Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Issue with OpenVPN dropping session - Warning –ns-cert-type is DEPRECATED

    OpenVPN
    3
    3
    3319
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      Koval88 last edited by

      Here is my OpenVPN log below:

      Tue Apr 25 18:34:29 2017 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
      Tue Apr 25 18:34:29 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]PUBLIC--IP--HERE:1194
      Tue Apr 25 18:34:29 2017 UDP link local (bound): [AF_INET][undef]:1194
      Tue Apr 25 18:34:29 2017 UDP link remote: [AF_INET]PUBLIC--IP--HERE:1194
      Tue Apr 25 18:34:30 2017 [domainname.com] Peer Connection Initiated with [AF_INET]PUBLIC--IP--HERE:1194
      Tue Apr 25 18:34:31 2017 open_tun
      Tue Apr 25 18:34:31 2017 TAP-WIN32 device [Ethernet] opened: \\.\Global\{604EFE39-6A8B-4503-80EE-0318536062E7}.tap
      Tue Apr 25 18:34:31 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.10.10/255.255.255.252 on interface {604EFE39-6A8B-4503-80EE-0318536062E7} [DHCP-serv: 192.168.10.9, lease-time: 31536000]
      Tue Apr 25 18:34:31 2017 Successful ARP Flush on interface [21] {604EFE39-6A8B-4503-80EE-0318536062E7}
      Tue Apr 25 18:34:31 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
      Tue Apr 25 18:34:36 2017 ROUTE: route addition failed using service: The parameter is incorrect.   [status=87 if_index=21]
      Tue Apr 25 18:34:36 2017 Initialization Sequence Completed
      Tue Apr 25 18:49:17 2017 [domainname.com] Inactivity timeout (--ping-restart), restarting
      Tue Apr 25 18:49:17 2017 SIGUSR1[soft,ping-restart] received, process restarting
      Tue Apr 25 18:49:22 2017 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
      Tue Apr 25 18:49:22 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]PUBLIC--IP--HERE:1194
      Tue Apr 25 18:49:22 2017 UDP link local (bound): [AF_INET][undef]:1194
      Tue Apr 25 18:49:22 2017 UDP link remote: [AF_INET]PUBLIC--IP--HERE:1194
      Tue Apr 25 18:49:23 2017 [domainname.com] Peer Connection Initiated with [AF_INET]PUBLIC--IP--HERE:1194
      Tue Apr 25 18:49:25 2017 Preserving previous TUN/TAP instance: Ethernet
      Tue Apr 25 18:49:25 2017 Initialization Sequence Completed
      

      Note, domain and the Public-IP has been obfuscated.

      Could you please tell me what is possibly causing this and how could I resolve that? It drops the connection occasionally. I am using the Client Export for OpenVPN. I tend to have this issue on Windows and OS X. The mobile connection is solid and does not seem to be dropping using the OpenVPN app.
      Please let me know.
      Thank you!

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        The warning is non-fatal and unrelated.

        Your problem appears to be that you lose connectivity between your client and the server. This is the only relevant line:

        Tue Apr 25 18:49:17 2017 [domainname.com] Inactivity timeout (--ping-restart), restarting
        

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • T
          tendonut last edited by

          I've started having this issue with PIA. The service has been rock solid on my pfsense box for 5 months, and just in the past week or so, I noticed that the VPN connection does not stay up. It drops with this error after about 5 minutes consistently.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post