Randomly occuring iptables chain problemoccurring

Post Reply
hookprocess
OpenVpn Newbie
Posts: 6
Joined: Wed Nov 16, 2016 1:17 pm

Randomly occuring iptables chain problemoccurring

Post by hookprocess » Sun Sep 24, 2017 10:58 pm

OS: Debian GNU/Linux 8.9 (jessie)
Access Server version: 2.1.12

What seems to be occurring randomly for a few of our users is that they lose a chain record in iptables for some reason.
Only happens to users with static IP set.

openvpnas.log looks legit, static IP is set correctly:
USER-A_AUTOLOGIN/EXT_IP:6200 MULTI: Learn: 172.30.20.10 -> USER-A_AUTOLOGIN/EXT_IP:6200'
USER-A_AUTOLOGIN/EXT_IP:6200 MULTI: primary virtual IP for USER-A_AUTOLOGIN/EXT_IP:6200: 172.30.20.10'

but from iptables:
$ sudo iptables -vnL | grep USER-A
Chain AS0_U_USER-A_IN (0 references)

Here is the output from a user that is NOT affected:
$ sudo iptables -vnL | grep USER-B
174 19518 AS0_U_USER-B_IN all -- * * 172.30.20.11 0.0.0.0/0
Chain AS0_U_USER-B_IN (1 references)

I did a reboot of the whole server, which fixed it:
$ sudo iptables -vnL | grep USER-A
0 0 AS0_U_USER-A_IN all -- * * 172.30.20.10 0.0.0.0/0
Chain AS0_U_USER-A_IN (1 references)


Feels like a logical error.

novaflash
OpenVPN Expert
Posts: 492
Joined: Fri Apr 13, 2012 8:43 pm

Re: Randomly occuring iptables chain problemoccurring

Post by novaflash » Mon Sep 25, 2017 9:02 am

I suggest you contact the support ticket system and lay out your configuration there. Also be absolutely sure you are really using the installer package that is meant for your OS, and not for example for Ubuntu or perhaps Debian 7 or such.

Post Reply