Site to site OEPNVPN



  • Dear All,
    We have a firewall server which is hosting 5 connection site to site VPN using OPENVPN pre-shared key.
    everything has been working for over a month now.
    today we got a call that the users from office 1 can't log in to the office 2.
    so after we checked the tunnel is down.
    the reason why we don't know. no one has changed anything.

    the logs on the client side are

    Aug 18 12:21:03
    openvpn[64214]: UDP link remote: [AF_INET]SERVER-IP:10444
    Aug 18 12:21:03
    openvpn[64214]: UDP link local (bound): [AF_INET]CLIENT-IP:0
    Aug 18 12:21:03
    openvpn[64214]: TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER-IP:10444
    Aug 18 12:21:03
    openvpn[64214]: Preserving previous TUN/TAP instance: ovpnc2
    Aug 18 12:21:03
    openvpn[64214]: Re-using pre-shared static key
    Aug 18 12:21:03
    openvpn[64214]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Aug 18 12:20:58
    openvpn[64214]: SIGUSR1[soft,ping-restart] received, process restarting
    Aug 18 12:20:58
    openvpn[64214]: Inactivity timeout (--ping-restart), restarting
    Aug 18 12:19:58
    openvpn[64214]: UDP link remote: [AF_INET]SERVER-IP:10444
    Aug 18 12:19:58
    openvpn[64214]: UDP link local (bound): [AF_INET]CLIENT-IP:0
    Aug 18 12:19:58
    openvpn[64214]: TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER-IP:10444
    Aug 18 12:19:57
    openvpn[64214]: /usr/local/sbin/ovpn-linkup ovpnc2 1500 1605 10.2.10.2 10.2.10.1 init
    Aug 18 12:19:57
    openvpn[64214]: /sbin/ifconfig ovpnc2 10.2.10.2 10.2.10.1 mtu 1500 netmask 255.255.255.255 up
    Aug 18 12:19:57
    openvpn[64214]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
    Aug 18 12:19:57
    openvpn[64214]: TUN/TAP device /dev/tun2 opened
    Aug 18 12:19:57
    openvpn[64214]: TUN/TAP device ovpnc2 exists previously, keep at program end
    Aug 18 12:19:57
    openvpn[64214]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Aug 18 12:19:57
    openvpn[63865]: library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
    

    Can someone please advise why ?



  • here are more logs.
    those two clients are nat behind ISP Router which ports are still open
    Aug 18 16:13:52
    openvpn[18274]: MANAGEMENT: Client disconnected
    Aug 18 16:13:52
    openvpn[18274]: MANAGEMENT: CMD 'quit'
    Aug 18 16:13:52
    openvpn[18274]: MANAGEMENT: CMD 'status 2'
    Aug 18 16:13:52
    openvpn[18274]: MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock

    i see them on the server Firewall on the block side.