Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Disconnects every 30min on the dot

    Scheduled Pinned Locked Moved OpenVPN
    15 Posts 4 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      elementalwindx
      last edited by

      @johnpoz:

      What is in the server log or client log?

      Can you post up your configs..  You might need to up the verb on your logging..

      you can find it in /var/etc/openvpn/ you should see like server1.conf depending on how many instances of opevpn you have setup.

      There should be a
      keepalive 10 60

      what does your topology look like
      topology subnet

      So you have anything in there about
      reneg-sec

      dev ovpns9
      verb 1
      dev-type tun
      dev-node /dev/tun9
      writepid /var/run/openvpn_server9.pid
      #user nobody
      #group nobody
      script-security 3
      daemon
      keepalive 10 60
      ping-timer-rem
      persist-tun
      persist-key
      proto tcp-server
      cipher AES-256-OFB
      auth RSA-SHA512
      up /usr/local/sbin/ovpn-linkup
      down /usr/local/sbin/ovpn-linkdown
      client-connect /usr/local/sbin/openvpn.attributes.sh
      client-disconnect /usr/local/sbin/openvpn.attributes.sh
      local my.ip.address.yall
      engine cryptodev
      tls-server
      server 10.0.16.0 255.255.255.0
      client-config-dir /var/etc/openvpn-csc/server9
      username-as-common-name
      auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user 'TFRM AD' false server9" via-env
      tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'my.outside.fdqn.address.com.yall' 1"
      lport 1201
      management /var/etc/openvpn/server9.sock unix
      push "route 192.168.70.0 255.255.255.0"
      push "dhcp-option DOMAIN xxx.pr0n.local"
      push "dhcp-option DNS 192.168.70.3"
      push "register-dns"
      client-to-client
      duplicate-cn
      ca /var/etc/openvpn/server9.ca 
      cert /var/etc/openvpn/server9.cert 
      key /var/etc/openvpn/server9.key 
      dh /etc/dh-parameters.4096
      tls-auth /var/etc/openvpn/server9.tls-auth 0
      comp-lzo adaptive
      passtos
      persist-remote-ip
      float
      topology subnet
      
      

      My home where I'm connecting from is on a 192.168.1.0/24 setup with a ubnt unifi gateway/router. My office is one of your netgate boxes connecting thru 10.0.16.0/24 vpn tunnel into 192.168.70.0/24 subnet.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Try setting Compression to No preference and re-exporting/loading the profile.

        Else we'll need to see the logs from the server and maybe the client to see why.

        Should stay connected until you disconnect.

        What is the reason for straying so far from the defaults at every opportunity? TCP? RSA-SHA512? AES-256-OFB? You just want to be different or something?

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • E
          elementalwindx
          last edited by

          @Derelict:

          Try setting Compression to No preference and re-exporting/loading the profile.

          Else we'll need to see the logs from the server and maybe the client to see why.

          Should stay connected until you disconnect.

          What is the reason for straying so far from the defaults at every opportunity? TCP? RSA-SHA512? AES-256-OFB? You just want to be different or something?

          I just like to touch everything and find things that shouldn't be broken :P haha. I'll get back to you when I give that a try.

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            The answer is in the logs.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • E
              elementalwindx
              last edited by

              @Derelict:

              The answer is in the logs.

              Logs:

              pfSense
              System	
              Interfaces	
              Firewall	
              Services	
              VPN	
              Status	
              Diagnostics	
              Gold	
              Help	
              StatusSystem LogsOpenVPN
              System
              Firewall
              DHCP
              Captive Portal Auth
              IPsec
              PPP
              VPN
              Load Balancer
              OpenVPN
              NTP
              Settings
              Last 2000 OpenVPN Log Entries. (Maximum 2000)
              Time	Process	PID	Message
              Nov 18 20:25:12	openvpn	28986	myusername/my.personal.home.ip:49762 send_push_reply(): safe_cap=940
              Nov 18 20:25:11	openvpn	28986	myusername/my.personal.home.ip:49762 MULTI_sva: pool returned IPv4=10.0.16.2, IPv6=(Not enabled)
              Nov 18 20:25:11	openvpn	28986	my.personal.home.ip:49762 [myusername] Peer Connection Initiated with [AF_INET]my.personal.home.ip:49762
              Nov 18 20:25:11	openvpn	28986	my.personal.home.ip:49762 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 18 20:25:11	openvpn		user 'myusername' authenticated
              Nov 18 20:25:09	openvpn	28986	TCP connection established with [AF_INET]my.personal.home.ip:49762
              Nov 18 09:52:07	openvpn	28986	myusername/my.personal.home.ip:60376 Connection reset, restarting [-1]
              Nov 18 09:51:04	openvpn	28986	myusername/my.personal.home.ip:60376 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 18 09:51:04	openvpn		user 'myusername' authenticated
              Nov 18 08:51:04	openvpn	28986	myusername/my.personal.home.ip:60376 send_push_reply(): safe_cap=940
              Nov 18 08:51:02	openvpn	28986	myusername/my.personal.home.ip:60376 MULTI_sva: pool returned IPv4=10.0.16.2, IPv6=(Not enabled)
              Nov 18 08:51:02	openvpn	28986	my.personal.home.ip:60376 [myusername] Peer Connection Initiated with [AF_INET]my.personal.home.ip:60376
              Nov 18 08:51:02	openvpn	28986	my.personal.home.ip:60376 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 18 08:51:02	openvpn		user 'myusername' authenticated
              Nov 18 08:51:00	openvpn	28986	TCP connection established with [AF_INET]my.personal.home.ip:60376
              Nov 18 04:29:31	openvpn	28986	myusername/my.personal.home.ip:58251 Connection reset, restarting [-1]
              Nov 18 04:28:28	openvpn	28986	myusername/my.personal.home.ip:58251 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 18 04:28:28	openvpn		user 'myusername' authenticated
              Nov 18 03:28:27	openvpn	28986	myusername/my.personal.home.ip:58251 send_push_reply(): safe_cap=940
              Nov 18 03:28:26	openvpn	28986	myusername/my.personal.home.ip:58251 MULTI_sva: pool returned IPv4=10.0.16.2, IPv6=(Not enabled)
              Nov 18 03:28:26	openvpn	28986	my.personal.home.ip:58251 [myusername] Peer Connection Initiated with [AF_INET]my.personal.home.ip:58251
              Nov 18 03:28:26	openvpn	28986	my.personal.home.ip:58251 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 18 03:28:26	openvpn		user 'myusername' authenticated
              Nov 18 03:28:24	openvpn	28986	TCP connection established with [AF_INET]my.personal.home.ip:58251
              Nov 18 03:26:58	openvpn	28986	myusername/my.personal.home.ip:64244 Connection reset, restarting [-1]
              Nov 18 03:25:59	openvpn	28986	myusername/my.personal.home.ip:64244 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 18 03:25:59	openvpn		user 'myusername' authenticated
              Nov 18 02:26:00	openvpn	28986	myusername/my.personal.home.ip:64244 send_push_reply(): safe_cap=940
              Nov 18 02:25:58	openvpn	28986	myusername/my.personal.home.ip:64244 MULTI_sva: pool returned IPv4=10.0.16.2, IPv6=(Not enabled)
              Nov 18 02:25:58	openvpn	28986	my.personal.home.ip:64244 [myusername] Peer Connection Initiated with [AF_INET]my.personal.home.ip:64244
              Nov 18 02:25:58	openvpn	28986	my.personal.home.ip:64244 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 18 02:25:58	openvpn		user 'myusername' authenticated
              Nov 18 02:25:56	openvpn	28986	TCP connection established with [AF_INET]my.personal.home.ip:64244
              Nov 18 02:25:44	openvpn	28986	myusername/my.personal.home.ip:54568 Connection reset, restarting [-1]
              Nov 18 02:24:45	openvpn	28986	myusername/my.personal.home.ip:54568 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 18 02:24:45	openvpn		user 'myusername' authenticated
              Nov 18 01:24:45	openvpn	28986	myusername/my.personal.home.ip:54568 send_push_reply(): safe_cap=940
              Nov 18 01:24:44	openvpn	28986	myusername/my.personal.home.ip:54568 MULTI_sva: pool returned IPv4=10.0.16.2, IPv6=(Not enabled)
              Nov 18 01:24:44	openvpn	28986	my.personal.home.ip:54568 [myusername] Peer Connection Initiated with [AF_INET]my.personal.home.ip:54568
              Nov 18 01:24:44	openvpn	28986	my.personal.home.ip:54568 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 18 01:24:44	openvpn		user 'myusername' authenticated
              Nov 18 01:24:42	openvpn	28986	TCP connection established with [AF_INET]my.personal.home.ip:54568
              Nov 18 01:24:14	openvpn	28986	myusername/my.personal.home.ip:61423 Connection reset, restarting [-1]
              Nov 18 01:23:06	openvpn	28986	myusername/my.personal.home.ip:61423 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 18 01:23:06	openvpn		user 'myusername' authenticated
              Nov 18 00:23:06	openvpn	28986	myusername/my.personal.home.ip:61423 send_push_reply(): safe_cap=940
              Nov 18 00:23:05	openvpn	28986	myusername/my.personal.home.ip:61423 MULTI_sva: pool returned IPv4=10.0.16.2, IPv6=(Not enabled)
              Nov 18 00:23:05	openvpn	28986	my.personal.home.ip:61423 [myusername] Peer Connection Initiated with [AF_INET]my.personal.home.ip:61423
              Nov 18 00:23:05	openvpn	28986	my.personal.home.ip:61423 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 18 00:23:05	openvpn		user 'myusername' authenticated
              Nov 18 00:23:02	openvpn	28986	TCP connection established with [AF_INET]my.personal.home.ip:61423
              Nov 17 18:46:24	openvpn	15335	WARNING: 'ifconfig' is used inconsistently, local='ifconfig 10.0.9.1 10.0.9.2', remote='ifconfig 10.0.5.1 10.0.5.2'
              Nov 17 18:46:18	openvpn	19653	Initialization Sequence Completed
              Nov 17 18:46:16	openvpn	19653	Peer Connection Initiated with [AF_INET]184.3.85.169:54903
              Nov 17 18:46:17	openvpn	19653	TCPv4_SERVER link remote: [AF_INET]184.3.85.169:54903
              Nov 17 18:46:17	openvpn	19653	TCPv4_SERVER link local (bound): [AF_INET]my.pfsense.router.address:1198
              Nov 17 18:46:17	openvpn	19653	TCP connection established with [AF_INET]184.3.85.169:54903
              Nov 17 18:46:17	openvpn	13756	Initialization Sequence Completed
              Nov 17 18:46:17	openvpn	13756	Peer Connection Initiated with [AF_INET]24.106.211.234:52758
              Nov 17 18:46:16	openvpn	13756	TCPv4_SERVER link remote: [AF_INET]24.106.211.234:52758
              Nov 17 18:46:16	openvpn	13756	TCPv4_SERVER link local (bound): [AF_INET]my.pfsense.router.address:1194
              Nov 17 18:46:16	openvpn	13756	TCP connection established with [AF_INET]24.106.211.234:52758
              Nov 17 18:46:14	openvpn	15335	Initialization Sequence Completed
              Nov 17 18:46:13	openvpn	15335	Peer Connection Initiated with [AF_INET]24.39.130.108:45052
              Nov 17 18:46:13	openvpn	15335	TCPv4_SERVER link remote: [AF_INET]24.39.130.108:45052
              Nov 17 18:46:13	openvpn	15335	TCPv4_SERVER link local (bound): [AF_INET]my.pfsense.router.address:1195
              Nov 17 18:46:13	openvpn	15335	TCP connection established with [AF_INET]24.39.130.108:45052
              Nov 17 18:45:21	openvpn	28986	Initialization Sequence Completed
              Nov 17 18:45:21	openvpn	28986	TCPv4_SERVER link remote: [undef]
              Nov 17 18:45:21	openvpn	28986	TCPv4_SERVER link local (bound): [AF_INET]my.pfsense.router.address:1201
              Nov 17 18:45:21	openvpn	28986	Listening for incoming TCP connection on [AF_INET]my.pfsense.router.address:1201
              Nov 17 18:45:21	openvpn	28986	/usr/local/sbin/ovpn-linkup ovpns9 1500 1593 10.0.16.1 255.255.255.0 init
              Nov 17 18:45:21	openvpn	28986	/sbin/ifconfig ovpns9 10.0.16.1 10.0.16.2 mtu 1500 netmask 255.255.255.0 up
              Nov 17 18:45:21	openvpn	28986	do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
              Nov 17 18:45:21	openvpn	28986	ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
              Nov 17 18:45:21	openvpn	28986	TUN/TAP device /dev/tun9 opened
              Nov 17 18:45:21	openvpn	28986	TUN/TAP device ovpns9 exists previously, keep at program end
              Nov 17 18:45:21	openvpn	28986	Control Channel Authentication: using '/var/etc/openvpn/server9.tls-auth' as a OpenVPN static key file
              Nov 17 18:45:21	openvpn	28986	Initializing OpenSSL support for engine 'cryptodev'
              Nov 17 18:45:21	openvpn	28986	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
              Nov 17 18:45:21	openvpn	28986	Could not retrieve default gateway from route socket:: No such process (errno=3)
              Nov 17 18:45:21	openvpn	28986	WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want
              Nov 17 18:45:21	openvpn	28707	library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
              Nov 17 18:45:21	openvpn	28707	OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on May 16 2016
              Nov 17 18:45:21	openvpn	26697	Listening for incoming TCP connection on [AF_INET]my.pfsense.router.address:1200
              Nov 17 18:45:21	openvpn	26697	ERROR: FreeBSD route add command failed: external program exited with error status: 1
              Nov 17 18:45:21	openvpn	26697	/usr/local/sbin/ovpn-linkup ovpns8 1500 1591 10.0.15.1 10.0.15.2 init
              Nov 17 18:45:21	openvpn	26697	/sbin/ifconfig ovpns8 10.0.15.1 10.0.15.2 mtu 1500 netmask 255.255.255.255 up
              Nov 17 18:45:21	openvpn	26697	do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
              Nov 17 18:45:21	openvpn	26697	ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
              Nov 17 18:45:21	openvpn	26697	TUN/TAP device /dev/tun8 opened
              Nov 17 18:45:21	openvpn	26697	TUN/TAP device ovpns8 exists previously, keep at program end
              Nov 17 18:45:21	openvpn	26697	Could not retrieve default gateway from route socket:: No such process (errno=3)
              Nov 17 18:45:21	openvpn	26697	Initializing OpenSSL support for engine 'rdrand'
              Nov 17 18:45:21	openvpn	26697	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
              Nov 17 18:45:21	openvpn	26146	library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
              Nov 17 18:45:21	openvpn	26146	OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on May 16 2016
              Nov 17 18:45:21	openvpn	24030	UDPv4 link remote: [undef]
              Nov 17 18:45:21	openvpn	24030	UDPv4 link local (bound): [AF_INET]my.pfsense.router.address:1193
              Nov 17 18:45:21	openvpn	24030	/usr/local/sbin/ovpn-linkup ovpns7 1500 1561 10.0.14.1 10.0.14.2 init
              Nov 17 18:45:21	openvpn	24030	/sbin/ifconfig ovpns7 10.0.14.1 10.0.14.2 mtu 1500 netmask 255.255.255.255 up
              Nov 17 18:45:21	openvpn	24030	do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
              Nov 17 18:45:21	openvpn	24030	ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
              Nov 17 18:45:21	openvpn	24030	TUN/TAP device /dev/tun7 opened
              Nov 17 18:45:21	openvpn	24030	TUN/TAP device ovpns7 exists previously, keep at program end
              Nov 17 18:45:21	openvpn	24030	Could not retrieve default gateway from route socket:: No such process (errno=3)
              Nov 17 18:45:21	openvpn	24030	Initializing OpenSSL support for engine 'cryptodev'
              Nov 17 18:45:21	openvpn	24030	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
              Nov 17 18:45:21	openvpn	23382	library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
              Nov 17 18:45:21	openvpn	23382	OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on May 16 2016
              Nov 17 18:45:21	openvpn	21905	Initialization Sequence Completed
              Nov 17 18:45:21	openvpn	21905	TCPv4_SERVER link remote: [undef]
              Nov 17 18:45:21	openvpn	21905	TCPv4_SERVER link local (bound): [AF_INET]my.pfsense.router.address:1199
              Nov 17 18:45:21	openvpn	21905	Listening for incoming TCP connection on [AF_INET]my.pfsense.router.address:1199
              Nov 17 18:45:21	openvpn	21905	/usr/local/sbin/ovpn-linkup ovpns6 1500 1593 10.0.13.1 255.255.255.0 init
              Nov 17 18:45:21	openvpn	21905	/sbin/ifconfig ovpns6 10.0.13.1 10.0.13.2 mtu 1500 netmask 255.255.255.0 up
              Nov 17 18:45:21	openvpn	21905	do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
              Nov 17 18:45:21	openvpn	21905	ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
              Nov 17 18:45:21	openvpn	21905	TUN/TAP device /dev/tun6 opened
              Nov 17 18:45:21	openvpn	21905	TUN/TAP device ovpns6 exists previously, keep at program end
              Nov 17 18:45:21	openvpn	21905	Control Channel Authentication: using '/var/etc/openvpn/server6.tls-auth' as a OpenVPN static key file
              Nov 17 18:45:21	openvpn	21905	Initializing OpenSSL support for engine 'cryptodev'
              Nov 17 18:45:21	openvpn	21905	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
              Nov 17 18:45:21	openvpn	21905	Could not retrieve default gateway from route socket:: No such process (errno=3)
              Nov 17 18:45:21	openvpn	21905	WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want
              Nov 17 18:45:21	openvpn	21584	library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
              Nov 17 18:45:21	openvpn	21584	OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on May 16 2016
              Nov 17 18:45:21	openvpn	19653	Listening for incoming TCP connection on [AF_INET]my.pfsense.router.address:1198
              Nov 17 18:45:21	openvpn	19653	/usr/local/sbin/ovpn-linkup ovpns5 1500 1563 10.0.12.1 10.0.12.2 init
              Nov 17 18:45:21	openvpn	19653	/sbin/ifconfig ovpns5 10.0.12.1 10.0.12.2 mtu 1500 netmask 255.255.255.255 up
              Nov 17 18:45:21	openvpn	19653	do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
              Nov 17 18:45:21	openvpn	19653	ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
              Nov 17 18:45:21	openvpn	19653	TUN/TAP device /dev/tun5 opened
              Nov 17 18:45:21	openvpn	19653	TUN/TAP device ovpns5 exists previously, keep at program end
              Nov 17 18:45:21	openvpn	19653	Could not retrieve default gateway from route socket:: No such process (errno=3)
              Nov 17 18:45:21	openvpn	19653	Initializing OpenSSL support for engine 'cryptodev'
              Nov 17 18:45:21	openvpn	19653	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
              Nov 17 18:45:21	openvpn	19326	library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
              Nov 17 18:45:21	openvpn	19326	OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on May 16 2016
              Nov 17 18:45:21	openvpn	17725	Listening for incoming TCP connection on [AF_INET]my.pfsense.router.address:1197
              Nov 17 18:45:21	openvpn	17725	/usr/local/sbin/ovpn-linkup ovpns4 1500 1563 10.0.11.1 10.0.11.2 init
              Nov 17 18:45:21	openvpn	17725	/sbin/ifconfig ovpns4 10.0.11.1 10.0.11.2 mtu 1500 netmask 255.255.255.255 up
              Nov 17 18:45:21	openvpn	17725	do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
              Nov 17 18:45:21	openvpn	17725	ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
              Nov 17 18:45:21	openvpn	17725	TUN/TAP device /dev/tun4 opened
              Nov 17 18:45:21	openvpn	17725	TUN/TAP device ovpns4 exists previously, keep at program end
              Nov 17 18:45:21	openvpn	17725	Could not retrieve default gateway from route socket:: No such process (errno=3)
              Nov 17 18:45:21	openvpn	17725	Initializing OpenSSL support for engine 'cryptodev'
              Nov 17 18:45:21	openvpn	17725	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
              Nov 17 18:45:21	openvpn	17418	library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
              Nov 17 18:45:21	openvpn	17418	OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on May 16 2016
              Nov 17 18:45:21	openvpn	15335	Listening for incoming TCP connection on [AF_INET]my.pfsense.router.address:1195
              Nov 17 18:45:21	openvpn	15335	/usr/local/sbin/ovpn-linkup ovpns2 1500 1563 10.0.9.1 10.0.9.2 init
              Nov 17 18:45:21	openvpn	15335	/sbin/ifconfig ovpns2 10.0.9.1 10.0.9.2 mtu 1500 netmask 255.255.255.255 up
              Nov 17 18:45:21	openvpn	15335	do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
              Nov 17 18:45:21	openvpn	15335	ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
              Nov 17 18:45:21	openvpn	15335	TUN/TAP device /dev/tun2 opened
              Nov 17 18:45:21	openvpn	15335	TUN/TAP device ovpns2 exists previously, keep at program end
              Nov 17 18:45:21	openvpn	15335	Could not retrieve default gateway from route socket:: No such process (errno=3)
              Nov 17 18:45:21	openvpn	15335	Initializing OpenSSL support for engine 'cryptodev'
              Nov 17 18:45:21	openvpn	15335	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
              Nov 17 18:45:21	openvpn	14916	library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
              Nov 17 18:45:21	openvpn	14916	OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on May 16 2016
              Nov 17 18:45:21	openvpn	13756	Listening for incoming TCP connection on [AF_INET]my.pfsense.router.address:1194
              Nov 17 18:45:21	openvpn	13756	/usr/local/sbin/ovpn-linkup ovpns1 1500 1563 10.0.8.1 10.0.8.2 init
              Nov 17 18:45:21	openvpn	13756	/sbin/ifconfig ovpns1 10.0.8.1 10.0.8.2 mtu 1500 netmask 255.255.255.255 up
              Nov 17 18:45:21	openvpn	13756	do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
              Nov 17 18:45:21	openvpn	13756	ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
              Nov 17 18:45:21	openvpn	13756	TUN/TAP device /dev/tun1 opened
              Nov 17 18:45:21	openvpn	13756	TUN/TAP device ovpns1 exists previously, keep at program end
              Nov 17 18:45:21	openvpn	13756	Could not retrieve default gateway from route socket:: No such process (errno=3)
              Nov 17 18:45:21	openvpn	13756	Initializing OpenSSL support for engine 'rsax'
              Nov 17 18:45:21	openvpn	13756	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
              Nov 17 18:45:21	openvpn	13283	library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
              Nov 17 18:45:21	openvpn	13283	OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on May 16 2016
              Nov 17 15:36:47	openvpn	12099	anotherusername/99.111.16.39:59086 Connection reset, restarting [0]
              Nov 17 15:36:40	openvpn	12099	anotherusername/99.111.16.39:59086 send_push_reply(): safe_cap=940
              Nov 17 15:36:38	openvpn	12099	anotherusername/99.111.16.39:59086 MULTI_sva: pool returned IPv4=10.0.16.2, IPv6=(Not enabled)
              Nov 17 15:36:38	openvpn	12099	99.111.16.39:59086 [anotherusername] Peer Connection Initiated with [AF_INET]99.111.16.39:59086
              Nov 17 15:36:38	openvpn	12099	99.111.16.39:59086 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 17 15:36:38	openvpn		user 'anotherusername' authenticated
              Nov 17 15:36:35	openvpn	12099	TCP connection established with [AF_INET]99.111.16.39:59086
              Nov 17 11:43:17	openvpn	12099	myusername/my.personal.home.ip:52340 Connection reset, restarting [-1]
              Nov 17 11:42:14	openvpn	12099	myusername/my.personal.home.ip:52340 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 17 11:42:14	openvpn		user 'myusername' authenticated
              Nov 17 11:26:13	openvpn	12099	anotherusername/99.111.16.39:58085 Connection reset, restarting [0]
              Nov 17 10:42:14	openvpn	12099	myusername/my.personal.home.ip:52340 send_push_reply(): safe_cap=940
              Nov 17 10:42:13	openvpn	12099	myusername/my.personal.home.ip:52340 MULTI_sva: pool returned IPv4=10.0.16.3, IPv6=(Not enabled)
              Nov 17 10:42:13	openvpn	12099	my.personal.home.ip:52340 [myusername] Peer Connection Initiated with [AF_INET]my.personal.home.ip:52340
              Nov 17 10:42:13	openvpn	12099	my.personal.home.ip:52340 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 17 10:42:13	openvpn		user 'myusername' authenticated
              Nov 17 10:42:11	openvpn	12099	TCP connection established with [AF_INET]my.personal.home.ip:52340
              Nov 17 10:36:36	openvpn	12099	anotherusername/99.111.16.39:58085 send_push_reply(): safe_cap=940
              Nov 17 10:36:34	openvpn	12099	anotherusername/99.111.16.39:58085 MULTI_sva: pool returned IPv4=10.0.16.2, IPv6=(Not enabled)
              Nov 17 10:36:34	openvpn	12099	99.111.16.39:58085 [anotherusername] Peer Connection Initiated with [AF_INET]99.111.16.39:58085
              Nov 17 10:36:34	openvpn	12099	99.111.16.39:58085 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 17 10:36:34	openvpn		user 'anotherusername' authenticated
              Nov 17 10:36:31	openvpn	12099	TCP connection established with [AF_INET]99.111.16.39:58085
              Nov 17 03:33:34	openvpn	12099	myusername/my.personal.home.ip:51008 Connection reset, restarting [-1]
              Nov 17 03:32:33	openvpn	12099	myusername/my.personal.home.ip:51008 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 17 03:32:33	openvpn		user 'myusername' authenticated
              Nov 17 02:32:33	openvpn	12099	myusername/my.personal.home.ip:51008 send_push_reply(): safe_cap=940
              Nov 17 02:32:32	openvpn	12099	myusername/my.personal.home.ip:51008 MULTI_sva: pool returned IPv4=10.0.16.2, IPv6=(Not enabled)
              Nov 17 02:32:32	openvpn	12099	my.personal.home.ip:51008 [myusername] Peer Connection Initiated with [AF_INET]my.personal.home.ip:51008
              Nov 17 02:32:32	openvpn	12099	my.personal.home.ip:51008 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 17 02:32:32	openvpn		user 'myusername' authenticated
              Nov 17 02:32:30	openvpn	12099	TCP connection established with [AF_INET]my.personal.home.ip:51008
              Nov 17 02:31:46	openvpn	12099	myusername/my.personal.home.ip:56966 Connection reset, restarting [-1]
              Nov 17 02:30:42	openvpn	12099	myusername/my.personal.home.ip:56966 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 17 02:30:42	openvpn		user 'myusername' authenticated
              Nov 17 01:30:42	openvpn	12099	myusername/my.personal.home.ip:56966 send_push_reply(): safe_cap=940
              Nov 17 01:30:41	openvpn	12099	myusername/my.personal.home.ip:56966 MULTI_sva: pool returned IPv4=10.0.16.2, IPv6=(Not enabled)
              Nov 17 01:30:41	openvpn	12099	my.personal.home.ip:56966 [myusername] Peer Connection Initiated with [AF_INET]my.personal.home.ip:56966
              Nov 17 01:30:41	openvpn	12099	my.personal.home.ip:56966 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 17 01:30:41	openvpn		user 'myusername' authenticated
              Nov 17 01:30:39	openvpn	12099	TCP connection established with [AF_INET]my.personal.home.ip:56966
              Nov 17 01:23:51	openvpn	12099	myusername/my.personal.home.ip:62784 Connection reset, restarting [-1]
              Nov 17 01:22:52	openvpn	12099	myusername/my.personal.home.ip:62784 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 17 01:22:52	openvpn		user 'myusername' authenticated
              Nov 17 00:22:52	openvpn	12099	myusername/my.personal.home.ip:62784 send_push_reply(): safe_cap=940
              Nov 17 00:22:51	openvpn	12099	myusername/my.personal.home.ip:62784 MULTI_sva: pool returned IPv4=10.0.16.2, IPv6=(Not enabled)
              Nov 17 00:22:51	openvpn	12099	my.personal.home.ip:62784 [myusername] Peer Connection Initiated with [AF_INET]my.personal.home.ip:62784
              Nov 17 00:22:51	openvpn	12099	my.personal.home.ip:62784 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 17 00:22:51	openvpn		user 'myusername' authenticated
              Nov 17 00:22:49	openvpn	12099	TCP connection established with [AF_INET]my.personal.home.ip:62784
              Nov 17 00:22:37	openvpn	12099	myusername/my.personal.home.ip:53176 Connection reset, restarting [-1]
              Nov 17 00:21:38	openvpn	12099	myusername/my.personal.home.ip:53176 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1593', remote='link-mtu 1608'
              Nov 17 00:21:38	openvpn		user 'myusername' authenticated
              
              1 Reply Last reply Reply Quote 0
              • DerelictD
                Derelict LAYER 8 Netgate
                last edited by

                Looks like something is closing the TCP session. Computer sleeping or something?

                Nov 18 09:52:07 openvpn 28986 myusername/my.personal.home.ip:60376 Connection reset, restarting [-1]

                You might need to packet capture on WAN TCP:1201 to see what's happening there or check the logs on the client.

                You're still using TCP. Why?

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • E
                  elementalwindx
                  last edited by

                  @Derelict:

                  Looks like something is closing the TCP session. Computer sleeping or something?

                  Nov 18 09:52:07 openvpn 28986 myusername/my.personal.home.ip:60376 Connection reset, restarting [-1]

                  You might need to packet capture on WAN TCP:1201 to see what's happening there or check the logs on the client.

                  You're still using TCP. Why?

                  Where do you find the logs on the client? My pc never goes to sleep but it makes me wonder if the adapter has power saving features turned on or not. I can wireshark it if I need to.

                  1 Reply Last reply Reply Quote 0
                  • DerelictD
                    Derelict LAYER 8 Netgate
                    last edited by

                    Right click on the connection > View Log

                    Chattanooga, Tennessee, USA
                    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    1 Reply Last reply Reply Quote 0
                    • E
                      elementalwindx
                      last edited by

                      Sat Nov 19 21:05:21 2016 open_tun
                      Sat Nov 19 21:05:21 2016 TAP-WIN32 device [Ethernet 4] opened: \\.\Global\{26461399-D2E9-4B17-B9BE-706F71488A9F}.tap
                      Sat Nov 19 21:05:21 2016 Set TAP-Windows TUN subnet mode network/local/netmask = 10.0.16.0/10.0.16.2/255.255.255.0 [SUCCEEDED]
                      Sat Nov 19 21:05:21 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.0.16.2/255.255.255.0 on interface {26461399-D2E9-4B17-B9BE-706F71488A9F} [DHCP-serv: 10.0.16.254, lease-time: 31536000]
                      Sat Nov 19 21:05:21 2016 Successful ARP Flush on interface [3] {26461399-D2E9-4B17-B9BE-706F71488A9F}
                      Sat Nov 19 21:05:21 2016 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
                      Sat Nov 19 21:05:26 2016 Initialization Sequence Completed
                      Sat Nov 19 21:05:26 2016 Register_dns request sent to the service
                      Sat Nov 19 22:05:21 2016 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1608', remote='link-mtu 1593'
                      Sat Nov 19 22:06:22 2016 Assertion failed at crypto.c:626 (opt->flags & CO_USE_IV)
                      Sat Nov 19 22:06:22 2016 Exiting due to fatal error
                      
                      

                      Exiting due to fatal error? O_o That is the log on my home pc.

                      Found this on google, but it's 6 years old….. https://community.openvpn.net/openvpn/ticket/89 and claims to have been fixed......

                      1 Reply Last reply Reply Quote 0
                      • DerelictD
                        Derelict LAYER 8 Netgate
                        last edited by

                        Looks like a client problem. I never see such a think with viscosity.

                        Chattanooga, Tennessee, USA
                        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                        Do Not Chat For Help! NO_WAN_EGRESS(TM)

                        1 Reply Last reply Reply Quote 0
                        • jimpJ
                          jimp Rebel Alliance Developer Netgate
                          last edited by

                          Definitely a client error. Completely uninstall OpenVPN and the tap adapter from the client and then download the most recent release from the OpenVPN site and try that.

                          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                          Need help fast? Netgate Global Support!

                          Do not Chat/PM for help!

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.