OpenVPN client losing connectivity after a few minutes of inactivity (SOLVED)
-
I have pfSense setup to send all traffic through an OpenVPN client interface (AirVPN) instead of the normal WAN interface. I've had the system up and running perfectly for about six months. I recently moved, and immediately began having problems with connectivity.
pfSense will connect to the VPN server without any issues, and works fine as long as I'm actively browsing and loading new webpages. If the connection sits idle for a short period of time (maybe 10 minutes or so), new pages won't load. I believe it is unable to resolve the URL, because existing connections (for instance a running YouTube video) continue without issue. This suggests the OpenVPN connection is still functioning correctly, but no new pages will load. The pfSense dashboard continues to show the OpenVPN gateway is online when I lose the ability to load new pages. I can only restore normal connectivity again if I go in and restart the OpenVPN service in pfSense.
I'm confused since the system worked perfectly before getting packed away for the move, but now has this issue. I'm about to reload the software from scratch in case something strange happened to the hard drive during transit and corrupted a file somewhere. Another possibility is this is somehow related to the new ISP, but I'm not sure what they could be doing to cause this.
I've played with a couple of different Keep Alive settings on the OpenVPN client. Right now I've got it set to Keep Alive 5 15 and am still experiencing issues.
Has anyone seen similar behavior or have any ideas?
-
The only error I see in the OpenVPN log is:
Sep 7 22:01:28 openvpn 2809 PID_ERR replay-window backtrack occurred [4] [SSL-0] [0____00000000000000000000000000000000000000000000000000000000000] 0:194 0:190 t=1473274888[0] r=[-3,64,15,4,1] sl=[62,64,64,528]
Sep 7 22:01:28 openvpn 2809 PID_ERR replay-window backtrack occurred [2] [SSL-0] [0__0000000000000000000000000000000000000000000000000000000000000] 0:189 0:187 t=1473274888[0] r=[-3,64,15,2,1] sl=[3,64,64,528]
Sep 7 22:01:24 openvpn 2809 PID_ERR replay-window backtrack occurred [1] [SSL-0] [0_00000000000001111223344] 0:25 0:24 t=1473274884[0] r=[-4,64,15,1,1] sl=[39,25,64,528] -
I found the solution to my problem.
I went through a clean install, but there was no change in the issue of the OpenVPN client disconnecting. I finally tried changing from UDP to TCP for OpenVPN. This resolved the issue. I believe it is due to poor line quality from my ISP and TCP dealing with the errors better.