Issue with OpenVPN dropping session - Warning –ns-cert-type is DEPRECATED



  • Here is my OpenVPN log below:

    Tue Apr 25 18:34:29 2017 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
    Tue Apr 25 18:34:29 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]PUBLIC--IP--HERE:1194
    Tue Apr 25 18:34:29 2017 UDP link local (bound): [AF_INET][undef]:1194
    Tue Apr 25 18:34:29 2017 UDP link remote: [AF_INET]PUBLIC--IP--HERE:1194
    Tue Apr 25 18:34:30 2017 [domainname.com] Peer Connection Initiated with [AF_INET]PUBLIC--IP--HERE:1194
    Tue Apr 25 18:34:31 2017 open_tun
    Tue Apr 25 18:34:31 2017 TAP-WIN32 device [Ethernet] opened: \\.\Global\{604EFE39-6A8B-4503-80EE-0318536062E7}.tap
    Tue Apr 25 18:34:31 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.10.10/255.255.255.252 on interface {604EFE39-6A8B-4503-80EE-0318536062E7} [DHCP-serv: 192.168.10.9, lease-time: 31536000]
    Tue Apr 25 18:34:31 2017 Successful ARP Flush on interface [21] {604EFE39-6A8B-4503-80EE-0318536062E7}
    Tue Apr 25 18:34:31 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
    Tue Apr 25 18:34:36 2017 ROUTE: route addition failed using service: The parameter is incorrect.   [status=87 if_index=21]
    Tue Apr 25 18:34:36 2017 Initialization Sequence Completed
    Tue Apr 25 18:49:17 2017 [domainname.com] Inactivity timeout (--ping-restart), restarting
    Tue Apr 25 18:49:17 2017 SIGUSR1[soft,ping-restart] received, process restarting
    Tue Apr 25 18:49:22 2017 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
    Tue Apr 25 18:49:22 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]PUBLIC--IP--HERE:1194
    Tue Apr 25 18:49:22 2017 UDP link local (bound): [AF_INET][undef]:1194
    Tue Apr 25 18:49:22 2017 UDP link remote: [AF_INET]PUBLIC--IP--HERE:1194
    Tue Apr 25 18:49:23 2017 [domainname.com] Peer Connection Initiated with [AF_INET]PUBLIC--IP--HERE:1194
    Tue Apr 25 18:49:25 2017 Preserving previous TUN/TAP instance: Ethernet
    Tue Apr 25 18:49:25 2017 Initialization Sequence Completed
    

    Note, domain and the Public-IP has been obfuscated.

    Could you please tell me what is possibly causing this and how could I resolve that? It drops the connection occasionally. I am using the Client Export for OpenVPN. I tend to have this issue on Windows and OS X. The mobile connection is solid and does not seem to be dropping using the OpenVPN app.
    Please let me know.
    Thank you!


  • Rebel Alliance Developer Netgate

    The warning is non-fatal and unrelated.

    Your problem appears to be that you lose connectivity between your client and the server. This is the only relevant line:

    Tue Apr 25 18:49:17 2017 [domainname.com] Inactivity timeout (--ping-restart), restarting
    


  • I've started having this issue with PIA. The service has been rock solid on my pfsense box for 5 months, and just in the past week or so, I noticed that the VPN connection does not stay up. It drops with this error after about 5 minutes consistently.


Log in to reply