
Nov 7 07:16:20 gateway systemd: ibvpn.service failed.
Nov 7 07:16:20 gateway systemd: ibvpn.service holdoff time over, scheduling restart.
Nov 7 07:16:20 gateway systemd: start request repeated too quickly for ibvpn.service
Nov 7 07:16:20 gateway systemd: Unit ibvpn.service entered failed state.
Nov 7 07:16:20 gateway systemd: ibvpn.service failed.
Nov 7 08:41:29 gateway yum[3634]: Erased: 1:app-ibvpn-1.2.0-1.v7.noarch
Nov 7 08:41:30 gateway yum[3634]: Erased: 1:app-ibvpn-core-1.2.0-1.v7.noarch
Nov 7 08:45:45 gateway yum[5221]: Installed: 1:app-ibvpn-core-1.2.0-1.v7.noarch
Nov 7 08:45:45 gateway yum[5221]: Installed: 1:app-ibvpn-1.2.0-1.v7.noarch
Nov 7 08:48:51 gateway ibvpn-exec-pre.sh: Can not start ibVPN, not configured.
Nov 7 08:48:51 gateway systemd: ibvpn.service: control process exited, code=exited status=1
Nov 7 08:48:51 gateway systemd: Unit ibvpn.service entered failed state.
Nov 7 08:48:51 gateway systemd: ibvpn.service failed.
Nov 7 08:48:52 gateway systemd: ibvpn.service holdoff time over, scheduling restart.
Nov 7 08:48:52 gateway ibvpn-exec-pre.sh: Can not start ibVPN, not configured.
Nov 7 08:48:52 gateway systemd: ibvpn.service: control process exited, code=exited status=1
Nov 7 08:48:52 gateway systemd: Unit ibvpn.service entered failed state.
Nov 7 08:48:52 gateway systemd: ibvpn.service failed.
Nov 7 08:48:52 gateway systemd: ibvpn.service holdoff time over, scheduling restart.
Nov 7 08:48:52 gateway ibvpn-exec-pre.sh: Can not start ibVPN, not configured.
Nov 7 08:48:52 gateway systemd: ibvpn.service: control process exited, code=exited status=1
Nov 7 08:48:52 gateway systemd: Unit ibvpn.service entered failed state.
Nov 7 08:48:52 gateway systemd: ibvpn.service failed.
Nov 7 08:48:52 gateway systemd: ibvpn.service holdoff time over, scheduling restart.
Nov 7 08:48:52 gateway ibvpn-exec-pre.sh: Can not start ibVPN, not configured.
Nov 7 08:48:52 gateway systemd: ibvpn.service: control process exited, code=exited status=1
Nov 7 08:48:52 gateway systemd: Unit ibvpn.service entered failed state.
Nov 7 08:48:52 gateway systemd: ibvpn.service failed.
Nov 7 08:48:52 gateway systemd: ibvpn.service holdoff time over, scheduling restart.
Nov 7 08:48:52 gateway ibvpn-exec-pre.sh: Can not start ibVPN, not configured.
Nov 7 08:48:52 gateway systemd: ibvpn.service: control process exited, code=exited status=1
Nov 7 08:48:52 gateway systemd: Unit ibvpn.service entered failed state.
Nov 7 08:48:52 gateway systemd: ibvpn.service failed.
Nov 7 08:48:53 gateway systemd: ibvpn.service holdoff time over, scheduling restart.
Nov 7 08:48:53 gateway systemd: start request repeated too quickly for ibvpn.service
Nov 7 08:48:53 gateway systemd: Unit ibvpn.service entered failed state.
Nov 7 08:48:53 gateway systemd: ibvpn.service failed.

@Brent,
You are not updating to the latest 1.2.2 version which is in clearos-contribs-testing:

yum update app-ibvpn --enablerepo=clearos-contribs-testing

Nick Howitt wrote:

@Brent,
You are not updating to the latest 1.2.2 version which is in clearos-contribs-testing:

yum update app-ibvpn --enablerepo=clearos-contribs-testing

@Nick, thank you, I missed that, working now

Using the the Contributed-Testing repo worked prior to the current 7.4 full update. At this time iBVP shows running but nothing routing through. I have removed previous installation & reinstalled same version of app-iBVPn 1.2.3-1 V7 only current available version at this time but nothing works. Outside of manually configuring the configuration file which does not work well with the security side. Has a new solution been provided??

Daniel p wrote:

Using the the Contributed-Testing repo worked prior to the current 7.4 full update. At this time iBVP shows running but nothing routing through. I have removed previous installation & reinstalled same version of app-iBVPn 1.2.3-1 V7 only current available version at this time but nothing works. Outside of manually configuring the configuration file which does not work well with the security side. Has a new solution been provided??

Daniel,

While ibVPN is running, can you check these two things:

# grep ibvpn /var/log/messages

# ip rule ls

The first will show you the log file for the ibVPN (openvpn) service. Does it appear that the tunnel is up and running?

The second will show you the routing rules as per your ibVPN configuration. You should see the IP address(es) of all hosts that are configured to use ibVPN -- specifically all lines ending with "table 20" will use the ibVPN routing table 20:

# ip route ls table 20

Here you should have a list of local routes for your LAN plus a default route that is using the remote side of the ibVPN tunnel.

Darryl Sokoloski,

All requested commands output::

Using the the Contributed-Testing repo worked prior to the current 7.4 full update. At this time iBVP shows running but nothing routing through. I have removed previous installation & reinstalled same version of app-iBVPn 1.2.3-1 V7 only current available version at this time but nothing works. Outside of manually configuring the configuration file which does not work well with the security side. Has a new solution been provided??

Daniel,

While ibVPN is running, can you check these two things:

# grep ibvpn /var/log/messages

# ip rule ls

The first will show you the log file for the ibVPN (openvpn) service. Does it appear that the tunnel is up and running?

The second will show you the routing rules as per your ibVPN configuration. You should see the IP address(es) of all hosts that are configured to use ibVPN -- specifically all lines ending with "table 20" will use the ibVPN routing table 20:

# ip route ls table 20

Here you should have a list of local routes for your LAN plus a default route that is using the remote side of the ibVPN tunnel.

grep ibvpn /var/log/messages: OUTPUT

grep ibvpn /var/log/messagesDec 23 19:51:34 gateway webconfig: Redirecting to /bin/systemctl start ibvpn.service
Dec 23 19:51:34 gateway ibvpn[5841]: DEPRECATED OPTION: --max-routes option ignored.The number of routes is unlimited as of OpenVPN 2.4. This option will be removed in a future version, please remove it from your configu
Dec 23 19:51:34 gateway ibvpn[5841]: OpenVPN 2.4.4 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 26 2017
Dec 23 19:51:34 gateway ibvpn[5841]: library versions: OpenSSL 1.0.2k-fips 26 Jan 2017, LZO 2.06
Dec 23 19:51:34 gateway systemd: PID file /var/run/ibvpn/ibvpn.pid not readable (yet?) after start.
Dec 23 19:51:34 gateway ibvpn[5842]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Dec 23 19:51:34 gateway ibvpn[5842]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 23 19:51:34 gateway ibvpn[5842]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1420)
Dec 23 19:51:34 gateway ibvpn[5842]: TCP/UDP: Preserving recently used remote address: [AF_INET]198.105.254.130:1194
Dec 23 19:51:34 gateway ibvpn[5842]: Socket Buffers: R=[229376->229376] S=[229376->229376]
Dec 23 19:51:34 gateway ibvpn[5842]: UDP link local (bound): [AF_INET]10.0.10.6:1190
Dec 23 19:51:34 gateway ibvpn[5842]: UDP link remote: [AF_INET]198.105.254.130:1194

**Wants OpenVPN 2.4 removed but its required per the installation package requirement**

# ip rule ls
0: from all lookup local
20: from 178.32.145.121 lookup 20
32766: from all lookup main
32767: from all lookup default

#ip route ls table 20
default via x.x.x.1 dev ibvpn
x.x.x.0/24 dev enp7s9 proto kernel scope link src x.x.x.6
x.x.x.0/24 dev ibvpn proto kernel scope link src x.x.x.2
x.x.x.0/24 dev enp63s0 proto kernel scope link src x.x.x.15

@Daniel, routing through the VPN takes sometime to start. Just keep checking your remote IP with https://www.xmyip.com for example until you see the ibVPN IP.

@Darryl, lately I cannot connect to most USA servers! I updated the servers list many times, but it just refused to connect to USA servers (except Atlanta's). The European servers are fine. I tried to connect to USA servers using the ibVPN app for macOS from my laptop and it worked well.

Mansoor wrote:

@Daniel, routing through the VPN takes sometime to start. Just keep checking your remote IP with https://www.xmyip.com for example until you see the ibVPN IP.

@Darryl, lately I cannot connect to most USA servers! I updated the servers list many times, but it just refused to connect to USA servers (except Atlanta's). The European servers are fine. I tried to connect to USA servers using the ibVPN app and it worked well.

Masoor:

The VPN service has never taken this long to activate a connection, specially if different connecting servers are tried but nothing routes. I don't need a website to check my remote IP connection when any site can easily tell me my IP. The service all together on 7.4 update fails no matter what is done on the recent ClearOS version.
As for the output I provided that is all the output I get continuously obtain no matter what connecting server is chosen / only local IP server IP shows when I test my connection.

Version 1.2.3-1 v7 worked prior to upgrading to ClearOS 7.4. That version specifically solved the too many tries, etc. error from before without a problem, but since the actual upgrade to 7.4 nothing has worked. I also took the extra step of doing a fresh system install to make sure nothing else was causing the problem, at this point nothing has corrected the IbVPN service routing issue.

@Daniel, it makes it a little difficult to diagnose when you munge your IP addresses. I've also fixed the "quote" tags in your post and please can you use "code" tags (the piece of paper icon with a <> on it) for all system output.

Are you by any chance using the proxy?

Nick Howitt wrote:

@Daniel, it makes it a little difficult to diagnose when you munge your IP addresses. I've also fixed the "quote" tags in your post and please can you use "code" tags (the piece of paper icon with a <> on it) for all system output.

Are you by any chance using the proxy?

No Proxy being used, IbVPn program through ClearOS - as for the IP's the only part the IP's were X's out were on the 0/24 in , though & out - on the the logs it shows the ips's being used.
IBvpn only seems to work after updates are applied to the system - speedtest shows the connection but if change connection location stop & restart the service it no longer routes. Rebooting the system does nothing either, as noted before a fresh install does nothing either.
I understand this program is an add-on but look at how many people are reporting the same issue, its not a coincidence that this started happening from the last change. If users are now having to expose the system to untested contributed REPO just to get the system barely up & then since the 7.4 full upgrade nothing works due to multiple users are reporting this issue. Its a clear indication the issue is across the board.

ibVPN just stopped working on the server. The logs show some error with TLS as can be seen in the following:

[root@gateway ~]# grep ibvpn /var/log/messages

Feb 17 06:56:41 gateway ibvpn[7959]: Restart pause, 10 second(s)

Feb 17 06:56:51 gateway ibvpn[7959]: WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.

Feb 17 06:56:51 gateway ibvpn[7959]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Feb 17 06:56:51 gateway ibvpn[7959]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1420)

Feb 17 06:56:51 gateway ibvpn[7959]: TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:443

Feb 17 06:56:51 gateway ibvpn[7959]: Socket Buffers: R=[229376->229376] S=[229376->229376]

Feb 17 06:56:51 gateway ibvpn[7959]: UDP link local (bound): [AF_INET]192.168.1.2:1190

Feb 17 06:56:51 gateway ibvpn[7959]: UDP link remote: [AF_INET]xxx.xxx.xxx.xxx:443

Feb 17 06:57:51 gateway ibvpn[7959]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

Feb 17 06:57:51 gateway ibvpn[7959]: TLS Error: TLS handshake failed

Feb 17 06:57:51 gateway ibvpn[7959]: SIGUSR1[soft,tls-error] received, process restarting

Feb 17 06:57:51 gateway ibvpn[7959]: Restart pause, 10 second(s)

[root@gateway ~]# ip rule ls

0:	from all lookup local

20:	from 192.168.0.10 lookup 20

20:	from 192.168.0.241 lookup 20

32766:	from all lookup main

32767:	from all lookup default

# ip route ls table 20 returns nothing.

UPDATE: if I add 'local <server ip>' to /etc/clearos/ibvpn.d/ibvpn.ovpn then the app can connect to the selected ibVPN server but no traffic is forwarded via the link (clients timeout).

Are the developers EVER going to fix the issues with this addon app.?? It has been over 5 months the issues was reported, app service is not free after all!

There is an update available in clearos-contribs-testing which you are welcome to try:

yum update app-ibvpn --enablerepo=clearos-contribs-testing

It was put there on Tuesday. Feedback would be welcome.

We are back to iBVPN not routing again since 7.5 update, same as 7.4 issue. Is development team aware?

I used both the original included in the installation (did not work) then upgraded version on contributes installs, also does not route or connect.

Daniel,

Can you give us some info on the errors in the logs. There were some bug fixes that resolved this but if it is still down for you we need to reproduce and replicate the error. So I need to either affirm in your logs that it is the same or see what is different.

I've already apprised the lead dev on this at ClearCenter so he will look for your reply in this thread.

Thanks for reporting your issue.