How can I recover from this automatically



  • Hi all,

    pfSense 2.4.2, OpenVPN Client and the Service Watchdog package monitoring OpenVPN.

    I have all my LAN traffic configured to go via OpenVPN and it's working well, however this morning the Internet went down and it was over an hour before I could log in to pfSense and restart the OpenVPN service.  Which fixed the problem.

    My question is how can I setup OpenVPN so that when this happens it can correct the problem itself?

    Here are the logs showing when it failed and me restarting at about 12:08.

    Ideas appreciated.

    TIA

    Greg

    Jan 6 12:14:22 	openvpn 	11938 	Initialization Sequence Completed
    Jan 6 12:14:22 	openvpn 	11938 	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1553 10.10.127.46 10.10.127.45 init
    Jan 6 12:14:22 	openvpn 	11938 	/sbin/ifconfig ovpnc1 10.10.127.46 10.10.127.45 mtu 1500 netmask 255.255.255.255 up
    Jan 6 12:14:22 	openvpn 	11938 	do_ifconfig, tt->did_ifconfig_ipv6_setup=0
    Jan 6 12:14:22 	openvpn 	11938 	TUN/TAP device /dev/tun1 opened
    Jan 6 12:14:22 	openvpn 	11938 	TUN/TAP device ovpnc1 exists previously, keep at program end
    Jan 6 12:14:21 	openvpn 	11938 	[au1-4096] Peer Connection Initiated with [AF_INET]168.1.128.8:12200
    Jan 6 12:14:20 	openvpn 	11938 	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Jan 6 12:14:20 	openvpn 	11938 	UDPv4 link remote: [AF_INET]168.1.128.8:12200
    Jan 6 12:14:20 	openvpn 	11938 	UDPv4 link local (bound): [AF_INET]103.93.68.221:0
    Jan 6 12:14:20 	openvpn 	11938 	TCP/UDP: Preserving recently used remote address: [AF_INET]168.1.128.8:12200
    Jan 6 12:14:19 	openvpn 	11938 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 12:14:19 	openvpn 	11752 	library versions: OpenSSL 1.0.2m-freebsd 2 Nov 2017, LZO 2.10
    Jan 6 12:14:19 	openvpn 	11752 	OpenVPN 2.4.4 amd64-portbld-freebsd11.1 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Oct 8 2017
    Jan 6 12:14:19 	openvpn 	11752 	WARNING: file '/var/etc/openvpn/client1.up' is group or others accessible
    Jan 6 12:13:47 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 12:08:47 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 12:08:47 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 12:08:47 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 12:08:00 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 12:07:13 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 12:02:13 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 12:02:13 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 12:02:13 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 12:01:27 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 12:00:40 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:55:40 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:55:40 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:55:40 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:54:54 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:54:07 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:49:07 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:49:07 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:49:07 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:48:20 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:47:34 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:42:34 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:42:34 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:42:34 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:41:47 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:41:00 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:36:00 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:36:00 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:36:00 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:35:13 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:34:26 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:29:26 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:29:26 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:29:26 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:28:39 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:27:53 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:25:13 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:25:13 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:25:13 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:24:27 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:23:40 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:22:20 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:22:20 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:22:20 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:21:33 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:20:46 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:20:06 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:20:06 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:20:06 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:19:19 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:18:32 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:18:12 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:18:12 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:18:12 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:17:25 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:16:38 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:16:28 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:16:28 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:16:28 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:15:42 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:14:54 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:14:44 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:14:44 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:14:44 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:13:57 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:13:11 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:13:00 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:13:00 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:13:00 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:12:14 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:11:27 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:11:17 	openvpn 	23506 	SIGUSR1[soft,init_instance] received, process restarting
    Jan 6 11:11:17 	openvpn 	23506 	Could not determine IPv4/IPv6 protocol
    Jan 6 11:11:17 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:10:30 	openvpn 	23506 	RESOLVE: Cannot resolve host address: au2.vpn.ac:12200 (hostname nor servname provided, or not known)
    Jan 6 11:09:43 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:09:33 	openvpn 	23506 	SIGUSR1[soft,tls-error] received, process restarting
    Jan 6 11:09:33 	openvpn 	23506 	TLS Error: TLS handshake failed
    Jan 6 11:09:33 	openvpn 	23506 	TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Jan 6 11:08:33 	openvpn 	23506 	UDPv4 link remote: [AF_INET]168.1.7.184:12200
    Jan 6 11:08:33 	openvpn 	23506 	UDPv4 link local (bound): [AF_INET]103.93.68.221:0
    Jan 6 11:08:33 	openvpn 	23506 	TCP/UDP: Preserving recently used remote address: [AF_INET]168.1.7.184:12200
    Jan 6 11:08:33 	openvpn 	23506 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 6 11:08:23 	openvpn 	23506 	SIGUSR1[soft,ping-restart] received, process restarting
    Jan 6 11:08:23 	openvpn 	23506 	[au2-4096] Inactivity timeout (--ping-restart), restarting 
    

Log in to reply