Openvpn lockout
-
Hi Team,
I been using pfsense now for about 3 year and it works great. I have a roadwarrior connection to the site. I recently upgraded to the latest version and now every so often it disconnect me and then I am unable to connect. I managed to have a look on the server and here is what I can see:
Nov 22 11:43:16 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:44:22 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:44:22 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:44:22 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:44:22 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:45:28 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:45:28 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:45:28 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:45:28 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:46:34 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:46:34 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:46:34 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:46:34 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:47:40 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:47:40 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:47:40 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:47:40 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:48:46 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:48:46 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:48:47 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:48:47 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:49:52 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:49:52 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:49:53 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:49:53 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:50:58 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:50:58 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:50:59 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:50:59 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:52:04 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:52:05 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:52:05 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:52:05 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:53:10 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:53:11 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:53:11 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:53:11 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:54:16 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:54:17 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:54:17 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:54:17 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:55:23 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:55:23 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:55:23 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:55:23 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:56:29 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:56:29 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:56:29 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:56:29 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:56:51 openvpn 35618 user/X.X.X.X:37559 TLS: soft reset sec=0 bytes=35031708/0 pkts=75350/0I replaced the ip address with the X:X:X:X
The only way to to get this to work again was to restart the openvpn server and the I was able to get connected.
Nov 22 11:49:52 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:49:52 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:49:53 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:49:53 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:50:58 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:50:58 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:50:59 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:50:59 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:52:04 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:52:05 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:52:05 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:52:05 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:53:10 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:53:11 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:53:11 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:53:11 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:54:16 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:54:17 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:54:17 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:54:17 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:55:23 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:55:23 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:55:23 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:55:23 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:56:29 openvpn 35618 MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Nov 22 11:56:29 openvpn 35618 MANAGEMENT: CMD 'status 2'
Nov 22 11:56:29 openvpn 35618 MANAGEMENT: CMD 'quit'
Nov 22 11:56:29 openvpn 35618 MANAGEMENT: Client disconnected
Nov 22 11:56:51 openvpn 35618 user/X.X.X.X:37559 TLS: soft reset sec=0 bytes=35031708/0 pkts=75350/0
Nov 22 13:21:08 openvpn 10858 OpenVPN 2.3.11 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Jul 19 2016
Nov 22 13:21:08 openvpn 10858 library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09
Nov 22 13:21:08 openvpn 11136 MANAGEMENT: unix domain socket listening on /var/etc/openvpn/server1.sock
Nov 22 13:21:08 openvpn 11136 NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
Nov 22 13:21:08 openvpn 11136 Diffie-Hellman initialized with 1024 bit key
Nov 22 13:21:08 openvpn 11136 Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
Nov 22 13:21:08 openvpn 11136 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Nov 22 13:21:08 openvpn 11136 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Nov 22 13:21:08 openvpn 11136 Socket Buffers: R=[42080->42080] S=[57344->57344]
Nov 22 13:21:08 openvpn 11136 ROUTE_GATEWAY X.X.X.X
Nov 22 13:21:08 openvpn 11136 TUN/TAP device ovpns1 exists previously, keep at program end
Nov 22 13:21:08 openvpn 11136 TUN/TAP device /dev/tun1 opened
Nov 22 13:21:08 openvpn 11136 do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Nov 22 13:21:08 openvpn 11136 /sbin/ifconfig ovpns1 X.X.X.X X.X.X.X mtu 1500 netmask 255.255.255.255 up
Nov 22 13:21:08 openvpn 11136 /usr/local/sbin/ovpn-linkup ovpns1 1500 1557 X.X.X.X X.X.X.X init
Nov 22 13:21:08 openvpn 11136 /sbin/route add -net X.X.X.X X.X.X.X 255.255.255.0
Nov 22 13:21:08 openvpn 11136 UDPv4 link local (bound): [AF_INET]X.X.X.X:YYYY
Nov 22 13:21:08 openvpn 11136 UDPv4 link remote: [undef]
Nov 22 13:21:08 openvpn 11136 MULTI: multi_init called, r=256 v=256
Nov 22 13:21:08 openvpn 11136 IFCONFIG POOL: base=X.X.X.X size=62, ipv6=0
Nov 22 13:21:08 openvpn 11136 Initialization Sequence CompletedCould anyone assist please?
Rajbps