Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Client not able to connect - loop forever

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 4 Posters 4.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nikkon
      last edited by

      Hi all,

      I have problems with the client connecting to the openvpn server. On the server side the logs logs are looking like this:
      After a restart it always works for a time…then disconnects again.

      Nov 13 10:23:21 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:22 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:22 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:22 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:22 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:23 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:24 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:24 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:24 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:25 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:27 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:27 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:27 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:27 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:28 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:28 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:28 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:29 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:29 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:30 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:30 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:31 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:33 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:34 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:37 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:37 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:38 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:39 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:39 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:41 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:41 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:41 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:41 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:41 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:43 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:43 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:44 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:44 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:45 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:45 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:45 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:46 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:47 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:48 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:49 openvpn 20754 mihai/58.146.138.174:53521 write UDPv4: Permission denied (code=13)
      Nov 13 10:23:50 openvpn 20754 mihai/58.146.138.174:53521 [mihai] Inactivity timeout (–ping-restart), restarting
      Nov 13 14:11:19 openvpn 20754 event_wait : Interrupted system call (code=4)
      Nov 13 14:11:19 openvpn 20754 /usr/local/sbin/ovpn-linkdown ovpns1 1500 1570 10.20.30.1 255.255.255.0 init
      Nov 13 14:11:19 openvpn 20754 SIGTERM[hard,] received, process exiting
      Nov 13 14:11:20 openvpn 96434 OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Jul 19 2016
      Nov 13 14:11:20 openvpn 96434 library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
      Nov 13 14:11:20 openvpn 96455 NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
      Nov 13 14:11:20 openvpn 96455 Initializing OpenSSL support for engine 'rdrand'
      Nov 13 14:11:20 openvpn 96455 Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
      Nov 13 14:11:20 openvpn 96455 TUN/TAP device ovpns1 exists previously, keep at program end
      Nov 13 14:11:20 openvpn 96455 TUN/TAP device /dev/tun1 opened
      Nov 13 14:11:20 openvpn 96455 do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Nov 13 14:11:20 openvpn 96455 /sbin/ifconfig ovpns1 10.20.30.1 10.20.30.2 mtu 1500 netmask 255.255.255.0 up
      Nov 13 14:11:20 openvpn 96455 /usr/local/sbin/ovpn-linkup ovpns1 1500 1570 10.20.30.1 255.255.255.0 init
      Nov 13 14:11:20 openvpn 96455 UDPv4 link local (bound): [AF_INET]86.127.128.120:1194
      Nov 13 14:11:20 openvpn 96455 UDPv4 link remote: [undef]
      Nov 13 14:11:20 openvpn 96455 Initialization Sequence Completed
      Nov 14 18:59:44 openvpn 96455 event_wait : Interrupted system call (code=4)
      Nov 14 18:59:44 openvpn 96455 /usr/local/sbin/ovpn-linkdown ovpns1 1500 1570 10.20.30.1 255.255.255.0 init
      Nov 14 18:59:44 openvpn 96455 SIGTERM[hard,] received, process exiting
      Nov 14 18:59:44 openvpn 45954 OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Jul 19 2016
      Nov 14 18:59:44 openvpn 45954 library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
      Nov 14 18:59:44 openvpn 46083 NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
      Nov 14 18:59:44 openvpn 46083 Initializing OpenSSL support for engine 'rdrand'
      Nov 14 18:59:44 openvpn 46083 Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
      Nov 14 18:59:44 openvpn 46083 TUN/TAP device ovpns1 exists previously, keep at program end
      Nov 14 18:59:44 openvpn 46083 TUN/TAP device /dev/tun1 opened
      Nov 14 18:59:44 openvpn 46083 do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Nov 14 18:59:44 openvpn 46083 /sbin/ifconfig ovpns1 10.20.30.1 10.20.30.2 mtu 1500 netmask 255.255.255.0 up
      Nov 14 18:59:44 openvpn 46083 /usr/local/sbin/ovpn-linkup ovpns1 1500 1570 10.20.30.1 255.255.255.0 init
      Nov 14 18:59:44 openvpn 46083 UDPv4 link local (bound): [AF_INET]86.127.128.120:1194
      Nov 14 18:59:44 openvpn 46083 UDPv4 link remote: [undef]
      Nov 14 18:59:44 openvpn 46083 Initialization Sequence Completed
      Nov 14 19:01:20 openvpn 46083 event_wait : Interrupted system call (code=4)
      Nov 14 19:01:20 openvpn 46083 /usr/local/sbin/ovpn-linkdown ovpns1 1500 1570 10.20.30.1 255.255.255.0 init
      Nov 14 19:01:20 openvpn 46083 SIGTERM[hard,] received, process exiting
      Nov 14 19:01:20 openvpn 89195 OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Jul 19 2016
      Nov 14 19:01:20 openvpn 89195 library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
      Nov 14 19:01:20 openvpn 89228 NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
      Nov 14 19:01:20 openvpn 89228 Initializing OpenSSL support for engine 'rdrand'
      Nov 14 19:01:20 openvpn 89228 Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
      Nov 14 19:01:20 openvpn 89228 TUN/TAP device ovpns1 exists previously, keep at program end
      Nov 14 19:01:20 openvpn 89228 TUN/TAP device /dev/tun1 opened
      Nov 14 19:01:20 openvpn 89228 do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Nov 14 19:01:20 openvpn 89228 /sbin/ifconfig ovpns1 10.20.30.1 10.20.30.2 mtu 1500 netmask 255.255.255.0 up
      Nov 14 19:01:20 openvpn 89228 /usr/local/sbin/ovpn-linkup ovpns1 1500 1570 10.20.30.1 255.255.255.0 init
      Nov 14 19:01:20 openvpn 89228 UDPv4 link local (bound): [AF_INET]86.127.128.120:1194
      Nov 14 19:01:20 openvpn 89228 UDPv4 link remote: [undef]
      Nov 14 19:01:20 openvpn 89228 Initialization Sequence Completed
      Nov 14 19:09:14 openvpn user 'mihai' authenticated
      Nov 14 19:09:14 openvpn 89228 58.146.138.174:1194 [mihai] Peer Connection Initiated with [AF_INET]58.146.138.174:1194
      Nov 14 19:09:14 openvpn 89228 mihai/58.146.138.174:1194 MULTI_sva: pool returned IPv4=10.20.30.2, IPv6=(Not enabled)
      Nov 14 19:09:16 openvpn 89228 mihai/58.146.138.174:1194 send_push_reply(): safe_cap=940
      Nov 14 19:09:28 openvpn user 'mihai' authenticated
      Nov 14 19:09:46 openvpn 89228 mihai/58.146.138.174:1194 send_push_reply(): safe_cap=940

      any clue?

      Thank you

      pfsense 2.3.4 on Supermicro A1SRi-2758F + 8GB ECC + SSD

      Happy PfSense user :)

      1 Reply Last reply Reply Quote 0
      • N
        nikkon
        last edited by

        It seems Suricata was the problem
        for some reason it dropped the connection.

        pfsense 2.3.4 on Supermicro A1SRi-2758F + 8GB ECC + SSD

        Happy PfSense user :)

        1 Reply Last reply Reply Quote 0
        • T
          TDJ211
          last edited by

          Im having the same issue. How were you able to conclude it was Suricata?

          1 Reply Last reply Reply Quote 0
          • N
            nikkon
            last edited by

            disabled suricata. can't make it work

            pfsense 2.3.4 on Supermicro A1SRi-2758F + 8GB ECC + SSD

            Happy PfSense user :)

            R 1 Reply Last reply Reply Quote 0
            • S
              Sea Monkey
              last edited by

              I just recently switched from Snort to Suricata and am having this issue with my first OpenVPN instance.  The second one seems to remain active.

              1 Reply Last reply Reply Quote 0
              • R
                rdont @nikkon
                last edited by

                @nikkon How do I disable suricata?

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.