Site to site OEPNVPN
-
Dear All,
We have a firewall server which is hosting 5 connection site to site VPN using OPENVPN pre-shared key.
everything has been working for over a month now.
today we got a call that the users from office 1 can't log in to the office 2.
so after we checked the tunnel is down.
the reason why we don't know. no one has changed anything.the logs on the client side are
Aug 18 12:21:03 openvpn[64214]: UDP link remote: [AF_INET]SERVER-IP:10444 Aug 18 12:21:03 openvpn[64214]: UDP link local (bound): [AF_INET]CLIENT-IP:0 Aug 18 12:21:03 openvpn[64214]: TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER-IP:10444 Aug 18 12:21:03 openvpn[64214]: Preserving previous TUN/TAP instance: ovpnc2 Aug 18 12:21:03 openvpn[64214]: Re-using pre-shared static key Aug 18 12:21:03 openvpn[64214]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Aug 18 12:20:58 openvpn[64214]: SIGUSR1[soft,ping-restart] received, process restarting Aug 18 12:20:58 openvpn[64214]: Inactivity timeout (--ping-restart), restarting Aug 18 12:19:58 openvpn[64214]: UDP link remote: [AF_INET]SERVER-IP:10444 Aug 18 12:19:58 openvpn[64214]: UDP link local (bound): [AF_INET]CLIENT-IP:0 Aug 18 12:19:58 openvpn[64214]: TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER-IP:10444 Aug 18 12:19:57 openvpn[64214]: /usr/local/sbin/ovpn-linkup ovpnc2 1500 1605 10.2.10.2 10.2.10.1 init Aug 18 12:19:57 openvpn[64214]: /sbin/ifconfig ovpnc2 10.2.10.2 10.2.10.1 mtu 1500 netmask 255.255.255.255 up Aug 18 12:19:57 openvpn[64214]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0 Aug 18 12:19:57 openvpn[64214]: TUN/TAP device /dev/tun2 opened Aug 18 12:19:57 openvpn[64214]: TUN/TAP device ovpnc2 exists previously, keep at program end Aug 18 12:19:57 openvpn[64214]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Aug 18 12:19:57 openvpn[63865]: library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Can someone please advise why ?
-
here are more logs.
those two clients are nat behind ISP Router which ports are still open
Aug 18 16:13:52
openvpn[18274]: MANAGEMENT: Client disconnected
Aug 18 16:13:52
openvpn[18274]: MANAGEMENT: CMD 'quit'
Aug 18 16:13:52
openvpn[18274]: MANAGEMENT: CMD 'status 2'
Aug 18 16:13:52
openvpn[18274]: MANAGEMENT: Client connected from /var/etc/openvpn/server1.socki see them on the server Firewall on the block side.