Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Servers restarts continuously

    Scheduled Pinned Locked Moved OpenVPN
    10 Posts 4 Posters 4.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cristofer1989
      last edited by

      Hello.
      I have been using OpenVPN in pfsense for 2 years without any problem.
      Yesterday suddenly all my users started getting disconnected every 2 minutes.
      I saw the logs and I notice that the process restarts every few minutes, so I activated the verbose and there is the log:

      Jun 14 15:54:14 openvpn[93227]: Initialization Sequence Completed
      Jun 14 15:54:14 openvpn[93227]: TCPv4_SERVER link remote: [undef]
      Jun 14 15:54:14 openvpn[93227]: TCPv4_SERVER link local (bound): [AF_INET]XXX.XXX.XXX.XXX:443
      Jun 14 15:54:14 openvpn[93227]: Listening for incoming TCP connection on [AF_INET]XXX.XXX.XXX.XXX:443
      Jun 14 15:54:14 openvpn[92139]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
      Jun 14 15:54:14 openvpn[92139]: /sbin/ifconfig ovpns1 10.1.1.1 10.1.1.2 mtu 1500 netmask 255.255.255.255 up
      Jun 14 15:54:14 openvpn[92139]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Jun 14 15:54:14 openvpn[92139]: TUN/TAP device /dev/tun1 opened
      Jun 14 15:54:14 openvpn[92139]: TUN/TAP device ovpns1 exists previously, keep at program end
      Jun 14 15:54:14 openvpn[92139]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
      Jun 14 15:54:14 openvpn[92139]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
      Jun 14 15:54:14 openvpn[92139]: OpenVPN 2.3.2 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014
      Jun 14 15:54:14 openvpn[40411]: SIGTERM[hard,] received, process exiting
      Jun 14 15:54:14 openvpn[40411]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
      Jun 14 15:36:00 openvpn[40411]: USER/XXX.XXX.XXX.XXX:12816 Connection reset, restarting [0]
      Jun 14 15:35:32 openvpn[40411]: USER/XXX.XXX.XXX.XXX:12816 send_push_reply(): safe_cap=940
      Jun 14 15:35:30 openvpn[40411]: USER/XXX.XXX.XXX.XXX:12816 MULTI_sva: pool returned IPv4=10.1.1.6, IPv6=(Not enabled)
      Jun 14 15:35:30 openvpn[40411]: XXX.XXX.XXX.XXX:12816 [movil] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:12816
      Jun 14 15:35:30 openvpn: user 'USER' authenticated
      Jun 14 15:35:25 openvpn[40411]: TCP connection established with [AF_INET]XXX.XXX.XXX.XXX:12816
      Jun 14 15:27:47 openvpn[40411]: Initialization Sequence Completed
      Jun 14 15:27:47 openvpn[40411]: TCPv4_SERVER link remote: [undef]
      Jun 14 15:27:47 openvpn[40411]: TCPv4_SERVER link local (bound): [AF_INET]XXX.XXX.XXX.XXX:443
      Jun 14 15:27:47 openvpn[40411]: Listening for incoming TCP connection on [AF_INET]XXX.XXX.XXX.XXX:443
      Jun 14 15:27:47 openvpn[39793]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
      Jun 14 15:27:47 openvpn[39793]: /sbin/ifconfig ovpns1 10.1.1.1 10.1.1.2 mtu 1500 netmask 255.255.255.255 up
      Jun 14 15:27:47 openvpn[39793]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Jun 14 15:27:47 openvpn[39793]: TUN/TAP device /dev/tun1 opened
      Jun 14 15:27:47 openvpn[39793]: TUN/TAP device ovpns1 exists previously, keep at program end
      Jun 14 15:27:47 openvpn[39793]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
      Jun 14 15:27:47 openvpn[39793]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
      Jun 14 15:27:47 openvpn[39793]: OpenVPN 2.3.2 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014
      Jun 14 15:27:47 openvpn[87330]: SIGTERM[hard,] received, process exiting
      Jun 14 15:27:47 openvpn[87330]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
      Jun 14 15:27:47 openvpn[87330]: Closing TUN/TAP interface
      Jun 14 15:27:47 openvpn[87330]: /sbin/route delete -net 10.1.1.0 10.1.1.2 255.255.255.0
      Jun 14 15:27:47 openvpn[87330]: TCP/UDP: Closing socke

      It keeps restarting even without any user conected to it.
      Anyone know what's the problem???

      Here the verbose log:

      Jun 14 15:16:18 openvpn[87330]: Initialization Sequence Completed
      Jun 14 15:16:18 openvpn[87330]: MULTI: TCP INIT maxclients=20 maxevents=24
      Jun 14 15:16:18 openvpn[87330]: IFCONFIG POOL: base=10.1.1.4 size=62, ipv6=0
      Jun 14 15:16:18 openvpn[87330]: MULTI: multi_init called, r=256 v=256
      Jun 14 15:16:18 openvpn[87330]: TCPv4_SERVER link remote: [undef]
      Jun 14 15:16:18 openvpn[87330]: TCPv4_SERVER link local (bound): [AF_INET]XXX.XXX.XXX.XXX:443
      Jun 14 15:16:18 openvpn[87330]: Listening for incoming TCP connection on [AF_INET]XXX.XXX.XXX.XXX:443
      Jun 14 15:16:18 openvpn[85634]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
      Jun 14 15:16:18 openvpn[85634]: /sbin/route add -net 10.1.1.0 10.1.1.2 255.255.255.0
      Jun 14 15:16:18 openvpn[85634]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
      Jun 14 15:16:18 openvpn[85634]: /sbin/ifconfig ovpns1 10.1.1.1 10.1.1.2 mtu 1500 netmask 255.255.255.255 up
      Jun 14 15:16:18 openvpn[85634]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Jun 14 15:16:18 openvpn[85634]: TUN/TAP device /dev/tun1 opened
      Jun 14 15:16:18 openvpn[85634]: TUN/TAP device ovpns1 exists previously, keep at program end
      Jun 14 15:16:18 openvpn[85634]: ROUTE_GATEWAY XXX.XXX.XXX.XXX
      Jun 14 15:16:18 openvpn[85634]: Socket Buffers: R=[65228->65536] S=[65228->65536]
      Jun 14 15:16:18 openvpn[85634]: TLS-Auth MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
      Jun 14 15:16:18 openvpn[85634]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
      Jun 14 15:16:18 openvpn[85634]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
      Jun 14 15:16:18 openvpn[85634]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
      Jun 14 15:16:18 openvpn[85634]: Diffie-Hellman initialized with 1024 bit key
      Jun 14 15:16:18 openvpn[85634]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
      Jun 14 15:16:18 openvpn[85634]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/server1.sock
      Jun 14 15:16:18 openvpn[85634]: OpenVPN 2.3.2 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014
      Jun 14 15:16:18 openvpn[85634]: auth_user_pass_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: pull = DISABLED
      Jun 14 15:16:18 openvpn[85634]: client = DISABLED
      Jun 14 15:16:18 openvpn[85634]: port_share_port = 0
      Jun 14 15:16:18 openvpn[85634]: port_share_host = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: auth_user_pass_verify_script_via_file = DISABLED
      Jun 14 15:16:18 openvpn[85634]: auth_user_pass_verify_script = '/var/etc/openvpn/server1.php'
      Jun 14 15:16:18 openvpn[85634]: max_routes_per_client = 256
      Jun 14 15:16:18 openvpn[85634]: max_clients = 20
      Jun 14 15:16:18 openvpn[85634]: cf_per = 0
      Jun 14 15:16:18 openvpn[85634]: cf_max = 0
      Jun 14 15:16:18 openvpn[85634]: duplicate_cn = DISABLED
      Jun 14 15:16:18 openvpn[85634]: enable_c2c = ENABLED
      Jun 14 15:16:18 openvpn[85634]: push_ifconfig_ipv6_remote = ::
      Jun 14 15:16:18 openvpn[85634]: push_ifconfig_ipv6_local = ::/0
      Jun 14 15:16:18 openvpn[85634]: push_ifconfig_ipv6_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: push_ifconfig_remote_netmask = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: push_ifconfig_local = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: push_ifconfig_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: tmp_dir = '/tmp'
      Jun 14 15:16:18 openvpn[85634]: ccd_exclusive = DISABLED
      Jun 14 15:16:18 openvpn[85634]: client_config_dir = '/var/etc/openvpn-csc'
      Jun 14 15:16:18 openvpn[85634]: client_disconnect_script = '/usr/local/sbin/openvpn.attributes.sh'
      Jun 14 15:16:18 openvpn[85634]: learn_address_script = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: client_connect_script = '/usr/local/sbin/openvpn.attributes.sh'
      Jun 14 15:16:18 openvpn[85634]: virtual_hash_size = 256
      Jun 14 15:16:18 openvpn[85634]: real_hash_size = 256
      Jun 14 15:16:18 openvpn[85634]: tcp_queue_limit = 64
      Jun 14 15:16:18 openvpn[85634]: n_bcast_buf = 256
      Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_pool_netbits = 0
      Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_pool_base = ::
      Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_pool_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_persist_refresh_freq = 600
      Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_persist_filename = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_netmask = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_end = 10.1.1.251
      Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_start = 10.1.1.4
      Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_defined = ENABLED
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'ping-restart 60'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'ping 10'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'topology net30'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'route 10.1.1.0 255.255.255.0'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'redirect-gateway def1'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'dhcp-option DNS 10.1.1.1'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'dhcp-option DOMAIN domain.es'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'route 192.168.10.0 255.255.255.0'
      Jun 14 15:16:18 openvpn[85634]: server_bridge_pool_end = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: server_bridge_pool_start = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: server_bridge_netmask = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: server_bridge_ip = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: server_netbits_ipv6 = 0
      Jun 14 15:16:18 openvpn[85634]: server_network_ipv6 = ::
      Jun 14 15:16:18 openvpn[85634]: server_netmask = 255.255.255.0
      Jun 14 15:16:18 openvpn[85634]: server_network = 10.1.1.0
      Jun 14 15:16:18 openvpn[85634]: tls_auth_file = '/var/etc/openvpn/server1.tls-auth'
      Jun 14 15:16:18 openvpn[85634]: tls_exit = DISABLED
      Jun 14 15:16:18 openvpn[85634]: push_peer_info = DISABLED
      Jun 14 15:16:18 openvpn[85634]: single_session = DISABLED
      Jun 14 15:16:18 openvpn[85634]: transition_window = 3600
      Jun 14 15:16:18 openvpn[85634]: handshake_window = 60
      Jun 14 15:16:18 openvpn[85634]: renegotiate_seconds = 3600
      Jun 14 15:16:18 openvpn[85634]: renegotiate_packets = 0
      Jun 14 15:16:18 openvpn[85634]: renegotiate_bytes = 0
      Jun 14 15:16:18 openvpn[85634]: tls_timeout = 2
      Jun 14 15:16:18 openvpn[85634]: ssl_flags = 2
      Jun 14 15:16:18 openvpn[85634]: remote_cert_eku = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: ns_cert_type = 0
      Jun 14 15:16:18 openvpn[85634]: crl_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: verify_x509_name = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: verify_x509_type = 0
      Jun 14 15:16:18 openvpn[85634]: tls_export_cert = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: tls_verify = '/var/etc/openvpn/server1.tls-verify.php'
      Jun 14 15:16:18 openvpn[85634]: cipher_list = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: pkcs12_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: priv_key_file = '/var/etc/openvpn/server1.key'
      Jun 14 15:16:18 openvpn[85634]: cert_file = '/var/etc/openvpn/server1.cert'
      Jun 14 15:16:18 openvpn[85634]: dh_file = '/etc/dh-parameters.1024'
      Jun 14 15:16:18 openvpn[85634]: ca_path = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: ca_file = '/var/etc/openvpn/server1.ca'
      Jun 14 15:16:18 openvpn[85634]: key_method = 2
      Jun 14 15:16:18 openvpn[85634]: tls_client = DISABLED
      Jun 14 15:16:18 openvpn[85634]: tls_server = ENABLED
      Jun 14 15:16:18 openvpn[85634]: test_crypto = DISABLED
      Jun 14 15:16:18 openvpn[85634]: use_iv = ENABLED
      Jun 14 15:16:18 openvpn[85634]: packet_id_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: replay_time = 15
      Jun 14 15:16:18 openvpn[85634]: replay_window = 64
      Jun 14 15:16:18 openvpn[85634]: mute_replay_warnings = DISABLED
      Jun 14 15:16:18 openvpn[85634]: replay = ENABLED
      Jun 14 15:16:18 openvpn[85634]: engine = DISABLED
      Jun 14 15:16:18 openvpn[85634]: keysize = 0
      Jun 14 15:16:18 openvpn[85634]: prng_nonce_secret_len = 16
      Jun 14 15:16:18 openvpn[85634]: prng_hash = 'SHA1'
      Jun 14 15:16:18 openvpn[85634]: authname = 'SHA1'
      Jun 14 15:16:18 openvpn[85634]: authname_defined = ENABLED
      Jun 14 15:16:18 openvpn[85634]: ciphername = 'AES-128-CBC'
      Jun 14 15:16:18 openvpn[85634]: ciphername_defined = ENABLED
      Jun 14 15:16:18 openvpn[85634]: key_direction = 1
      Jun 14 15:16:18 openvpn[85634]: shared_secret_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: management_flags = 256
      Jun 14 15:16:18 openvpn[85634]: management_client_group = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: management_client_user = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: management_write_peer_info_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: management_echo_buffer_size = 100
      Jun 14 15:16:18 openvpn[85634]: management_log_history_cache = 250
      Jun 14 15:16:18 openvpn[85634]: management_user_pass = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: management_port = 0
      Jun 14 15:16:18 openvpn[85634]: management_addr = '/var/etc/openvpn/server1.sock'
      Jun 14 15:16:18 openvpn[85634]: route 10.1.1.0/255.255.255.0/nil/nil
      Jun 14 15:16:18 openvpn[85634]: allow_pull_fqdn = DISABLED
      Jun 14 15:16:18 openvpn[85634]: max_routes = 100
      Jun 14 15:16:18 openvpn[85634]: route_gateway_via_dhcp = DISABLED
      Jun 14 15:16:18 openvpn[85634]: route_nopull = DISABLED
      Jun 14 15:16:18 openvpn[85634]: route_delay_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: route_delay_window = 30
      Jun 14 15:16:18 openvpn[85634]: route_delay = 0
      Jun 14 15:16:18 openvpn[85634]: route_noexec = DISABLED
      Jun 14 15:16:18 openvpn[85634]: route_default_metric = 0
      Jun 14 15:16:18 openvpn[85634]: route_default_gateway = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: route_script = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: lzo = 7
      Jun 14 15:16:18 openvpn[85634]: fast_io = DISABLED
      Jun 14 15:16:18 openvpn[85634]: sockflags = 0
      Jun 14 15:16:18 openvpn[85634]: sndbuf = 65536
      Jun 14 15:16:18 openvpn[85634]: rcvbuf = 65536
      Jun 14 15:16:18 openvpn[85634]: occ = ENABLED
      Jun 14 15:16:18 openvpn[85634]: status_file_update_freq = 60
      Jun 14 15:16:18 openvpn[85634]: status_file_version = 1
      Jun 14 15:16:18 openvpn[85634]: status_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: gremlin = 0
      Jun 14 15:16:18 openvpn[85634]: mute = 0
      Jun 14 15:16:18 openvpn[85634]: verbosity = 5
      Jun 14 15:16:18 openvpn[85634]: nice = 0
      Jun 14 15:16:18 openvpn[85634]: suppress_timestamps = DISABLED
      Jun 14 15:16:18 openvpn[85634]: log = DISABLED
      Jun 14 15:16:18 openvpn[85634]: inetd = 0
      Jun 14 15:16:18 openvpn[85634]: daemon = ENABLED
      Jun 14 15:16:18 openvpn[85634]: up_delay = DISABLED
      Jun 14 15:16:18 openvpn[85634]: up_restart = DISABLED
      Jun 14 15:16:18 openvpn[85634]: down_pre = DISABLED
      Jun 14 15:16:18 openvpn[85634]: down_script = '/usr/local/sbin/ovpn-linkdown'
      Jun 14 15:16:18 openvpn[85634]: up_script = '/usr/local/sbin/ovpn-linkup'
      Jun 14 15:16:18 openvpn[85634]: writepid = '/var/run/openvpn_server1.pid'
      Jun 14 15:16:18 openvpn[85634]: cd_dir = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: chroot_dir = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: groupname = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: username = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: resolve_retry_seconds = 1000000000
      Jun 14 15:16:18 openvpn[85634]: passtos = DISABLED
      Jun 14 15:16:18 openvpn[85634]: persist_key = ENABLED
      Jun 14 15:16:18 openvpn[85634]: persist_remote_ip = ENABLED
      Jun 14 15:16:18 openvpn[85634]: persist_local_ip = DISABLED
      Jun 14 15:16:18 openvpn[85634]: persist_tun = ENABLED
      Jun 14 15:16:18 openvpn[85634]: remap_sigusr1 = 0
      Jun 14 15:16:18 openvpn[85634]: ping_timer_remote = ENABLED
      Jun 14 15:16:18 openvpn[85634]: ping_rec_timeout_action = 2
      Jun 14 15:16:18 openvpn[85634]: ping_rec_timeout = 120
      Jun 14 15:16:18 openvpn[85634]: ping_send_timeout = 10
      Jun 14 15:16:18 openvpn[85634]: inactivity_timeout = 0
      Jun 14 15:16:18 openvpn[85634]: keepalive_timeout = 60
      Jun 14 15:16:18 openvpn[85634]: keepalive_ping = 10
      Jun 14 15:16:18 openvpn[85634]: mlock = DISABLED
      Jun 14 15:16:18 openvpn[85634]: mtu_test = 0
      Jun 14 15:16:18 openvpn[85634]: shaper = 0
      Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_remote = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_netbits = 0
      Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_local = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: ifconfig_nowarn = DISABLED
      Jun 14 15:16:18 openvpn[85634]: ifconfig_noexec = DISABLED
      Jun 14 15:16:18 openvpn[85634]: ifconfig_remote_netmask = '10.1.1.2'
      Jun 14 15:16:18 openvpn[85634]: ifconfig_local = '10.1.1.1'
      Jun 14 15:16:18 openvpn[85634]: tun_ipv6 = ENABLED
      Jun 14 15:16:18 openvpn[85634]: topology = 1
      Jun 14 15:16:18 openvpn[85634]: lladdr = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: dev_node = '/dev/tun1'
      Jun 14 15:16:18 openvpn[85634]: dev_type = 'tun'
      Jun 14 15:16:18 openvpn[85634]: dev = 'ovpns1'
      Jun 14 15:16:18 openvpn[85634]: ipchange = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: remote_random = DISABLED
      Jun 14 15:16:18 openvpn[85634]: Connection profiles END
      Jun 14 15:16:18 openvpn[85634]: explicit_exit_notification = 0
      Jun 14 15:16:18 openvpn[85634]: mssfix = 1450
      Jun 14 15:16:18 openvpn[85634]: fragment = 0
      Jun 14 15:16:18 openvpn[85634]: mtu_discover_type = -1
      Jun 14 15:16:18 openvpn[85634]: tun_mtu_extra_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: tun_mtu_extra = 0
      Jun 14 15:16:18 openvpn[85634]: link_mtu_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: link_mtu = 1500
      Jun 14 15:16:18 openvpn[85634]: tun_mtu_defined = ENABLED
      Jun 14 15:16:18 openvpn[85634]: tun_mtu = 1500
      Jun 14 15:16:18 openvpn[85634]: socks_proxy_retry = DISABLED
      Jun 14 15:16:18 openvpn[85634]: socks_proxy_port = 0
      Jun 14 15:16:18 openvpn[85634]: socks_proxy_server = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: connect_retry_max = 0
      Jun 14 15:16:18 openvpn[85634]: connect_timeout = 10
      Jun 14 15:16:18 openvpn[85634]: connect_retry_seconds = 5
      Jun 14 15:16:18 openvpn[85634]: bind_local = ENABLED
      Jun 14 15:16:18 openvpn[85634]: bind_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: remote_float = ENABLED
      Jun 14 15:16:18 openvpn[85634]: remote_port = 1194
      Jun 14 15:16:18 openvpn[85634]: remote = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: local_port = 443
      Jun 14 15:16:18 openvpn[85634]: local = 'XXX.XXX.XXX.XXX'
      Jun 14 15:16:18 openvpn[85634]: proto = tcp-server
      Jun 14 15:16:18 openvpn[85634]: Connection profiles [default]:
      Jun 14 15:16:18 openvpn[85634]: show_tls_ciphers = DISABLED
      Jun 14 15:16:18 openvpn[85634]: key_pass_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: genkey = DISABLED
      Jun 14 15:16:18 openvpn[85634]: show_engines = DISABLED
      Jun 14 15:16:18 openvpn[85634]: show_digests = DISABLED
      Jun 14 15:16:18 openvpn[85634]: show_ciphers = DISABLED
      Jun 14 15:16:18 openvpn[85634]: mode = 1
      Jun 14 15:16:18 openvpn[85634]: config = '/var/etc/openvpn/server1.conf'
      Jun 14 15:16:18 openvpn[85634]: Current Parameter Settings:
      Jun 14 15:14:09 openvpn[6589]: SIGTERM[hard,] received, process exiting
      Jun 14 15:14:09 openvpn[6589]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
      Jun 14 15:14:09 openvpn[6589]: Closing TUN/TAP interface
      Jun 14 15:14:09 openvpn[6589]: /sbin/route delete -net 10.1.1.0 10.1.1.2 255.255.255.0
      Jun 14 15:14:09 openvpn[6589]: TCP/UDP: Closing socket
      Jun 14 15:14:07 openvpn[6589]: TCP/UDP: Closing socket

      1 Reply Last reply Reply Quote 0
      • M
        mxbsuper
        last edited by

        Hi There,

        I had this problem today and found that disabling LZO Header Compression cured it for me.

        Regards

        Mark

        1 Reply Last reply Reply Quote 0
        • C
          cristofer1989
          last edited by

          @mxbsuper:

          Hi There,

          I had this problem today and found that disabling LZO Header Compression cured it for me.

          Regards

          Mark

          Thanks for the answer but it doesn't work for me. I disabled LZO Compression and it still is restarting every 5 minutes :(

          1 Reply Last reply Reply Quote 0
          • C
            cristofer1989
            last edited by

            I have reinstalled pfsense from 0 in another machine and exactly the same problem… I must stop using pfsense to openvpn...

            1 Reply Last reply Reply Quote 0
            • ?
              Guest
              last edited by

              Have look, two potential issues:

              https://forum.pfsense.org/index.php?topic=76975.msg426742#msg426742

              latency is going up, apparently…

              1 Reply Last reply Reply Quote 0
              • C
                cristofer1989
                last edited by

                @chemlud:

                Have look, two potential issues:

                https://forum.pfsense.org/index.php?topic=76975.msg426742#msg426742

                latency is going up, apparently…

                Thank you for the answer.
                I edited the file as the post says but it got even worst… now the server restarts every 10 seconds...
                EDIT: I notice that my latency sometimes is avobe 600ms, so I change the latency range from 1000 to 2000 in order to check...
                EDIT2: Even changing the values it continues failing, so I disabled the gateway monitoring
                EDIT3: Nothing... even with the monitorization disabled it keeps restarting...

                1 Reply Last reply Reply Quote 0
                • ?
                  Guest
                  last edited by

                  You should investigate the systlog (not the openVPN log), as something is restarting the openVPN service (as after a new WAN IP had been obtained) to find out what is causing the restartings…

                  1 Reply Last reply Reply Quote 0
                  • H
                    heper
                    last edited by

                    https://redmine.pfsense.org/issues/3669

                    might be this … try disabling gateway-monitoring on the openvpn-interface.
                    if that solves it, manually patch issue 3669 or gitsync or wait for 2.1.4-release

                    1 Reply Last reply Reply Quote 0
                    • ?
                      Guest
                      last edited by

                      @cristofer1989:

                      …
                      EDIT3: Nothing... even with the monitorization disabled it keeps restarting...

                      ;)

                      1 Reply Last reply Reply Quote 0
                      • C
                        cristofer1989
                        last edited by

                        The problem is solved for now.
                        I stopped the apinger service manually and it stops restarting.
                        Every 5 minutes that service made a "alert" of gateway down, but it isn't true… the gateway was ok all time.
                        For now, I will keep that service down.
                        Thank you for your answers :)

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.