Issue with OpenVPN dropping session - Warning –ns-cert-type is DEPRECATED

Koval88 · Apr 26, 2017, 2:02 AM

Here is my OpenVPN log below:

Tue Apr 25 18:34:29 2017 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
Tue Apr 25 18:34:29 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]PUBLIC--IP--HERE:1194
Tue Apr 25 18:34:29 2017 UDP link local (bound): [AF_INET][undef]:1194
Tue Apr 25 18:34:29 2017 UDP link remote: [AF_INET]PUBLIC--IP--HERE:1194
Tue Apr 25 18:34:30 2017 [domainname.com] Peer Connection Initiated with [AF_INET]PUBLIC--IP--HERE:1194
Tue Apr 25 18:34:31 2017 open_tun
Tue Apr 25 18:34:31 2017 TAP-WIN32 device [Ethernet] opened: \\.\Global\{604EFE39-6A8B-4503-80EE-0318536062E7}.tap
Tue Apr 25 18:34:31 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.10.10/255.255.255.252 on interface {604EFE39-6A8B-4503-80EE-0318536062E7} [DHCP-serv: 192.168.10.9, lease-time: 31536000]
Tue Apr 25 18:34:31 2017 Successful ARP Flush on interface [21] {604EFE39-6A8B-4503-80EE-0318536062E7}
Tue Apr 25 18:34:31 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Tue Apr 25 18:34:36 2017 ROUTE: route addition failed using service: The parameter is incorrect.   [status=87 if_index=21]
Tue Apr 25 18:34:36 2017 Initialization Sequence Completed
Tue Apr 25 18:49:17 2017 [domainname.com] Inactivity timeout (--ping-restart), restarting
Tue Apr 25 18:49:17 2017 SIGUSR1[soft,ping-restart] received, process restarting
Tue Apr 25 18:49:22 2017 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
Tue Apr 25 18:49:22 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]PUBLIC--IP--HERE:1194
Tue Apr 25 18:49:22 2017 UDP link local (bound): [AF_INET][undef]:1194
Tue Apr 25 18:49:22 2017 UDP link remote: [AF_INET]PUBLIC--IP--HERE:1194
Tue Apr 25 18:49:23 2017 [domainname.com] Peer Connection Initiated with [AF_INET]PUBLIC--IP--HERE:1194
Tue Apr 25 18:49:25 2017 Preserving previous TUN/TAP instance: Ethernet
Tue Apr 25 18:49:25 2017 Initialization Sequence Completed

Note, domain and the Public-IP has been obfuscated.

Could you please tell me what is possibly causing this and how could I resolve that? It drops the connection occasionally. I am using the Client Export for OpenVPN. I tend to have this issue on Windows and OS X. The mobile connection is solid and does not seem to be dropping using the OpenVPN app.
Please let me know.
Thank you!

jimp · May 1, 2017, 1:29 PM

The warning is non-fatal and unrelated.

Your problem appears to be that you lose connectivity between your client and the server. This is the only relevant line:

Tue Apr 25 18:49:17 2017 [domainname.com] Inactivity timeout (--ping-restart), restarting

tendonut · May 1, 2017, 1:57 PM

I've started having this issue with PIA. The service has been rock solid on my pfsense box for 5 months, and just in the past week or so, I noticed that the VPN connection does not stay up. It drops with this error after about 5 minutes consistently.