Netgate Hardware - Half OVPN Clients Dropping today
-
I'm running Netgate SG-2440 with an OpenVPN Server.
I have 10 users or so, all Windows, where I used the OVPN Client Export tool. All 10 can connect to the OVPN Server.Last few weeks I've had a user or two randomly notify me that they can no longer access their work machine (Windows RDP). I've restarted OVPN server, had them reboot, etc to no avail. I do see that they are connected but cannot ping them and they cannot ping anything. For about 95% of the time, maybe greater, there are no issues with these 10 remote users.
Today I had 4 remote users, all about the same time, text me and say that they cannot connect. I've tried restarting the OVPN service, had them reboot their local machines that is running the OVPN client to no avail. They can RANDOMLY get in every few minutes but they cannot be productive constantly getting booted off.
I'm about 90% sure it is OVPN related and not Windows RDP related. What is bizarre is that today I had 6 other remote users all logged in, working, doing their thing, without any hiccups.
Any help with diagnosing what to do from here? Any particular logs to tail -f? Are the logs on the clients machine useful?
-
Following up on this. Any insight or ways to diagnose? I am still having issues.
-
Could you try to re-export OpenVPN using OpenVPN Client export tool? The newest version uses OpenVPN 2.5.
-
@viktor_g said in Netgate Hardware - Half OVPN Clients Dropping today:
Could you try to re-export OpenVPN using OpenVPN Client export tool? The newest version uses OpenVPN 2.5.
I am using pfsense version 2.4.5-RELEASE-p1. It says it is the latest version. I do see the OpenVPN 2.5 export so I'll try that.
In meantime any other suggestions is much appreciated.
-
@pfsensefanatic said in Netgate Hardware - Half OVPN Clients Dropping today:
@viktor_g said in Netgate Hardware - Half OVPN Clients Dropping today:
Could you try to re-export OpenVPN using OpenVPN Client export tool? The newest version uses OpenVPN 2.5.
I am using pfsense version 2.4.5-RELEASE-p1. It says it is the latest version. I do see the OpenVPN 2.5 export so I'll try that.
In meantime any other suggestions is much appreciated.
Using OpenVPN 2.5 export made no difference.
Anyway to diagnose this? Any suggestions? Could it be that the Netgate equipment isn't powerful enough?
-
@pfsensefanatic Please show the OpenVPN log and configuration
-
@viktor_g said in Netgate Hardware - Half OVPN Clients Dropping today:
@pfsensefanatic Please show the OpenVPN log and configuration
Hi @viktor_g thank you for the reply. Do I need to redact any information from the log or .conf file? Don't want to potentially expose something because of ignorance. Thank you.
-
@pfsensefanatic said in Netgate Hardware - Half OVPN Clients Dropping today:
@viktor_g said in Netgate Hardware - Half OVPN Clients Dropping today:
@pfsensefanatic Please show the OpenVPN log and configuration
Hi @viktor_g thank you for the reply. Do I need to redact any information from the log or .conf file? Don't want to potentially expose something because of ignorance. Thank you.
Following up on this. Thank you.
-
Following up
-
Following up again on this. This is still happening. Any help out there?
-
Please show the OpenVPN log and configuration
Still waiting for this I would assume.
-
@johnpoz said in Netgate Hardware - Half OVPN Clients Dropping today:
Please show the OpenVPN log and configuration
Still waiting for this I would assume.
Hi @johnpoz
Yes, but waiting on answer to:
" Do I need to redact any information from the log or .conf file? Don't want to potentially expose something because of ignorance. Thank you."Sorry for ignorance, just trying to play it safe.
-
The only thing that might be in there you want to redact should be pretty obvious ;)
Say your public IP, or fqdn your connecting to..