OpenVPN Client disconnects every few seconds - ExpressVPN
-
Hey!
I have a problem with my OpenVPN client on my pfSense 2.4.1-RELEASE firewall, running on an Up Squared. The client (seemingly successful) connects to some ExpressVPN server, but disconnects every few seconds ending in huge packet losses etc.
Log:
Nov 11 01:18:19 openvpn 49480 PO_WAIT[3,0] fd=7 rev=0x00000004 rwflags=0x0002 arg=0x00000004 [scalable] Nov 11 01:18:19 openvpn 49480 SCHEDULE: schedule_find_least NULL Nov 11 01:18:19 openvpn 49480 PO_CTL rwflags=0x0001 ev=7 arg=0x00000004 Nov 11 01:18:19 openvpn 49480 PO_WAIT[3,0] fd=7 rev=0x00000001 rwflags=0x0001 arg=0x00000004 [scalable] Nov 11 01:18:19 openvpn 49480 MANAGEMENT: CMD 'status 2' Nov 11 01:18:19 openvpn 49480 SCHEDULE: schedule_find_least NULL Nov 11 01:18:19 openvpn 49480 PO_CTL rwflags=0x0002 ev=7 arg=0x00000004 Nov 11 01:18:19 openvpn 49480 PO_WAIT[3,0] fd=7 rev=0x00000004 rwflags=0x0002 arg=0x00000004 [scalable] Nov 11 01:18:19 openvpn 49480 SCHEDULE: schedule_find_least NULL Nov 11 01:18:19 openvpn 49480 PO_CTL rwflags=0x0001 ev=7 arg=0x00000004 Nov 11 01:18:19 openvpn 49480 PO_WAIT[3,0] fd=7 rev=0x00000011 rwflags=0x0001 arg=0x00000004 [scalable] Nov 11 01:18:19 openvpn 49480 PO_DEL ev=7 Nov 11 01:18:19 openvpn 49480 MANAGEMENT: Client disconnected Nov 11 01:18:19 openvpn 49480 SCHEDULE: schedule_find_least NULL Nov 11 01:18:19 openvpn 49480 PO_CTL rwflags=0x0001 ev=4 arg=0x00000004 Nov 11 01:18:19 openvpn 6074 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock Nov 11 01:18:19 openvpn 6074 MANAGEMENT: CMD 'state 1' Nov 11 01:18:19 openvpn 6074 MANAGEMENT: CMD 'status 2' Nov 11 01:18:19 openvpn 6074 MANAGEMENT: Client disconnected Nov 11 01:18:20 openvpn 49480 PO_WAIT[2,0] fd=4 rev=0x00000001 rwflags=0x0001 arg=0x00000004 [scalable] Nov 11 01:18:20 openvpn 49480 MULTI: REAP range 160 -> 176 Nov 11 01:18:20 openvpn 49480 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock Nov 11 01:18:20 openvpn 49480 SCHEDULE: schedule_find_least NULL Nov 11 01:18:20 openvpn 49480 PO_CTL rwflags=0x0002 ev=7 arg=0x00000004 Nov 11 01:18:20 openvpn 49480 PO_WAIT[3,0] fd=7 rev=0x00000004 rwflags=0x0002 arg=0x00000004 [scalable] Nov 11 01:18:20 openvpn 49480 SCHEDULE: schedule_find_least NULL Nov 11 01:18:20 openvpn 49480 PO_CTL rwflags=0x0001 ev=7 arg=0x00000004 Nov 11 01:18:20 openvpn 49480 PO_WAIT[3,0] fd=7 rev=0x00000001 rwflags=0x0001 arg=0x00000004 [scalable] Nov 11 01:18:20 openvpn 49480 MANAGEMENT: CMD 'status 2' Nov 11 01:18:20 openvpn 49480 SCHEDULE: schedule_find_least NULL Nov 11 01:18:20 openvpn 49480 PO_CTL rwflags=0x0002 ev=7 arg=0x00000004 Nov 11 01:18:20 openvpn 49480 PO_WAIT[3,0] fd=7 rev=0x00000004 rwflags=0x0002 arg=0x00000004 [scalable] Nov 11 01:18:20 openvpn 49480 SCHEDULE: schedule_find_least NULL Nov 11 01:18:20 openvpn 49480 PO_CTL rwflags=0x0001 ev=7 arg=0x00000004 Nov 11 01:18:20 openvpn 49480 PO_WAIT[3,0] fd=7 rev=0x00000001 rwflags=0x0001 arg=0x00000004 [scalable] Nov 11 01:18:20 openvpn 49480 MANAGEMENT: CMD 'quit' Nov 11 01:18:20 openvpn 49480 PO_DEL ev=7 Nov 11 01:18:20 openvpn 49480 MANAGEMENT: Client disconnected Nov 11 01:18:20 openvpn 49480 SCHEDULE: schedule_find_least NULL Nov 11 01:18:20 openvpn 49480 PO_CTL rwflags=0x0001 ev=4 arg=0x00000004 Nov 11 01:18:30 openvpn 49480 MULTI: REAP range 176 -> 192 Nov 11 01:18:30 openvpn 49480 MULTI TCP: multi_tcp_action a=TA_TIMEOUT p=0 Nov 11 01:18:30 openvpn 49480 MULTI TCP: multi_tcp_dispatch a=TA_TIMEOUT mi=0x00000000 Nov 11 01:18:30 openvpn 49480 MULTI TCP: multi_tcp_post TA_TIMEOUT -> TA_UNDEF Nov 11 01:18:30 openvpn 49480 SCHEDULE: schedule_find_least NULL Nov 11 01:18:41 openvpn 49480 MULTI: REAP range 192 -> 208 Nov 11 01:18:41 openvpn 49480 MULTI TCP: multi_tcp_action a=TA_TIMEOUT p=0 Nov 11 01:18:41 openvpn 49480 MULTI TCP: multi_tcp_dispatch a=TA_TIMEOUT mi=0x00000000 Nov 11 01:18:41 openvpn 49480 MULTI TCP: multi_tcp_post TA_TIMEOUT -> TA_UNDEF Nov 11 01:18:41 openvpn 49480 SCHEDULE: schedule_find_least NULLIt is not a problem of my internet connection - when I use the config of ExpressVPN on a computer in the network (with disabled VPN client on my pfSense firewall), there are no disconnects.
/var/etc/openvpn/client2.conf:
dev ovpnc2 verb 3 dev-type tun dev-node /dev/tun2 writepid /var/run/openvpn_client2.pid #user nobody #group nobody script-security 3 daemon keepalive 10 60 ping-timer-rem persist-tun persist-key proto udp4 cipher AES-256-CBC auth SHA512 up /usr/local/sbin/ovpn-linkup down /usr/local/sbin/ovpn-linkdown local 192.168.0.17 tls-client client lport 0 management /var/etc/openvpn/client2.sock unix remote germany-frankfurt-1-ca-version-2.expressnetw.com 1195 auth-user-pass /var/etc/openvpn/client2.up auth-retry nointeract ca /var/etc/openvpn/client2.ca cert /var/etc/openvpn/client2.cert key /var/etc/openvpn/client2.key tls-auth /var/etc/openvpn/client2.tls-auth 1 ncp-ciphers AES-256-GCM:AES-128-GCM comp-lzo adaptive resolv-retry infinite route-nopull fast-io persist-key persist-tun remote-random pull tls-client verify-x509-name Server name-prefix ns-cert-type server key-direction 1 route-method exe route-delay 2 tun-mtu 1500 fragment 1300 mssfix 1450 verb 3 sndbuf 524288 rcvbuf 524288OVPN from ExpressVPN:
dev tun fast-io persist-key persist-tun nobind remote germany-frankfurt-1-ca-version-2.expressnetw.com 1195 remote-random pull comp-lzo tls-client verify-x509-name Server name-prefix ns-cert-type server key-direction 1 route-method exe route-delay 2 tun-mtu 1500 fragment 1300 mssfix 1450 verb 3 cipher AES-256-CBC keysize 256 auth SHA512 sndbuf 524288 rcvbuf 524288 auth-user-passGuide I followed for setting the stuff up:
https://www.expressvpn.com/support/vpn-setup/pfsense-with-expressvpn-openvpn/What else do you need?
Thanks in advance
dvs23
-
I'm having the exact same problem. ExpressVPN directed me to the pfSense forum.. so they have no idea. They said their setup guide was written by one of their customers.
-
Someone any idea how to solve this? Or at least what's the problem here?
-
Nov 11 01:18:20 openvpn 49480 MANAGEMENT: Client disconnectedThat does not mean openvpn disconnected. That means that the GUI status page or widget probed the openvpn service and then disconnected from the management interface. Your logs are probably too verbose to see what's actually happening. Turn down the logging to verb 3 or 4, and ignore any line with MANAGEMENT in it.
I know your config claims it's only using verb 3 but that looks like a lot higher log detail than 3.
-
Someone any idea how to solve this? Or at least what's the problem here?
I had similar issues from 2.3 versions, I also had disconnects from my computer. not with expressvpn but with another provider.
The disconnects disappeared when I disabled gateway monitoring both at my default gateway and the VPN gateway.
Login to your pfSense and visit System/Routing/Gateways. Click the edit button at your default gateway and at your VPN gateway and put a tick on "Disable Gateway Monitoring" and "Disable Gateway Monitoring Action" . Save your settings and reboot your router in order to make sure that they are applied.
-
Wow! That's it! Previously I had huge packet loss rates (50% and more), nor everything seems to be fine (means not a single packet lost after 100 pings :))) Thank you!!
I will send ExpressVPN a link to this thread so they know it's not really their fault :) -
@dimangelid wowowowow! after fighting this issue over and over, going through many connection how-to's, and seeking help from forums - this was the answer!!!
thank you for taking the time to post this very helpful hint!bill
-
@bill209 said in OpenVPN Client disconnects every few seconds - ExpressVPN:
@dimangelid wowowowow! after fighting this issue over and over, going through many connection how-to's, and seeking help from forums - this was the answer!!!
thank you for taking the time to post this very helpful hint!bill
@bill209 I am happy that i helped after 4 years!! I had completely forgotten that i had responded in this thread :P
-
@dimangelid it also worked for me, thank you very much have a good day.
