Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Openvpn connection to Torguard doesn't reconnect after interruption

    OpenVPN
    3
    5
    955
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      stuck
      last edited by

      Hi everyone,
      I have my pfsense connected to TG using this method: https://torguard.net/knowledgebase.php?action=displayarticle&id=208
      Everything is working fine, but over the past few weeks I've noticed that my pfsense 2.3.2 loses connection w/ Torguard and the connection does not automatically restart.  If I go in to pfsense from the LAN side, I can restart the client service, and everything is back up immediately.  However, during this TG connection interruption, I cannot connect back in from the WAN side through my OVPN server on the pfsense. 
      During one of the interruptions, I was out of town so I didn't have the ability to restart the client service.  After ~2 days, the connection resumed on its own. 
      Is there a way I can set the connection (client service) to restart automatically?

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        You might be seeing an authentication failure. OpenVPN treats that as a hard failure and exits (as opposed to just an inability to connect, it is being told "go away")

        See if Services > Service Watchdog gets you where you need to be.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • D
          duren
          last edited by

          I had torguard for 2-3y until they double billed me once and had no interest in resolving the issue.

          Anyway, if it us auth related, what worked for me was the following advanced parameter:

          auth-retry nointeract

          none – Client will exit with a fatal error (this is the default).
          nointeract -- Client will retry the connection without requerying for an --auth-user-pass username/password. Use this option for unattended clients.
          interact -- Client will requery for an --auth-user-pass username/password and/or private key password before attempting a reconnection.

          1 Reply Last reply Reply Quote 0
          • S
            stuck
            last edited by

            Thank you both for the suggestions.
            I've updated my advanced configuration from - to:

            
***From this***
auth-user-pass /etc/openvpn-passwd.txt;
verb 5;
remote-cert-tls server

***To this***
auth-user-pass /etc/openvpn-passwd.txt;
verb 5;
remote-cert-tls server;
auth-retry nointeract

            And have installed the Service-Watchdog package and will see if either fixes the issue.

            1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate
              last edited by

              Nobody needs to use those auth user/pass files any more. Just use the username and password in the gui config.

              Perfect example of old internet "walk throughs" not being updated with current information.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post