Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Peer to Peer reconnecting; ping-restart

    Scheduled Pinned Locked Moved Portuguese
    1 Posts 1 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ? Offline
      A Former User
      last edited by

      Ola.
      tenho dois pfsense pra ligar dois locais remotos.
      Segui a configuracao indicada no site do pfSense para fazer a ligacao via OpenVPN peer to peer, todavia nao consigo faze-las conectar. No status do openvpn server nao aparece qualquer conexao. No status do openvpn cliente fica com a mensagem: reconnecting; ping-restart
      já fiz e refiz as configuracoes varias vezes e sempre fico nesse mesmo resultado.
      Espero que alguem que tenha dominio do openvpn possa me indicar alguma configuracao que possa ser feita.

      seguem as configuracoes e logs:

      infraestrutura

      server
      link a radio dedicado. (abaixo o termo "xxx.xxx.xxx.xxx" refere-se ao ip de internet do server)
      o modem cria uma rede interna na faixa 192.168.88.0/24
      o pfsense usa o ip 192.168.88.254 como externo e cria a rede interna 172.16.32.0/24

      cliente
      adsl
      o modem cria uma rede interna na faixa 192.168.30.0/24
      o pfsense usa o ip 192.168.30.254 como externo e cria a rede interna 192.168.1.0/24

      acessos nos dois pfSense estao ok (inclusive port forwarding).

      configuracoes

      server:

      
dev ovpns1
verb 4
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-128-CBC
auth SHA1
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 192.168.88.254
ifconfig 192.168.76.1 192.168.76.2
lport 1194
management /var/etc/openvpn/server1.sock unix
max-clients 5
route 192.168.1.0 255.255.255.0
secret /var/etc/openvpn/server1.secret
comp-lzo adaptive
passtos

      cliente:

      
dev ovpnc1
verb 4
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_client1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-128-CBC
auth SHA1
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 192.168.30.254
lport 0
management /var/etc/openvpn/client1.sock unix
remote xxx.xxx.xxx.xxx 1194
ifconfig 192.168.76.2 192.168.76.1
route 172.16.32.0 255.255.255.0
secret /var/etc/openvpn/client1.secret
comp-lzo adaptive
passtos
resolv-retry infinite

      logs

      server

      
Jun 30 08:13:15 pfSense openvpn[28881]: MANAGEMENT: Client disconnected
Jun 30 08:14:17 pfSense openvpn[28881]: MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Jun 30 08:14:17 pfSense openvpn[28881]: MANAGEMENT: CMD 'status 2'
Jun 30 08:14:17 pfSense openvpn[28881]: MANAGEMENT: CMD 'quit'
Jun 30 08:14:17 pfSense openvpn[28881]: MANAGEMENT: Client disconnected
Jun 30 08:15:18 pfSense openvpn[28881]: MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Jun 30 08:15:19 pfSense openvpn[28881]: MANAGEMENT: CMD 'status 2'
Jun 30 08:15:19 pfSense openvpn[28881]: MANAGEMENT: CMD 'quit'
Jun 30 08:15:19 pfSense openvpn[28881]: MANAGEMENT: Client disconnected
Jun 30 08:16:20 pfSense openvpn[28881]: MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Jun 30 08:16:20 pfSense openvpn[28881]: MANAGEMENT: CMD 'status 2'
Jun 30 08:16:20 pfSense openvpn[28881]: MANAGEMENT: CMD 'quit'
Jun 30 08:16:20 pfSense openvpn[28881]: MANAGEMENT: Client disconnected
0be45 0001f844 4100007f 116730ac 10203ac0 a80191d[more...]
Jun 29 14:48:04 pfSense openvpn[5734]: ENCRYPT TO: 78a1c282 9fca33ca ab8f4c85 4a81e5b4 6133de20 46d04f9b 5a680d96 bb674d1[more...]
Jun 29 14:48:04 pfSense openvpn[5734]: TCP/UDP: No outgoing address to send packet
Jun 29 14:48:04 pfSense openvpn[5734]: TIMER: coarse timer wakeup 1 seconds
Jun 29 14:48:04 pfSense openvpn[5734]: PO_CTL rwflags=0x0001 ev=6 arg=0x080d638c
Jun 29 14:48:04 pfSense openvpn[5734]: PO_CTL rwflags=0x0001 ev=7 arg=0x080d5620
Jun 29 14:48:04 pfSense openvpn[5734]: PO_CTL rwflags=0x0001 ev=5 arg=0x080d5624

      cliente:

      
Jun 30 06:05:06 Naga openvpn[94663]: TCP/UDP: Closing socket
Jun 30 06:05:06 Naga openvpn[94663]: SIGUSR1[soft,ping-restart] received, process restarting
Jun 30 06:05:06 Naga openvpn[94663]: Restart pause, 2 second(s)
Jun 30 06:05:08 Naga openvpn[94663]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jun 30 06:05:08 Naga openvpn[94663]: Re-using pre-shared static key
Jun 30 06:05:08 Naga openvpn[94663]: LZO compression initialized
Jun 30 06:05:08 Naga openvpn[94663]: Socket Buffers: R=[42080->42080] S=[57344->57344]
Jun 30 06:05:08 Naga openvpn[94663]: Preserving previous TUN/TAP instance: ovpnc1
Jun 30 06:05:08 Naga openvpn[94663]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ]
Jun 30 06:05:08 Naga openvpn[94663]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,ifconfig 192.168.76.1 192.168.76.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Jun 30 06:05:08 Naga openvpn[94663]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,ifconfig 192.168.76.2 192.168.76.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Jun 30 06:05:08 Naga openvpn[94663]: Local Options hash (VER=V4): '4e7cbab4'
Jun 30 06:05:08 Naga openvpn[94663]: Expected Remote Options hash (VER=V4): 'f9a5208f'
Jun 30 06:05:08 Naga openvpn[94663]: UDPv4 link local (bound): [AF_INET]192.168.30.254
Jun 30 06:05:08 Naga openvpn[94663]: UDPv4 link remote: [AF_INET]xxx.xxx.xx.xxx:1194
Jun 30 06:06:08 Naga openvpn[94663]: Inactivity timeout (--ping-restart), restarting
Jun 30 06:06:08 Naga openvpn[94663]: TCP/UDP: Closing socket
Jun 30 06:06:08 Naga openvpn[94663]: SIGUSR1[soft,ping-restart] received, process restarting
Jun 30 06:06:08 Naga openvpn[94663]: Restart pause, 2 second(s)
Jun 30 06:06:10 Naga openvpn[94663]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jun 30 06:06:10 Naga openvpn[94663]: Re-using pre-shared static key
Jun 30 06:06:10 Naga openvpn[94663]: LZO compression initialized
Jun 30 06:06:10 Naga openvpn[94663]: Socket Buffers: R=[42080->42080] S=[57344->57344]
Jun 30 06:06:10 Naga openvpn[94663]: Preserving previous TUN/TAP instance: ovpnc1
Jun 30 06:06:10 Naga openvpn[94663]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ]
Jun 30 06:06:10 Naga openvpn[94663]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,ifconfig 192.168.76.1 192.168.76.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Jun 30 06:06:10 Naga openvpn[94663]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,ifconfig 192.168.76.2 192.168.76.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Jun 30 06:06:10 Naga openvpn[94663]: Local Options hash (VER=V4): '4e7cbab4'
Jun 30 06:06:10 Naga openvpn[94663]: Expected Remote Options hash (VER=V4): 'f9a5208f'
Jun 30 06:06:10 Naga openvpn[94663]: UDPv4 link local (bound): [AF_INET]192.168.30.254
Jun 30 06:06:10 Naga openvpn[94663]: UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
Jun 30 06:07:11 Naga openvpn[94663]: Inactivity timeout (--ping-restart), restarting
Jun 30 06:07:11 Naga openvpn[94663]: TCP/UDP: Closing socket
Jun 30 06:07:11 Naga openvpn[94663]: SIGUSR1[soft,ping-restart] received, process restarting
Jun 30 06:07:11 Naga openvpn[94663]: Restart pause, 2 second(s)
Jun 30 06:07:13 Naga openvpn[94663]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jun 30 06:07:13 Naga openvpn[94663]: Re-using pre-shared static key
Jun 30 06:07:13 Naga openvpn[94663]: LZO compression initialized
Jun 30 06:07:13 Naga openvpn[94663]: Socket Buffers: R=[42080->42080] S=[57344->57344]
Jun 30 06:07:13 Naga openvpn[94663]: Preserving previous TUN/TAP instance: ovpnc1
Jun 30 06:07:13 Naga openvpn[94663]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ]
Jun 30 06:07:13 Naga openvpn[94663]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,ifconfig 192.168.76.1 192.168.76.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Jun 30 06:07:13 Naga openvpn[94663]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,ifconfig 192.168.76.2 192.168.76.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Jun 30 06:07:13 Naga openvpn[94663]: Local Options hash (VER=V4): '4e7cbab4'
Jun 30 06:07:13 Naga openvpn[94663]: Expected Remote Options hash (VER=V4): 'f9a5208f'
Jun 30 06:07:13 Naga openvpn[94663]: UDPv4 link local (bound): [AF_INET]192.168.30.254
Jun 30 06:07:13 Naga openvpn[94663]: UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
Jun 30 06:08:13 Naga openvpn[94663]: Inactivity timeout (--ping-restart), restarting
Jun 30 06:08:13 Naga openvpn[94663]: TCP/UDP: Closing socket
Jun 30 06:08:13 Naga openvpn[94663]: SIGUSR1[soft,ping-restart] received, process restarting
Jun 30 06:08:13 Naga openvpn[94663]: Restart pause, 2 second(s)
Jun 30 06:08:15 Naga openvpn[94663]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jun 30 06:08:15 Naga openvpn[94663]: Re-using pre-shared static key
Jun 30 06:08:15 Naga openvpn[94663]: LZO compression initialized
Jun 30 06:08:15 Naga openvpn[94663]: Socket Buffers: R=[42080->42080] S=[57344->57344]
Jun 30 06:08:15 Naga openvpn[94663]: Preserving previous TUN/TAP instance: ovpnc1
Jun 30 06:08:15 Naga openvpn[94663]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ]
Jun 30 06:08:15 Naga openvpn[94663]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,ifconfig 192.168.76.1 192.168.76.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Jun 30 06:08:15 Naga openvpn[94663]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,ifconfig 192.168.76.2 192.168.76.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Jun 30 06:08:15 Naga openvpn[94663]: Local Options hash (VER=V4): '4e7cbab4'
Jun 30 06:08:15 Naga openvpn[94663]: Expected Remote Options hash (VER=V4): 'f9a5208f'
Jun 30 06:08:15 Naga openvpn[94663]: UDPv4 link local (bound): [AF_INET]192.168.30.254
Jun 30 06:08:15 Naga openvpn[94663]: UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
Jun 30 06:09:15 Naga openvpn[94663]: Inactivity timeout (--ping-restart), restarting
Jun 30 06:09:15 Naga openvpn[94663]: TCP/UDP: Closing socket
Jun 30 06:09:15 Naga openvpn[94663]: SIGUSR1[soft,ping-restart] received, process restarting
Jun 30 06:09:15 Naga openvpn[94663]: Restart pause, 2 second(s)
Jun 30 06:09:17 Naga openvpn[94663]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jun 30 06:09:17 Naga openvpn[94663]: Re-using pre-shared static key
Jun 30 06:09:17 Naga openvpn[94663]: LZO compression initialized
Jun 30 06:09:17 Naga openvpn[94663]: Socket Buffers: R=[42080->42080] S=[57344->57344]
Jun 30 06:09:17 Naga openvpn[94663]: Preserving previous TUN/TAP instance: ovpnc1
Jun 30 06:09:17 Naga openvpn[94663]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ]
Jun 30 06:09:17 Naga openvpn[94663]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,ifconfig 192.168.76.1 192.168.76.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Jun 30 06:09:17 Naga openvpn[94663]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,ifconfig 192.168.76.2 192.168.76.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Jun 30 06:09:17 Naga openvpn[94663]: Local Options hash (VER=V4): '4e7cbab4'
Jun 30 06:09:17 Naga openvpn[94663]: Expected Remote Options hash (VER=V4): 'f9a5208f'
Jun 30 06:09:17 Naga openvpn[94663]: UDPv4 link local (bound): [AF_INET]192.168.30.254
Jun 30 06:09:17 Naga openvpn[94663]: UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
Jun 30 06:10:18 Naga openvpn[94663]: Inactivity timeout (--ping-restart), restarting
Jun 30 06:10:18 Naga openvpn[94663]: TCP/UDP: Closing socket
Jun 30 06:10:18 Naga openvpn[94663]: SIGUSR1[soft,ping-restart] received, process restarting
Jun 30 06:10:18 Naga openvpn[94663]: Restart pause, 2 second(s)
Jun 30 06:10:20 Naga openvpn[94663]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jun 30 06:10:20 Naga openvpn[94663]: Re-using pre-shared static key
Jun 30 06:10:20 Naga openvpn[94663]: LZO compression initialized
Jun 30 06:10:20 Naga openvpn[94663]: Socket Buffers: R=[42080->42080] S=[57344->57344]
Jun 30 06:10:20 Naga openvpn[94663]: Preserving previous TUN/TAP instance: ovpnc1
Jun 30 06:10:20 Naga openvpn[94663]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ]
Jun 30 06:10:20 Naga openvpn[94663]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,ifconfig 192.168.76.1 192.168.76.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Jun 30 06:10:20 Naga openvpn[94663]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,ifconfig 192.168.76.2 192.168.76.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Jun 30 06:10:20 Naga openvpn[94663]: Local Options hash (VER=V4): '4e7cbab4'
Jun 30 06:10:20 Naga openvpn[94663]: Expected Remote Options hash (VER=V4): 'f9a5208f'
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.