OpenVPN keeps disconnecting randomly

  • I have 3 machines at various locations over the Internet connecting via OpenVPN to my pfsense. Two of my machines are Linux and the other is Windows 10 Pro. Each one has a unique certificate, user, etc. However, it seems to randomly restart the VPN (every 5 - 40 mins). I don't think its due to my internet connection since I'm able to chrome remote in with no delay or lag. I scoured the logs for anything that could indicate what is causing the issue. There were too many logs so I set my log setting to default (4).

    I keep seeing

    openvpn1/ [openvpn1] Inactivity timeout (--ping-restart), restarting 


    openvpn1/ GET INST BY VIRT: [failed]
    openvpn1/ GET INST BY VIRT: -> openvpn1/ via 

    for each machine.

    My client config is

    dev tun
    cipher AES-256-CBC
    auth SHA1
    resolv-retry infinite
    remote 1194 udp
    lport 0
    verify-x509-name "" name
    pkcs12 test-udp-1194-openvpn1.p12
    tls-auth test-udp-1194-openvpn1-tls.key 1
    remote-cert-tls server
    comp-lzo adaptive

    I'm not sure how to output my server config but its

    Server Mode: Remote Access (SSL/TLS + User Auth)
    Protocol: UDP
    Device mode: tun
    Interface: WAN
    Local Port: 1194
    Enabled auth of TLS packets
    DH Parameter length: 2048
    Auth digest algo: SHA1 (160-bit)
    Certificate Depth: (Client + Server)

    Tunnel Settings:
    IPv4 Tunnel:
    IPv4 Local:
    Concurrent connections: 10
    Compression: Enabled with Adaptive Compression
    Inter-client comm: Allowed communication between clients connected this server.

    Client settings:
    Dynamic IP: Allowed connected clients to retain their connections if their IP address changes
    Address Pool: Provided a virtual adapter IP address to clients

    Advance Client Settings:
    DNS Server enabled with an another computer directed as the DNS server

    Verbosity level: default

    I'm on pfsense version 2.3.2, which I believe means I'm on OpenVPN 2.3.

    I been working on this for over a week and have not be able to make sense of the problem. Please help.

  • In case my firewall rules are important
    Firewall / Rules / WAN

    Protocol: IPv4 UDP - Source: - Port:* - Destination: WAN address - Port:1194 (OpenVPN) - Gateway: * - Queue: none - Schedule: "" - Description: OpenVPN1Rule

    (I have a similar rule for each external ip address that I want to allow in)

    Firewall / Rules / OpenVPN

    Protocol: IPv4 TCP/UDP - Source: * - Port: * - Destination: - Port: 3389 (MS RDP) - Gateway: * - Queue: none - Schedule:"" - Description: SomeRDPServer

    I'm not sure how keepalive works but does it need ICMP to be active?

  • I started looking at my pfsense system logs. For one of the "disconnects", the system logged the following:

    nginx: 2018/02/16 13:27:09 [error] 29525#100071: send() failed (54: Connection reset by peer)

    Not sure what is sending this. Why does this cause all OpenVPN clients to crash. For testing, I disabled all users and disabled the firewall rules except one user and 2 firewall rules for my testing site / rdp server. Also, could squid be causing this issue?

  • I've confirmed its due to the pfsense router. How do I check if the keepalive signal is transmitted?

  • In case someone else faces a similar problem, it seems the advanced configuration can override prior settings like keepalive (this fact was not found in the pfsense manual… ). After adjusting keepalive's parameters, I no longer face the numerous random disconnects.

  • @TriStarGod what did u adjust

Log in to reply