Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OPENVPN Drops connection

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      chrisguk
      last edited by

      I have OPENVPN Client running on my pfsense.  Everything seems to work great, I have the routing/interface/firewall rules and NAT setup as per the default instructions.

      My gateway for my LAN is 172.22.22.1 which is also my pfsense IP address (naturally)  I have called the VPN connection:

      MYVPN

      Now to my issue.  As many know already, OpenVPN can sometimes loose connection for reasons unknown.  This happens to me periodically.  I have been scouting the great WWW to find a solution, but can't seem to find anything that suits my needs.  I stumbled on failover and another post that some guy wrote a PHP script.  Neither of these I really understand that much to be honest.

      So my question is.  Is failover the solution to monitoring my traffic and switching over the connection upon fail.  Or is there a more robust package that can take care of this issue.

      I will ask though, if some kind ladies or gents do reply, can you please give baby steps so that I understand what it is I need to do exactly.

      Many thanks in advance. ???

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        Post more information so we can help:
        a) What is the server end? (another pfSense, an OpenVPN provider…)
        b) How do you specify the server end? (a DNS name, a static IP address...)
        c) What sort of failures do you see? (is it trying to reconnect every minute, but not succeeding, or has the OpenVPN client process died completely... - OpenVN logs)
        d) OpenVPN client conf file
        e) What type of physical internet connection do you have? and do you see any packet loss (e.g. on gateway monitor)?
        f) Anything else you think might be interesting about your setup.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • C
          chrisguk
          last edited by

          Sorry for the late reply.  I have been bogged down with work.

          So here are my answers:

          a) What is the server end? (another pfSense, an OpenVPN provider…)

          OpenVPN provider

          b) How do you specify the server end? (a DNS name, a static IP address…)

          DNS name

          c) What sort of failures do you see? (is it trying to reconnect every minute, but not succeeding, or has the OpenVPN client process died completely… - OpenVN logs)

          openvpn[12214]: RESOLVE: Cannot resolve host address:

          d) OpenVPN client conf file

           [color] 

 <openvpn><openvpn-client><vpnid>1</vpnid>
			<protocol>UDP</protocol>
			<dev_mode>tun</dev_mode>
			 <ipaddr><interface>wan</interface>
			 <local_port><server_addr>vpn.myvpnprovider.com</server_addr>
			<server_port>1194</server_port>
			 <resolve_retry><proxy_addr><proxy_port><proxy_authtype>none</proxy_authtype>
			 <proxy_user><proxy_passwd><mode>p2p_tls</mode>
			<custom_options>auth-user-pass /etc/openvpn-passwd.txt;persist-tun;keepalive 10 60;</custom_options>
			<caref>5186a2372a50b</caref>
			<certref>5186a29ecfa1d</certref>
			<crypto>BF-CBC</crypto>
			<engine>none</engine>
			 <tunnel_network><remote_network><use_shaper><compression>yes</compression>
			 <passtos></passtos></use_shaper></remote_network></tunnel_network></proxy_passwd></proxy_user></proxy_port></proxy_addr></resolve_retry></local_port></ipaddr></openvpn-client> 

[/color]</openvpn>

          e) What type of physical internet connection do you have? and do you see any packet loss (e.g. on gateway monitor)?

          ADSL2 and no packet loss

          f) Anything else you think might be interesting about your setup.

          I have an interface setup as VPN and the routes setup accordingly.  Also I am using NAT to pass all LAN traffic through the VPN interface

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.