OpenVPN connection to PIA keeps dropping with "unable to contact daemon" error
-
I'm running 2.3.3-Realease-p1. My OpenVPN connection has been dropping more and more frequently. I had to restart it twice today. When I search this probable there is no recent info on it. Is there a way to have the connection restart automatically if dropped? Or is there some way to fix this shy of doing a fresh install?
-
I'm having a similar issue. Mine restarts due to "ping-restart" and when it does, it gets an auth error and the service shuts down. Initial/manual connections are all fine, but the auto restarts all fail. Happens about every 8 hours.
Here's a log:
openvpn 16926 ioctl(TUNSIFMODE): Device busy: Device busy (errno=16) openvpn 16926 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 openvpn 16926 /sbin/ifconfig ovpnc1 10.36.10.6 10.36.10.5 mtu 1500 netmask 255.255.255.255 up openvpn 16926 /usr/local/sbin/ovpn-linkup ovpnc1 1500 1561 10.36.10.6 10.36.10.5 init openvpn 16926 /sbin/route add -net 208.167.254.111 192.168.1.1 255.255.255.255 openvpn 16926 /sbin/route add -net 0.0.0.0 10.36.10.5 128.0.0.0 openvpn 16926 /sbin/route add -net 128.0.0.0 10.36.10.5 128.0.0.0 openvpn 16926 /sbin/route add -net 10.36.10.1 10.36.10.5 255.255.255.255 openvpn 16926 Initialization Sequence Completed openvpn 16926 MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock openvpn 16926 MANAGEMENT: CMD 'state 1' openvpn 16926 MANAGEMENT: CMD 'status 2' openvpn 16926 MANAGEMENT: Client disconnected openvpn 16926 MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock openvpn 16926 MANAGEMENT: CMD 'state 1' openvpn 16926 MANAGEMENT: CMD 'status 2' openvpn 16926 MANAGEMENT: Client disconnected openvpn 16926 [280d648bae0fd4232f23a0c03abc6cd7] Inactivity timeout (--ping-restart), restarting openvpn 16926 SIGUSR1[soft,ping-restart] received, process restarting openvpn 16926 Restart pause, 2 second(s) openvpn 16926 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts openvpn 16926 Socket Buffers: R=[42080->42080] S=[57344->57344] openvpn 16926 UDPv4 link local (bound): [AF_INET]192.168.1.33 openvpn 16926 UDPv4 link remote: [AF_INET]208.167.254.45:1198 openvpn 16926 TLS: Initial packet from [AF_INET]208.167.254.45:1198, sid=05b542bf abe6867f openvpn 16926 VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, name=Private Internet Access, emailAddress=secure@privateinternetaccess.com openvpn 16926 Validating certificate key usage openvpn 16926 ++ Certificate has key usage 00a0, expects 00a0 openvpn 16926 VERIFY KU OK openvpn 16926 Validating certificate extended key usage openvpn 16926 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication openvpn 16926 VERIFY EKU OK openvpn 16926 VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=044b0ce49dedfef245eb64592438882a, name=044b0ce49dedfef245eb64592438882a openvpn 16926 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1558', remote='link-mtu 1542' openvpn 16926 WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC' openvpn 16926 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key openvpn 16926 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication openvpn 16926 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key openvpn 16926 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication openvpn 16926 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA openvpn 16926 [044b0ce49dedfef245eb64592438882a] Peer Connection Initiated with [AF_INET]208.167.254.45:1198 openvpn 16926 SENT CONTROL [044b0ce49dedfef245eb64592438882a]: 'PUSH_REQUEST' (status=1) openvpn 16926 AUTH: Received control message: AUTH_FAILED openvpn 16926 /sbin/route delete -net 10.36.10.1 10.36.10.5 255.255.255.255 openvpn 16926 /sbin/route delete -net 208.167.254.111 192.168.1.1 255.255.255.255 openvpn 16926 /sbin/route delete -net 0.0.0.0 10.36.10.5 128.0.0.0 openvpn 16926 /sbin/route delete -net 128.0.0.0 10.36.10.5 128.0.0.0 openvpn 16926 Closing TUN/TAP interface openvpn 16926 /usr/local/sbin/ovpn-linkdown ovpnc1 1500 1558 10.36.10.6 10.36.10.5 init openvpn 16926 SIGTERM[soft,auth-failure] received, process exiting
Can you check your openvpn log (under system log / openvpn) and see if you have the same issue?
I used the following guide from PIA to set it up: https://www.privateinternetaccess.com/pages/client-support/pfsense
Thanks
-
I have some of they same stuff in my error log but not all of it. I'm pretty sure that my problem is related to the pfSense loosing connection with the ISP. It would be nice to find a way to get the VPN tunnel to automatically start back up.
-
I just installed Service_Watchdog. We'll have to see if that fixes my issue.
-
I have same issue, installed service watchdog some day ago
Didnt help me :( -
I'm still having the same problem. I can't figure it out. PIA has been no help. They reset my username/password already.
-
An auth error is considered a hard failure by the OpenVPN daemon and it shuts down.
Try adding this to the custom options in the client's advanced config:
auth-retry nointeract;
Service watchdog should also work.