Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    losing OpenVPN connection every 20 - 120 seconds

    Scheduled Pinned Locked Moved OpenVPN
    76 Posts 7 Posters 13.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • GertjanG
      Gertjan @akkiz
      last edited by Gertjan

      Hi,

      This is something I didn't see before :

      @akkiz said in losing OpenVPN connection every 20 - 120 seconds:

      Jan 8 18:52:14 php-fpm 342 /rc.newwanip: rc.newwanip called with empty interface.

      This is an error condition.
      Way back, the pfSense coders said this about the event of a "empty interface" :

      /* XXX: This really possible? */

      ( see the rc.rc.newwanip file )
      So, a very special situation - I can't tell anything more. Never saw such a issue.
      The result will be :
      Filters - firewall re reloaled.
      Packages get restarted.
      ... and bail out.

      Btw : this is me just thinking out loud.
      I do have an Express VPN account, but never set it up with pfSense.

      re-edit : "Empty interface" is normal after all: The VPN clients is bound to an Interface (bu you : the OPT1 interface) without an IPv4 or IPv6 specified. That's ok.

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      A 1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Ok so it connects and there is two way traffic and then presumably it disconnects.

        Let see more OpenVPN logs showing that happening.

        1 Reply Last reply Reply Quote 0
        • A
          akkiz @Gertjan
          last edited by akkiz

          @Gertjan @stephenw10 ok

          A 1 Reply Last reply Reply Quote 0
          • A
            akkiz @akkiz
            last edited by akkiz

            @stephenw10
            Last 50 OpenVPN Log Entries. (Maximum 50)
            Jan 10 20:18:52 openvpn 79060 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
            Jan 10 20:18:52 openvpn 79060 MANAGEMENT: CMD 'state 1'
            Jan 10 20:18:52 openvpn 79060 MANAGEMENT: Client disconnected
            Jan 10 20:18:55 openvpn 79060 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
            Jan 10 20:18:55 openvpn 79060 MANAGEMENT: CMD 'state 1'
            Jan 10 20:18:55 openvpn 79060 MANAGEMENT: Client disconnected
            Jan 10 20:18:59 openvpn 79060 [UNDEF] Inactivity timeout (--ping-restart), restarting
            Jan 10 20:18:59 openvpn 79060 SIGUSR1[soft,ping-restart] received, process restarting
            Jan 10 20:18:59 openvpn 79060 Restart pause, 10 second(s)
            Jan 10 20:19:09 openvpn 79060 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
            Jan 10 20:19:09 openvpn 79060 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
            Jan 10 20:19:09 openvpn 79060 TCP/UDP: Preserving recently used remote address: [AF_INET]185.128.27.148:1195
            Jan 10 20:19:09 openvpn 79060 Socket Buffers: R=[42080->524288] S=[57344->524288]
            Jan 10 20:19:09 openvpn 79060 UDPv4 link local (bound): [AF_INET]2.51.235.8:0
            Jan 10 20:19:09 openvpn 79060 UDPv4 link remote: [AF_INET]185.128.27.148:1195
            Jan 10 20:19:15 openvpn 79060 TLS: Initial packet from [AF_INET]185.128.27.148:1195, sid=e15210b7 adc6f7b9
            Jan 10 20:19:15 openvpn 79060 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
            Jan 10 20:19:15 openvpn 79060 VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=support@expressvpn.com
            Jan 10 20:19:15 openvpn 79060 VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-3360-1a, emailAddress=support@expressvpn.com
            Jan 10 20:19:15 openvpn 79060 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
            Jan 10 20:19:15 openvpn 79060 MANAGEMENT: CMD 'state 1'
            Jan 10 20:19:15 openvpn 79060 MANAGEMENT: Client disconnected
            Jan 10 20:19:24 openvpn 79060 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1606'
            Jan 10 20:19:24 openvpn 79060 WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
            Jan 10 20:19:24 openvpn 79060 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
            Jan 10 20:19:24 openvpn 79060 [Server-3360-1a] Peer Connection Initiated with [AF_INET]185.128.27.148:1195
            Jan 10 20:19:25 openvpn 79060 SENT CONTROL [Server-3360-1a]: 'PUSH_REQUEST' (status=1)
            Jan 10 20:19:25 openvpn 79060 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.187.0.1,comp-lzo no,route 10.187.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.187.0.38 10.187.0.37,peer-id 7'
            Jan 10 20:19:25 openvpn 79060 Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS])
            Jan 10 20:19:25 openvpn 79060 Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
            Jan 10 20:19:25 openvpn 79060 Options error: option 'route' cannot be used in this context ([PUSH-OPTIONS])
            Jan 10 20:19:25 openvpn 79060 OPTIONS IMPORT: timers and/or timeouts modified
            Jan 10 20:19:25 openvpn 79060 OPTIONS IMPORT: compression parms modified
            Jan 10 20:19:25 openvpn 79060 OPTIONS IMPORT: --ifconfig/up options modified
            Jan 10 20:19:25 openvpn 79060 OPTIONS IMPORT: peer-id set
            Jan 10 20:19:25 openvpn 79060 OPTIONS IMPORT: adjusting link_mtu to 1625
            Jan 10 20:19:25 openvpn 79060 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
            Jan 10 20:19:25 openvpn 79060 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
            Jan 10 20:19:25 openvpn 79060 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
            Jan 10 20:19:25 openvpn 79060 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
            Jan 10 20:19:25 openvpn 79060 TUN/TAP device ovpnc2 exists previously, keep at program end
            Jan 10 20:19:25 openvpn 79060 TUN/TAP device /dev/tun2 opened
            Jan 10 20:19:25 openvpn 79060 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
            Jan 10 20:19:25 openvpn 79060 /sbin/ifconfig ovpnc2 10.187.0.38 10.187.0.37 mtu 1500 netmask 255.255.255.255 up
            Jan 10 20:19:25 openvpn 79060 /usr/local/sbin/ovpn-linkup ovpnc2 1500 1605 10.187.0.38 10.187.0.37 init
            Jan 10 20:19:25 openvpn 79060 Initialization Sequence Completed
            Jan 10 20:19:35 openvpn 79060 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
            Jan 10 20:19:35 openvpn 79060 MANAGEMENT: CMD 'state 1'
            Jan 10 20:19:35 openvpn 79060 MANAGEMENT: CMD 'status 2'
            Jan 10 20:19:35 openvpn 79060 MANAGEMENT: Client disconnected
            Jan 10 20:21:54 openvpn 79060 OPTIONS IMPORT: --ifconfig/up options modified
            Jan 10 20:21:54 openvpn 79060 OPTIONS IMPORT: peer-id set
            Jan 10 20:21:54 openvpn 79060 OPTIONS IMPORT: adjusting link_mtu to 1625
            Jan 10 20:21:54 openvpn 79060 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
            Jan 10 20:21:54 openvpn 79060 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
            Jan 10 20:21:54 openvpn 79060 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
            Jan 10 20:21:54 openvpn 79060 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
            Jan 10 20:21:54 openvpn 79060 Preserving previous TUN/TAP instance: ovpnc2
            Jan 10 20:21:54 openvpn 79060 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
            Jan 10 20:21:54 openvpn 79060 Closing TUN/TAP interface
            Jan 10 20:21:54 openvpn 79060 /usr/local/sbin/ovpn-linkdown ovpnc2 1500 1605 10.187.0.38 10.187.0.37 init
            Jan 10 20:21:55 openvpn 79060 TUN/TAP device ovpnc2 exists previously, keep at program end
            Jan 10 20:21:55 openvpn 79060 TUN/TAP device /dev/tun2 opened
            Jan 10 20:21:55 openvpn 79060 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
            Jan 10 20:21:55 openvpn 79060 /sbin/ifconfig ovpnc2 10.87.0.90 10.87.0.89 mtu 1500 netmask 255.255.255.255 up
            Jan 10 20:21:55 openvpn 79060 /usr/local/sbin/ovpn-linkup ovpnc2 1500 1605 10.87.0.90 10.87.0.89 init
            Jan 10 20:21:55 openvpn 79060 Initialization Sequence Completed
            Jan 10 20:22:04 openvpn 79060 Bad compression stub decompression header byte: 0
            Jan 10 20:22:14 openvpn 79060 Bad compression stub decompression header byte: 0
            Jan 10 20:22:19 openvpn 79060 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
            Jan 10 20:22:19 openvpn 79060 MANAGEMENT: CMD 'state 1'
            Jan 10 20:22:19 openvpn 79060 MANAGEMENT: CMD 'status 2'
            Jan 10 20:22:19 openvpn 79060 MANAGEMENT: Client disconnected
            Jan 10 20:22:19 openvpn 79060 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
            Jan 10 20:22:19 openvpn 79060 MANAGEMENT: CMD 'state 1'
            Jan 10 20:22:19 openvpn 79060 MANAGEMENT: CMD 'status 2'
            Jan 10 20:22:19 openvpn 79060 MANAGEMENT: Client disconnected
            Jan 10 20:22:22 openvpn 79060 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
            Jan 10 20:22:22 openvpn 79060 MANAGEMENT: CMD 'state 1'
            Jan 10 20:22:22 openvpn 79060 MANAGEMENT: CMD 'status 2'
            Jan 10 20:22:22 openvpn 79060 MANAGEMENT: Client disconnected
            Jan 10 20:22:45 openvpn 79060 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
            Jan 10 20:22:45 openvpn 79060 MANAGEMENT: CMD 'state 1'
            Jan 10 20:22:45 openvpn 79060 MANAGEMENT: CMD 'status 2'
            Jan 10 20:22:45 openvpn 79060 MANAGEMENT: Client disconnected
            Jan 10 20:22:54 openvpn 79060 [Server-2719-0a] Inactivity timeout (--ping-restart), restarting
            Jan 10 20:22:54 openvpn 79060 SIGUSR1[soft,ping-restart] received, process restarting
            Jan 10 20:22:54 openvpn 79060 Restart pause, 10 second(s)
            Jan 10 20:23:04 openvpn 79060 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
            Jan 10 20:23:04 openvpn 79060 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
            Jan 10 20:23:04 openvpn 79060 TCP/UDP: Preserving recently used remote address: [AF_INET]185.183.105.194:1195
            Jan 10 20:23:04 openvpn 79060 Socket Buffers: R=[42080->524288] S=[57344->524288]
            Jan 10 20:23:04 openvpn 79060 UDPv4 link local (bound): [AF_INET]2.51.235.8:0
            Jan 10 20:23:04 openvpn 79060 UDPv4 link remote: [AF_INET]185.183.105.194:1195
            Jan 10 20:23:20 openvpn 79060 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
            Jan 10 20:23:20 openvpn 79060 MANAGEMENT: CMD 'state 1'
            Jan 10 20:23:20 openvpn 79060 MANAGEMENT: Client disconnected
            Jan 10 20:23:26 openvpn 79060 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
            Jan 10 20:23:26 openvpn 79060 MANAGEMENT: CMD 'state 1'
            Jan 10 20:23:26 openvpn 79060 MANAGEMENT: Client disconnected
            Jan 10 20:23:04 openvpn 79060 Socket Buffers: R=[42080->524288] S=[57344->524288]
            Jan 10 20:23:04 openvpn 79060 UDPv4 link local (bound): [AF_INET]2.51.235.8:0
            Jan 10 20:23:04 openvpn 79060 UDPv4 link remote: [AF_INET]185.183.105.194:1195
            Jan 10 20:23:20 openvpn 79060 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
            Jan 10 20:23:20 openvpn 79060 MANAGEMENT: CMD 'state 1'
            Jan 10 20:23:20 openvpn 79060 MANAGEMENT: Client disconnected
            Jan 10 20:23:26 openvpn 79060 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
            Jan 10 20:23:26 openvpn 79060 MANAGEMENT: CMD 'state 1'
            Jan 10 20:23:26 openvpn 79060 MANAGEMENT: Client disconnected
            Jan 10 20:24:04 openvpn 79060 [UNDEF] Inactivity timeout (--ping-restart), restarting
            Jan 10 20:24:04 openvpn 79060 SIGUSR1[soft,ping-restart] received, process restarting
            Jan 10 20:24:04 openvpn 79060 Restart pause, 10 second(s)
            Jan 10 20:24:14 openvpn 79060 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
            Jan 10 20:24:14 openvpn 79060 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
            Jan 10 20:24:14 openvpn 79060 TCP/UDP: Preserving recently used remote address: [AF_INET]37.120.135.136:1195
            Jan 10 20:24:14 openvpn 79060 Socket Buffers: R=[42080->524288] S=[57344->524288]
            Jan 10 20:24:14 openvpn 79060 UDPv4 link local (bound): [AF_INET]2.51.235.8:0
            Jan 10 20:24:14 openvpn 79060 UDPv4 link remote: [AF_INET]37.120.135.136:1195
            Jan 10 20:24:20 openvpn 79060 TLS: Initial packet from [AF_INET]37.120.135.136:1195, sid=9315b41a e4a2f938
            Jan 10 20:24:20 openvpn 79060 VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=support@expressvpn.com
            Jan 10 20:24:20 openvpn 79060 VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-5165-1a, emailAddress=support@expressvpn.com
            Jan 10 20:24:20 openvpn 79060 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1606'
            Jan 10 20:24:20 openvpn 79060 WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
            Jan 10 20:24:20 openvpn 79060 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
            Jan 10 20:24:20 openvpn 79060 [Server-5165-1a] Peer Connection Initiated with [AF_INET]37.120.135.136:1195
            Jan 10 20:24:21 openvpn 79060 SENT CONTROL [Server-5165-1a]: 'PUSH_REQUEST' (status=1)
            Jan 10 20:24:21 openvpn 79060 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.17.0.1,comp-lzo no,route 10.17.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.17.0.66 10.17.0.65,peer-id 13'
            Jan 10 20:24:21 openvpn 79060 Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS])
            Jan 10 20:24:21 openvpn 79060 Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
            Jan 10 20:24:21 openvpn 79060 Options error: option 'route' cannot be used in this context ([PUSH-OPTIONS])
            Jan 10 20:24:21 openvpn 79060 OPTIONS IMPORT: timers and/or timeouts modified
            Jan 10 20:24:21 openvpn 79060 OPTIONS IMPORT: compression parms modified
            Jan 10 20:24:21 openvpn 79060 OPTIONS IMPORT: --ifconfig/up options modified
            Jan 10 20:24:21 openvpn 79060 OPTIONS IMPORT: peer-id set
            Jan 10 20:24:21 openvpn 79060 OPTIONS IMPORT: adjusting link_mtu to 1625
            Jan 10 20:24:21 openvpn 79060 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
            Jan 10 20:24:21 openvpn 79060 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
            Jan 10 20:24:21 openvpn 79060 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
            Jan 10 20:24:21 openvpn 79060 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
            Jan 10 20:24:21 openvpn 79060 Preserving previous TUN/TAP instance: ovpnc2
            Jan 10 20:24:21 openvpn 79060 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
            Jan 10 20:24:21 openvpn 79060 Closing TUN/TAP interface
            Jan 10 20:24:21 openvpn 79060 /usr/local/sbin/ovpn-linkdown ovpnc2 1500 1605 10.87.0.90 10.87.0.89 init
            Jan 10 20:24:22 openvpn 79060 TUN/TAP device ovpnc2 exists previously, keep at program end
            Jan 10 20:24:22 openvpn 79060 TUN/TAP device /dev/tun2 opened
            Jan 10 20:24:22 openvpn 79060 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
            Jan 10 20:24:22 openvpn 79060 /sbin/ifconfig ovpnc2 10.17.0.66 10.17.0.65 mtu 1500 netmask 255.255.255.255 up
            Jan 10 20:24:22 openvpn 79060 /usr/local/sbin/ovpn-linkup ovpnc2 1500 1605 10.17.0.66 10.17.0.65 init
            Jan 10 20:24:22 openvpn 79060 Initialization Sequence Completed
            Jan 10 20:24:31 openvpn 79060 Bad compression stub decompression header byte: 0
            Jan 10 20:24:31 openvpn 79060 Bad compression stub decompression header byte: 0
            Jan 10 20:24:39 openvpn 79060 Bad compression stub decompression header byte: 0
            Jan 10 20:25:21 openvpn 79060 [Server-5165-1a] Inactivity timeout (--ping-restart), restarting
            Jan 10 20:25:21 openvpn 79060 SIGUSR1[soft,ping-restart] received, process restarting
            Jan 10 20:25:21 openvpn 79060 Restart pause, 10 second(s)
            Jan 10 20:25:31 openvpn 79060 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
            Jan 10 20:25:31 openvpn 79060 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
            Jan 10 20:25:31 openvpn 79060 TCP/UDP: Preserving recently used remote address: [AF_INET]37.120.135.136:1195
            Jan 10 20:25:31 openvpn 79060 Socket Buffers: R=[42080->524288] S=[57344->524288]
            Jan 10 20:25:31 openvpn 79060 UDPv4 link local (bound): [AF_INET]2.51.235.8:0
            Jan 10 20:25:31 openvpn 79060 UDPv4 link remote: [AF_INET]37.120.135.136:1195
            Jan 10 20:26:31 openvpn 79060 [UNDEF] Inactivity timeout (--ping-restart), restarting
            Jan 10 20:26:31 openvpn 79060 SIGUSR1[soft,ping-restart] received, process restarting
            Jan 10 20:26:31 openvpn 79060 Restart pause, 10 second(s)
            Jan 10 20:26:41 openvpn 79060 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
            Jan 10 20:26:41 openvpn 79060 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
            Jan 10 20:26:41 openvpn 79060 TCP/UDP: Preserving recently used remote address: [AF_INET]185.128.27.148:1195
            Jan 10 20:26:41 openvpn 79060 Socket Buffers: R=[42080->524288] S=[57344->524288]
            Jan 10 20:26:41 openvpn 79060 UDPv4 link local (bound): [AF_INET]2.51.235.8:0
            Jan 10 20:26:41 openvpn 79060 UDPv4 link remote: [AF_INET]185.128.27.148:1195
            Jan 10 20:27:41 openvpn 79060 [UNDEF] Inactivity timeout (--ping-restart), restarting
            Jan 10 20:27:41 openvpn 79060 SIGUSR1[soft,ping-restart] received, process restarting
            Jan 10 20:27:41 openvpn 79060 Restart pause, 10 second(s)

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Looks like you have a compression mismatch. The server is pushing comp-lzo no but you have it enabled in both the gui setup and custom options (if you still have those). Try setting it to 'Omit Preference' instead.

              Steve

              A 1 Reply Last reply Reply Quote 0
              • A
                akkiz @stephenw10
                last edited by akkiz

                didnt help and custom options was blank

                A 1 Reply Last reply Reply Quote 0
                • A
                  akkiz @akkiz
                  last edited by

                  @akkiz said in losing OpenVPN connection every 20 - 120 seconds:

                  didnt help and custom options was blank

                  Jan 10 21:23:17 openvpn 51111 MANAGEMENT: Client disconnected
                  Jan 10 21:23:18 openvpn 51111 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
                  Jan 10 21:23:18 openvpn 51111 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
                  Jan 10 21:23:18 openvpn 51111 TCP/UDP: Preserving recently used remote address: [AF_INET]37.120.135.136:1195
                  Jan 10 21:23:18 openvpn 51111 Socket Buffers: R=[42080->524288] S=[57344->524288]
                  Jan 10 21:23:18 openvpn 51111 UDPv4 link local (bound): [AF_INET]2.51.235.8:0
                  Jan 10 21:23:18 openvpn 51111 UDPv4 link remote: [AF_INET]37.120.135.136:1195
                  Jan 10 21:23:37 openvpn 51111 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
                  Jan 10 21:23:37 openvpn 51111 MANAGEMENT: CMD 'state 1'
                  Jan 10 21:23:37 openvpn 51111 MANAGEMENT: Client disconnected
                  Jan 10 21:24:18 openvpn 51111 [UNDEF] Inactivity timeout (--ping-restart), restarting
                  Jan 10 21:24:18 openvpn 51111 SIGUSR1[soft,ping-restart] received, process restarting
                  Jan 10 21:24:18 openvpn 51111 Restart pause, 10 second(s)
                  Jan 10 21:24:28 openvpn 51111 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
                  Jan 10 21:24:28 openvpn 51111 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
                  Jan 10 21:24:28 openvpn 51111 TCP/UDP: Preserving recently used remote address: [AF_INET]185.183.105.194:1195
                  Jan 10 21:24:28 openvpn 51111 Socket Buffers: R=[42080->524288] S=[57344->524288]
                  Jan 10 21:24:28 openvpn 51111 UDPv4 link local (bound): [AF_INET]2.51.235.8:0
                  Jan 10 21:24:28 openvpn 51111 UDPv4 link remote: [AF_INET]185.183.105.194:1195
                  Jan 10 21:24:28 openvpn 51111 TLS: Initial packet from [AF_INET]185.183.105.194:1195, sid=bca25ec8 d3025870
                  Jan 10 21:24:28 openvpn 51111 VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=support@expressvpn.com
                  Jan 10 21:24:28 openvpn 51111 VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-2719-0a, emailAddress=support@expressvpn.com
                  Jan 10 21:24:29 openvpn 51111 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1606'
                  Jan 10 21:24:29 openvpn 51111 WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
                  Jan 10 21:24:29 openvpn 51111 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
                  Jan 10 21:24:29 openvpn 51111 [Server-2719-0a] Peer Connection Initiated with [AF_INET]185.183.105.194:1195
                  Jan 10 21:24:30 openvpn 51111 SENT CONTROL [Server-2719-0a]: 'PUSH_REQUEST' (status=1)
                  Jan 10 21:24:30 openvpn 51111 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.87.0.1,comp-lzo no,route 10.87.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.87.0.38 10.87.0.37,peer-id 6'
                  Jan 10 21:24:30 openvpn 51111 Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS])
                  Jan 10 21:24:30 openvpn 51111 Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
                  Jan 10 21:24:30 openvpn 51111 Options error: option 'route' cannot be used in this context ([PUSH-OPTIONS])
                  Jan 10 21:24:30 openvpn 51111 OPTIONS IMPORT: timers and/or timeouts modified
                  Jan 10 21:24:30 openvpn 51111 OPTIONS IMPORT: compression parms modified
                  Jan 10 21:24:30 openvpn 51111 OPTIONS IMPORT: --ifconfig/up options modified
                  Jan 10 21:24:30 openvpn 51111 OPTIONS IMPORT: peer-id set
                  Jan 10 21:24:30 openvpn 51111 OPTIONS IMPORT: adjusting link_mtu to 1625
                  Jan 10 21:24:30 openvpn 51111 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
                  Jan 10 21:24:30 openvpn 51111 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
                  Jan 10 21:24:30 openvpn 51111 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
                  Jan 10 21:24:30 openvpn 51111 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
                  Jan 10 21:24:30 openvpn 51111 Preserving previous TUN/TAP instance: ovpnc2
                  Jan 10 21:24:30 openvpn 51111 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
                  Jan 10 21:24:30 openvpn 51111 Closing TUN/TAP interface
                  Jan 10 21:24:30 openvpn 51111 /usr/local/sbin/ovpn-linkdown ovpnc2 1500 1605 10.17.0.98 10.17.0.97 init
                  Jan 10 21:24:31 openvpn 51111 TUN/TAP device ovpnc2 exists previously, keep at program end
                  Jan 10 21:24:31 openvpn 51111 TUN/TAP device /dev/tun2 opened
                  Jan 10 21:24:31 openvpn 51111 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
                  Jan 10 21:24:31 openvpn 51111 /sbin/ifconfig ovpnc2 10.87.0.38 10.87.0.37 mtu 1500 netmask 255.255.255.255 up
                  Jan 10 21:24:31 openvpn 51111 /usr/local/sbin/ovpn-linkup ovpnc2 1500 1605 10.87.0.38 10.87.0.37 init
                  Jan 10 21:24:31 openvpn 51111 Initialization Sequence Completed

                  A 1 Reply Last reply Reply Quote 0
                  • A
                    akkiz @akkiz
                    last edited by

                    @akkiz said in losing OpenVPN connection every 20 - 120 seconds:

                    @akkiz said in losing OpenVPN connection every 20 - 120 seconds:

                    didnt help and custom options was blank

                    Jan 10 21:23:17 openvpn 51111 MANAGEMENT: Client disconnected
                    Jan 10 21:23:18 openvpn 51111 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
                    Jan 10 21:23:18 openvpn 51111 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
                    Jan 10 21:23:18 openvpn 51111 TCP/UDP: Preserving recently used remote address: [AF_INET]37.120.135.136:1195
                    Jan 10 21:23:18 openvpn 51111 Socket Buffers: R=[42080->524288] S=[57344->524288]
                    Jan 10 21:23:18 openvpn 51111 UDPv4 link local (bound): [AF_INET]2.51.235.8:0
                    Jan 10 21:23:18 openvpn 51111 UDPv4 link remote: [AF_INET]37.120.135.136:1195
                    Jan 10 21:23:37 openvpn 51111 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
                    Jan 10 21:23:37 openvpn 51111 MANAGEMENT: CMD 'state 1'
                    Jan 10 21:23:37 openvpn 51111 MANAGEMENT: Client disconnected
                    Jan 10 21:24:18 openvpn 51111 [UNDEF] Inactivity timeout (--ping-restart), restarting
                    Jan 10 21:24:18 openvpn 51111 SIGUSR1[soft,ping-restart] received, process restarting
                    Jan 10 21:24:18 openvpn 51111 Restart pause, 10 second(s)
                    Jan 10 21:24:28 openvpn 51111 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
                    Jan 10 21:24:28 openvpn 51111 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
                    Jan 10 21:24:28 openvpn 51111 TCP/UDP: Preserving recently used remote address: [AF_INET]185.183.105.194:1195
                    Jan 10 21:24:28 openvpn 51111 Socket Buffers: R=[42080->524288] S=[57344->524288]
                    Jan 10 21:24:28 openvpn 51111 UDPv4 link local (bound): [AF_INET]2.51.235.8:0
                    Jan 10 21:24:28 openvpn 51111 UDPv4 link remote: [AF_INET]185.183.105.194:1195
                    Jan 10 21:24:28 openvpn 51111 TLS: Initial packet from [AF_INET]185.183.105.194:1195, sid=bca25ec8 d3025870
                    Jan 10 21:24:28 openvpn 51111 VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=support@expressvpn.com
                    Jan 10 21:24:28 openvpn 51111 VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-2719-0a, emailAddress=support@expressvpn.com
                    Jan 10 21:24:29 openvpn 51111 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1606'
                    Jan 10 21:24:29 openvpn 51111 WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
                    Jan 10 21:24:29 openvpn 51111 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
                    Jan 10 21:24:29 openvpn 51111 [Server-2719-0a] Peer Connection Initiated with [AF_INET]185.183.105.194:1195
                    Jan 10 21:24:30 openvpn 51111 SENT CONTROL [Server-2719-0a]: 'PUSH_REQUEST' (status=1)
                    Jan 10 21:24:30 openvpn 51111 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.87.0.1,comp-lzo no,route 10.87.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.87.0.38 10.87.0.37,peer-id 6'
                    Jan 10 21:24:30 openvpn 51111 Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS])
                    Jan 10 21:24:30 openvpn 51111 Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
                    Jan 10 21:24:30 openvpn 51111 Options error: option 'route' cannot be used in this context ([PUSH-OPTIONS])
                    Jan 10 21:24:30 openvpn 51111 OPTIONS IMPORT: timers and/or timeouts modified
                    Jan 10 21:24:30 openvpn 51111 OPTIONS IMPORT: compression parms modified
                    Jan 10 21:24:30 openvpn 51111 OPTIONS IMPORT: --ifconfig/up options modified
                    Jan 10 21:24:30 openvpn 51111 OPTIONS IMPORT: peer-id set
                    Jan 10 21:24:30 openvpn 51111 OPTIONS IMPORT: adjusting link_mtu to 1625
                    Jan 10 21:24:30 openvpn 51111 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
                    Jan 10 21:24:30 openvpn 51111 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
                    Jan 10 21:24:30 openvpn 51111 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
                    Jan 10 21:24:30 openvpn 51111 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
                    Jan 10 21:24:30 openvpn 51111 Preserving previous TUN/TAP instance: ovpnc2
                    Jan 10 21:24:30 openvpn 51111 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
                    Jan 10 21:24:30 openvpn 51111 Closing TUN/TAP interface
                    Jan 10 21:24:30 openvpn 51111 /usr/local/sbin/ovpn-linkdown ovpnc2 1500 1605 10.17.0.98 10.17.0.97 init
                    Jan 10 21:24:31 openvpn 51111 TUN/TAP device ovpnc2 exists previously, keep at program end
                    Jan 10 21:24:31 openvpn 51111 TUN/TAP device /dev/tun2 opened
                    Jan 10 21:24:31 openvpn 51111 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
                    Jan 10 21:24:31 openvpn 51111 /sbin/ifconfig ovpnc2 10.87.0.38 10.87.0.37 mtu 1500 netmask 255.255.255.255 up
                    Jan 10 21:24:31 openvpn 51111 /usr/local/sbin/ovpn-linkup ovpnc2 1500 1605 10.87.0.38 10.87.0.37 init
                    Jan 10 21:24:31 openvpn 51111 Initialization Sequence Completed

                    123.jpg

                    1 Reply Last reply Reply Quote 0
                    • B
                      bcruze
                      last edited by

                      try omit preference + disable lzo compression

                      A 1 Reply Last reply Reply Quote 0
                      • A
                        akkiz @bcruze
                        last edited by akkiz

                        @bcruze ok but it creates compression stub message see the log didnt help

                        A 1 Reply Last reply Reply Quote 0
                        • A
                          akkiz @akkiz
                          last edited by akkiz

                          @akkiz said in losing OpenVPN connection every 20 - 120 seconds:

                          Jan 10 21:57:24 openvpn 88382 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
                          Jan 10 21:57:24 openvpn 88382 /sbin/ifconfig ovpnc2 10.136.0.54 10.136.0.53 mtu 1500 netmask 255.255.255.255 up
                          Jan 10 21:57:24 openvpn 88382 /usr/local/sbin/ovpn-linkup ovpnc2 1500 1605 10.136.0.54 10.136.0.53 init
                          Jan 10 21:57:24 openvpn 88382 Initialization Sequence Completed
                          Jan 10 21:57:33 openvpn 88382 Bad compression stub decompression header byte: 0
                          Jan 10 21:57:43 openvpn 88382 MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
                          Jan 10 21:57:43 openvpn 88382 MANAGEMENT: CMD 'state 1'
                          Jan 10 21:57:43 openvpn 88382 MANAGEMENT: CMD 'status 2'
                          Jan 10 21:57:43 openvpn 88382 MANAGEMENT: Client disconnected

                          A 1 Reply Last reply Reply Quote 0
                          • A
                            akkiz @akkiz
                            last edited by akkiz

                            @akkiz I really am happy to see such a active helpful community here willing to help thanks guys!!!!
                            Hope one of you guys will crack my issue....

                            1 Reply Last reply Reply Quote 0
                            • DerelictD
                              Derelict LAYER 8 Netgate
                              last edited by

                              What does ExpressVPN say the compression should be set to?

                              Chattanooga, Tennessee, USA
                              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                              Do Not Chat For Help! NO_WAN_EGRESS(TM)

                              A 1 Reply Last reply Reply Quote 0
                              • B
                                bcruze
                                last edited by bcruze

                                Well my post is flagged as spam if I post the express pfsense tutorial link

                                Adaptive lzo... so it’s almost like there is something wrong with the particular server he is using

                                I don’t have an account with express to see what will work..

                                A 1 Reply Last reply Reply Quote 0
                                • A
                                  akkiz @Derelict
                                  last edited by

                                  @Derelict adaptive lzo

                                  1 Reply Last reply Reply Quote 0
                                  • A
                                    akkiz @bcruze
                                    last edited by

                                    @bcruze I tried 6 servers they behaved similar shall I post results from a german or a uk server

                                    A 1 Reply Last reply Reply Quote 0
                                    • A
                                      akkiz @akkiz
                                      last edited by

                                      @akkiz said in losing OpenVPN connection every 20 - 120 seconds:

                                      @bcruze I tried 6 servers they behaved similar shall I post results from a german or a uk server

                                      german server same disconects see logs
                                      Jan 11 08:23:51 openvpn 57875 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
                                      Jan 11 08:23:51 openvpn 57875 TCP/UDP: Preserving recently used remote address: [AF_INET]85.203.15.86:1195
                                      Jan 11 08:23:51 openvpn 57875 Socket Buffers: R=[42080->42080] S=[57344->57344]
                                      Jan 11 08:23:51 openvpn 57875 UDPv4 link local (bound): [AF_INET]86.99.109.193:0
                                      Jan 11 08:23:51 openvpn 57875 UDPv4 link remote: [AF_INET]85.203.15.86:1195
                                      Jan 11 08:24:51 openvpn 57875 [UNDEF] Inactivity timeout (--ping-restart), restarting
                                      Jan 11 08:24:51 openvpn 57875 SIGUSR1[soft,ping-restart] received, process restarting
                                      Jan 11 08:24:51 openvpn 57875 Restart pause, 10 second(s)
                                      Jan 11 08:25:01 openvpn 57875 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
                                      Jan 11 08:25:01 openvpn 57875 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
                                      Jan 11 08:25:01 openvpn 57875 TCP/UDP: Preserving recently used remote address: [AF_INET]85.203.15.85:1195
                                      Jan 11 08:25:01 openvpn 57875 Socket Buffers: R=[42080->42080] S=[57344->57344]
                                      Jan 11 08:25:01 openvpn 57875 UDPv4 link local (bound): [AF_INET]86.99.109.193:0
                                      Jan 11 08:25:01 openvpn 57875 UDPv4 link remote: [AF_INET]85.203.15.85:1195
                                      Jan 11 08:25:14 openvpn 57875 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                      Jan 11 08:25:14 openvpn 57875 MANAGEMENT: CMD 'state 1'
                                      Jan 11 08:25:14 openvpn 57875 MANAGEMENT: Client disconnected
                                      Jan 11 08:25:14 openvpn 57875 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                      Jan 11 08:25:14 openvpn 57875 MANAGEMENT: CMD 'state 1'
                                      Jan 11 08:25:14 openvpn 57875 MANAGEMENT: Client disconnected
                                      Jan 11 08:25:17 openvpn 57875 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                      Jan 11 08:25:17 openvpn 57875 MANAGEMENT: CMD 'state 1'
                                      Jan 11 08:25:17 openvpn 57875 MANAGEMENT: Client disconnected
                                      Jan 11 08:25:19 openvpn 57875 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                      Jan 11 08:25:19 openvpn 57875 MANAGEMENT: CMD 'state 1'
                                      Jan 11 08:25:19 openvpn 57875 MANAGEMENT: Client disconnected
                                      Jan 11 08:26:01 openvpn 57875 [UNDEF] Inactivity timeout (--ping-restart), restarting
                                      Jan 11 08:26:01 openvpn 57875 SIGUSR1[soft,ping-restart] received, process restarting
                                      Jan 11 08:26:01 openvpn 57875 Restart pause, 10 second(s)
                                      Jan 11 08:26:11 openvpn 57875 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
                                      Jan 11 08:26:11 openvpn 57875 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
                                      Jan 11 08:26:11 openvpn 57875 TCP/UDP: Preserving recently used remote address: [AF_INET]85.203.15.86:1195
                                      Jan 11 08:26:11 openvpn 57875 Socket Buffers: R=[42080->42080] S=[57344->57344]
                                      Jan 11 08:26:11 openvpn 57875 UDPv4 link local (bound): [AF_INET]86.99.109.193:0
                                      Jan 11 08:26:11 openvpn 57875 UDPv4 link remote: [AF_INET]85.203.15.86:1195
                                      Jan 11 08:27:04 openvpn 57875 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                      Jan 11 08:27:04 openvpn 57875 MANAGEMENT: CMD 'state 1'
                                      Jan 11 08:27:04 openvpn 57875 MANAGEMENT: Client disconnected
                                      Jan 11 08:27:04 openvpn 57875 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                      Jan 11 08:27:04 openvpn 57875 MANAGEMENT: CMD 'state 1'
                                      Jan 11 08:27:04 openvpn 57875 MANAGEMENT: Client disconnected
                                      Jan 11 08:27:07 openvpn 57875 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                      Jan 11 08:27:07 openvpn 57875 MANAGEMENT: CMD 'state 1'
                                      Jan 11 08:27:07 openvpn 57875 MANAGEMENT: Client disconnected
                                      Jan 11 08:27:09 openvpn 57875 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                      Jan 11 08:27:09 openvpn 57875 MANAGEMENT: CMD 'state 1'
                                      Jan 11 08:27:09 openvpn 57875 MANAGEMENT: Client disconnected
                                      Jan 11 08:27:11 openvpn 57875 [UNDEF] Inactivity timeout (--ping-restart), restarting
                                      Jan 11 08:27:11 openvpn 57875 SIGUSR1[soft,ping-restart] received, process restarting
                                      Jan 11 08:27:11 openvpn 57875 Restart pause, 10 second(s)

                                      A 1 Reply Last reply Reply Quote 0
                                      • A
                                        akkiz @akkiz
                                        last edited by akkiz

                                        @akkiz express1.jpg
                                        Jan 11 08:37:19 openvpn 12072 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
                                        Jan 11 08:37:19 openvpn 12072 TUN/TAP device ovpnc3 exists previously, keep at program end
                                        Jan 11 08:37:19 openvpn 12072 TUN/TAP device /dev/tun3 opened
                                        Jan 11 08:37:19 openvpn 12072 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
                                        Jan 11 08:37:19 openvpn 12072 /sbin/ifconfig ovpnc3 10.199.0.146 10.199.0.145 mtu 1500 netmask 255.255.255.255 up
                                        Jan 11 08:37:19 openvpn 12072 /usr/local/sbin/ovpn-linkup ovpnc3 1500 1609 10.199.0.146 10.199.0.145 init
                                        Jan 11 08:37:22 openvpn 12072 Initialization Sequence Completed
                                        Jan 11 08:37:28 openvpn 12072 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                        Jan 11 08:37:28 openvpn 12072 MANAGEMENT: CMD 'state 1'
                                        Jan 11 08:37:28 openvpn 12072 MANAGEMENT: CMD 'status 2'
                                        Jan 11 08:37:28 openvpn 12072 MANAGEMENT: Client disconnected
                                        Jan 11 08:37:41 openvpn 12072 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                        Jan 11 08:37:41 openvpn 12072 MANAGEMENT: CMD 'state 1'
                                        Jan 11 08:37:41 openvpn 12072 MANAGEMENT: CMD 'status 2'
                                        Jan 11 08:37:41 openvpn 12072 MANAGEMENT: Client disconnected
                                        Jan 11 08:37:41 openvpn 12072 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                        Jan 11 08:37:41 openvpn 12072 MANAGEMENT: CMD 'state 1'
                                        Jan 11 08:37:41 openvpn 12072 MANAGEMENT: CMD 'status 2'
                                        Jan 11 08:37:41 openvpn 12072 MANAGEMENT: Client disconnected
                                        Jan 11 08:37:44 openvpn 12072 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                        Jan 11 08:37:44 openvpn 12072 MANAGEMENT: CMD 'state 1'
                                        Jan 11 08:37:44 openvpn 12072 MANAGEMENT: CMD 'status 2'
                                        Jan 11 08:37:44 openvpn 12072 MANAGEMENT: Client disconnected
                                        Jan 11 08:37:48 openvpn 12072 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                        Jan 11 08:37:48 openvpn 12072 MANAGEMENT: CMD 'state 1'
                                        Jan 11 08:37:48 openvpn 12072 MANAGEMENT: CMD 'status 2'
                                        Jan 11 08:37:48 openvpn 12072 MANAGEMENT: Client disconnected
                                        Jan 11 08:38:49 openvpn 12072 [Server-4256-0a] Inactivity timeout (--ping-restart), restarting
                                        Jan 11 08:38:49 openvpn 12072 SIGUSR1[soft,ping-restart] received, process restarting
                                        Jan 11 08:38:49 openvpn 12072 Restart pause, 10 second(s)
                                        Jan 11 08:38:59 openvpn 12072 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
                                        Jan 11 08:38:59 openvpn 12072 TCP/UDP: Preserving recently used remote address: [AF_INET]85.203.15.86:1195
                                        Jan 11 08:38:59 openvpn 12072 Socket Buffers: R=[42080->524288] S=[57344->524288]
                                        Jan 11 08:38:59 openvpn 12072 UDPv4 link local (bound): [AF_INET]86.99.109.193:0
                                        Jan 11 08:38:59 openvpn 12072 UDPv4 link remote: [AF_INET]85.203.15.86:1195
                                        Jan 11 08:39:41 openvpn 12072 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                        Jan 11 08:39:41 openvpn 12072 MANAGEMENT: CMD 'state 1'
                                        Jan 11 08:39:41 openvpn 12072 MANAGEMENT: Client disconnected
                                        Jan 11 08:39:48 openvpn 12072 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                        Jan 11 08:39:48 openvpn 12072 MANAGEMENT: CMD 'state 1'
                                        Jan 11 08:39:48 openvpn 12072 MANAGEMENT: Client disconnected
                                        Jan 11 08:39:48 openvpn 12072 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                        Jan 11 08:39:48 openvpn 12072 MANAGEMENT: CMD 'state 1'
                                        Jan 11 08:39:48 openvpn 12072 MANAGEMENT: Client disconnected
                                        Jan 11 08:39:52 openvpn 12072 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                        Jan 11 08:39:52 openvpn 12072 MANAGEMENT: CMD 'state 1'
                                        Jan 11 08:39:52 openvpn 12072 MANAGEMENT: Client disconnected
                                        Jan 11 08:39:56 openvpn 12072 MANAGEMENT: Client connected from /var/etc/openvpn/client3.sock
                                        Jan 11 08:39:56 openvpn 12072 MANAGEMENT: CMD 'state 1'
                                        Jan 11 08:39:56 openvpn 12072 MANAGEMENT: Client disconnected

                                        1 Reply Last reply Reply Quote 0
                                        • stephenw10S
                                          stephenw10 Netgate Administrator
                                          last edited by

                                          It looks like it connects OK and then timesout with no data after 1min. There is some data shown though.

                                          During that 1 min can you send/receive anything over the tunnel?

                                          You are using the same login info from a host client and are able to connect OK? You have the connection log showing the successful connection from there?

                                          Steve

                                          A 1 Reply Last reply Reply Quote 0
                                          • A
                                            akkiz @stephenw10
                                            last edited by

                                            @stephenw10 let me check and get back to u

                                            A 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.