Vpn gateways suddenly broken without me changing anything

VPN
1

i’ve had a few different nordvpn gateways configured in pfsense for literally a few years, and they’ve worked perfectly until recently.

today i noticed that a few of my clients that are connected to those gateways can’t access the internet. logged onto the pfsense GUI and noticed that the three gateways are all showing the same virtual IP (which i don’t believe was the case before, i could be wrong but i remember them all being different). they’re also now all showing as offline after i rebooted the router, even though the openvpn tunnel is up for all three of them.

even if i stop the tunnel for two of the three, even the one that’s left doesn’t work. this was flawless until recently (i just noticed today that it’s broken but i have no idea when it stopped working as i’m not checking those clients daily - lesson learned, definitely will figure out a monitoring solution now).

can anyone assist? i haven’t changed anything on the router and i’m at a loss as to what happened…

edit: this seems to be an issue with my ISP and several DNS providers. i cannot ping cloudflare nor google nor quad9 dns. issues all over my network unless i route things through nord.

edit2: this isn’t (at least not entirely) a DNS issue.

i have one of the gateways checking 1.1.1.1 for monitoring, the second checks 8.8.8.8, and the third checks 9.9.9.9. cloudflare has been in and out all morning, google and quad9 have been down for the past two hours or so.

if i disable the other two gateways, i can get the one that uses cloudflare working. as soon as i enable two or all three of them, they all stop working. not sure if the single virtual IP has anything to do with it, but i vaguely remember that always being different for each gateway.

in fact, now they’re all showing as online even though i have the tunnel disconnected for 2 of the 3. something extremely strange is going on and i have no idea what it is.

if anyone can assist, i’d be grateful. i am out of ideas. this all worked flawlessly until either today or at least very recently, and i haven’t made any changes.

2

There is a thread today on the patchmanagement.org mailing list about the April WU updates breaking VPN? It’s not listed as a known issue on the KBs I viewed though.

I’m getting an error when replying, will try without the paste.

3

Yup…windows update issue. This is happening across multiple VPN platforms

4

I noticed that over a week ago, two Nord gateways, the same virtual IP.
However, both are working, but I had to mark one of them as always up.

5

The info had a list but is basically Windows 10/11 21H2 and later, or Server 2008 and later.

6

actually i’m still on 2.5.2. sad i know but i haven’t updated in forever…been meaning to upgrade to a more powerful box and do a clean install and just haven’t gotten to it.

7

i’m not running windows…

8

well since it was just asked :slight_smile: see https://www.reddit.com/r/PFSENSE/comments/1chwru8/upgrade_from_252_to_270/

9

thanks! any idea what would have borked the vpn as is on 2.5.2 though until i get a chance to do the upgrade? i’m at a complete loss, it was just working perfectly until now it isn’t, without any changes on my end.

10

Other than my comment about Windows Updates, no.

Though I see I was in “patch mode” and “WU” was perhaps not an obvious acronym.

11

meh, i’m on a mac anyway so windows updates are irrelevant. plus this is all within the router, i have the different nord servers set up as different gateways and then i route various machines on the network across one or the other depending what i’m trying to do…windows isn’t involved here at all.