Openvpn lockout

rajbps

Hi Team,

I been using pfsense now for about 3 year and it works great. I have a roadwarrior connection to the site. I recently upgraded to the latest version and now every so often it disconnect me and then I am unable to connect. I managed to have a look on the server and here is what I can see:

Nov 22 11:43:16  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:44:22  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:44:22  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:44:22  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:44:22  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:45:28  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:45:28  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:45:28  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:45:28  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:46:34  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:46:34  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:46:34  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:46:34  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:47:40  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:47:40  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:47:40  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:47:40  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:48:46  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:48:46  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:48:47  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:48:47  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:49:52  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:49:52  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:49:53  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:49:53  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:50:58  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:50:58  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:50:59  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:50:59  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:52:04  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:52:05  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:52:05  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:52:05  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:53:10  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:53:11  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:53:11  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:53:11  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:54:16  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:54:17  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:54:17  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:54:17  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:55:23  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:55:23  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:55:23  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:55:23  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:56:29  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:56:29  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:56:29  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:56:29  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:56:51  openvpn  35618  user/X.X.X.X:37559 TLS: soft reset sec=0 bytes=35031708/0 pkts=75350/0

I replaced the ip address with the X:X:X:X

The only way to to get this to work again was to restart the openvpn server and the I was able to get connected.

Nov 22 11:49:52  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:49:52  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:49:53  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:49:53  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:50:58  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:50:58  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:50:59  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:50:59  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:52:04  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:52:05  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:52:05  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:52:05  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:53:10  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:53:11  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:53:11  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:53:11  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:54:16  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:54:17  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:54:17  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:54:17  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:55:23  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:55:23  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:55:23  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:55:23  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:56:29  openvpn  35618  MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock 
Nov 22 11:56:29  openvpn  35618  MANAGEMENT: CMD 'status 2' 
Nov 22 11:56:29  openvpn  35618  MANAGEMENT: CMD 'quit' 
Nov 22 11:56:29  openvpn  35618  MANAGEMENT: Client disconnected 
Nov 22 11:56:51  openvpn  35618  user/X.X.X.X:37559 TLS: soft reset sec=0 bytes=35031708/0 pkts=75350/0 
Nov 22 13:21:08  openvpn  10858  OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Jul 19 2016 
Nov 22 13:21:08  openvpn  10858  library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09 
Nov 22 13:21:08  openvpn  11136  MANAGEMENT: unix domain socket listening on /var/etc/openvpn/server1.sock 
Nov 22 13:21:08  openvpn  11136  NOTE: the current –script-security setting may allow this configuration to call user-defined scripts 
Nov 22 13:21:08  openvpn  11136  Diffie-Hellman initialized with 1024 bit key 
Nov 22 13:21:08  openvpn  11136  Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file 
Nov 22 13:21:08  openvpn  11136  Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 
Nov 22 13:21:08  openvpn  11136  Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 
Nov 22 13:21:08  openvpn  11136  Socket Buffers: R=[42080->42080] S=[57344->57344] 
Nov 22 13:21:08  openvpn  11136  ROUTE_GATEWAY X.X.X.X 
Nov 22 13:21:08  openvpn  11136  TUN/TAP device ovpns1 exists previously, keep at program end 
Nov 22 13:21:08  openvpn  11136  TUN/TAP device /dev/tun1 opened 
Nov 22 13:21:08  openvpn  11136  do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 
Nov 22 13:21:08  openvpn  11136  /sbin/ifconfig ovpns1 X.X.X.X X.X.X.X mtu 1500 netmask 255.255.255.255 up 
Nov 22 13:21:08  openvpn  11136  /usr/local/sbin/ovpn-linkup ovpns1 1500 1557 X.X.X.X X.X.X.X init 
Nov 22 13:21:08  openvpn  11136  /sbin/route add -net X.X.X.X X.X.X.X 255.255.255.0 
Nov 22 13:21:08  openvpn  11136  UDPv4 link local (bound): [AF_INET]X.X.X.X:YYYY 
Nov 22 13:21:08  openvpn  11136  UDPv4 link remote: [undef] 
Nov 22 13:21:08  openvpn  11136  MULTI: multi_init called, r=256 v=256 
Nov 22 13:21:08  openvpn  11136  IFCONFIG POOL: base=X.X.X.X size=62, ipv6=0 
Nov 22 13:21:08  openvpn  11136  Initialization Sequence Completed

Could anyone assist please?

Rajbps