4. OpenVPN suddenly won't stay connected.

OpenVPN suddenly won't stay connected.

  • S

    Been using OpenVPN without a bit of trouble for well over a year.  Suddenly last night it won't stay connected.

    Log file

    Wed 12/31/69 07:00 PM: SUCCESS: pid=652
Wed 12/31/69 07:00 PM: SUCCESS: real-time state notification set to ON
Wed 12/31/69 07:00 PM: SUCCESS: real-time log notification set to ON
Wed 02/04/09 09:12 PM:   management_client_user = '[UNDEF]'
Wed 02/04/09 09:12 PM:   management_client_group = '[UNDEF]'
Wed 02/04/09 09:12 PM:   management_flags = 6
Wed 02/04/09 09:12 PM:   shared_secret_file = '[UNDEF]'
Wed 02/04/09 09:12 PM:   key_direction = 0
Wed 02/04/09 09:12 PM:   ciphername_defined = ENABLED
Wed 02/04/09 09:12 PM:   ciphername = 'BF-CBC'
Wed 02/04/09 09:12 PM:   authname_defined = ENABLED
Wed 02/04/09 09:12 PM:   authname = 'SHA1'
Wed 02/04/09 09:12 PM:   prng_hash = 'SHA1'
Wed 02/04/09 09:12 PM:   prng_nonce_secret_len = 16
Wed 02/04/09 09:12 PM:   keysize = 0
Wed 02/04/09 09:12 PM:   engine = DISABLED
Wed 02/04/09 09:12 PM:   replay = ENABLED
Wed 02/04/09 09:12 PM:   mute_replay_warnings = DISABLED
Wed 02/04/09 09:12 PM:   replay_window = 64
Wed 02/04/09 09:12 PM:   replay_time = 15
Wed 02/04/09 09:12 PM:   packet_id_file = '[UNDEF]'
Wed 02/04/09 09:12 PM:   use_iv = ENABLED
Wed 02/04/09 09:12 PM:   test_crypto = DISABLED
Wed 02/04/09 09:12 PM:   tls_server = DISABLED
Wed 02/04/09 09:12 PM:   tls_client = ENABLED
Wed 02/04/09 09:12 PM:   key_method = 2
Wed 02/04/09 09:12 PM:   ca_file = '/Users/stephen/Library/openvpn/DMVPN/ca.crt'
Wed 02/04/09 09:12 PM:   ca_path = '[UNDEF]'
Wed 02/04/09 09:12 PM:   dh_file = '[UNDEF]'
Wed 02/04/09 09:12 PM:   cert_file = '/Users/stephen/Library/openvpn/DMVPN/swkdelmck.crt'
Wed 02/04/09 09:12 PM:   priv_key_file = '/Users/stephen/Library/openvpn/DMVPN/swkdelmck.key'
Wed 02/04/09 09:12 PM:   pkcs12_file = '[UNDEF]'
Wed 02/04/09 09:12 PM:   cipher_list = '[UNDEF]'
Wed 02/04/09 09:12 PM:   tls_verify = '[UNDEF]'
Wed 02/04/09 09:12 PM:   tls_remote = '[UNDEF]'
Wed 02/04/09 09:12 PM:   crl_file = '[UNDEF]'
Wed 02/04/09 09:12 PM:   ns_cert_type = 64
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_eku = '[UNDEF]'
Wed 02/04/09 09:12 PM:   tls_timeout = 2
Wed 02/04/09 09:12 PM:   renegotiate_bytes = 0
Wed 02/04/09 09:12 PM:   renegotiate_packets = 0
Wed 02/04/09 09:12 PM:   renegotiate_seconds = 3600
Wed 02/04/09 09:12 PM:   handshake_window = 60
Wed 02/04/09 09:12 PM:   transition_window = 3600
Wed 02/04/09 09:12 PM:   single_session = DISABLED
Wed 02/04/09 09:12 PM:   tls_exit = DISABLED
Wed 02/04/09 09:12 PM:   tls_auth_file = '[UNDEF]'
Wed 02/04/09 09:12 PM:   server_network = 0.0.0.0
Wed 02/04/09 09:12 PM:   server_netmask = 0.0.0.0
Wed 02/04/09 09:12 PM:   server_bridge_ip = 0.0.0.0
Wed 02/04/09 09:12 PM:   server_bridge_netmask = 0.0.0.0
Wed 02/04/09 09:12 PM:   server_bridge_pool_start = 0.0.0.0
Wed 02/04/09 09:12 PM:   server_bridge_pool_end = 0.0.0.0
Wed 02/04/09 09:12 PM:   ifconfig_pool_defined = DISABLED
Wed 02/04/09 09:12 PM:   ifconfig_pool_start = 0.0.0.0
Wed 02/04/09 09:12 PM:   ifconfig_pool_end = 0.0.0.0
Wed 02/04/09 09:12 PM:   ifconfig_pool_netmask = 0.0.0.0
Wed 02/04/09 09:12 PM:   ifconfig_pool_persist_filename = '[UNDEF]'
Wed 02/04/09 09:12 PM:   ifconfig_pool_persist_refresh_freq = 600
Wed 02/04/09 09:12 PM:   n_bcast_buf = 256
Wed 02/04/09 09:12 PM:   tcp_queue_limit = 64
Wed 02/04/09 09:12 PM:   real_hash_size = 256
Wed 02/04/09 09:12 PM:   virtual_hash_size = 256
Wed 02/04/09 09:12 PM:   client_connect_script = '[UNDEF]'
Wed 02/04/09 09:12 PM:   learn_address_script = '[UNDEF]'
Wed 02/04/09 09:12 PM:   client_disconnect_script = '[UNDEF]'
Wed 02/04/09 09:12 PM:   client_config_dir = '[UNDEF]'
Wed 02/04/09 09:12 PM:   ccd_exclusive = DISABLED
Wed 02/04/09 09:12 PM:   tmp_dir = '[UNDEF]'
Wed 02/04/09 09:12 PM:   push_ifconfig_defined = DISABLED
Wed 02/04/09 09:12 PM:   push_ifconfig_local = 0.0.0.0
Wed 02/04/09 09:12 PM:   push_ifconfig_remote_netmask = 0.0.0.0
Wed 02/04/09 09:12 PM:   enable_c2c = DISABLED
Wed 02/04/09 09:12 PM:   duplicate_cn = DISABLED
Wed 02/04/09 09:12 PM:   cf_max = 0
Wed 02/04/09 09:12 PM:   cf_per = 0
Wed 02/04/09 09:12 PM:   max_clients = 1024
Wed 02/04/09 09:12 PM:   max_routes_per_client = 256
Wed 02/04/09 09:12 PM:   auth_user_pass_verify_script = '[UNDEF]'
Wed 02/04/09 09:12 PM:   auth_user_pass_verify_script_via_file = DISABLED
Wed 02/04/09 09:12 PM:   ssl_flags = 0
Wed 02/04/09 09:12 PM:   port_share_host = '[UNDEF]'
Wed 02/04/09 09:12 PM:   port_share_port = 0
Wed 02/04/09 09:12 PM:   client = DISABLED
Wed 02/04/09 09:12 PM:   pull = ENABLED
Wed 02/04/09 09:12 PM:   auth_user_pass_file = '[UNDEF]'
Wed 02/04/09 09:12 PM: OpenVPN 2.1_rc15 i386-apple-darwin9.5.0 [SSL] [LZO2] built on Nov 19 2008
Wed 02/04/09 09:12 PM: MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
Wed 02/04/09 09:12 PM:  waiting...
Wed 02/04/09 09:12 PM: MANAGEMENT: Client connected from 127.0.0.1:1337
Wed 12/31/69 07:00 PM: END
Wed 12/31/69 07:00 PM: SUCCESS: hold release succeeded
Wed 02/04/09 09:12 PM: WARNING: --ping should normally be used with --ping-restart or --ping-exit
Wed 02/04/09 09:12 PM: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed 02/04/09 09:12 PM: WARNING: file '/Users/stephen/Library/openvpn/DMVPN/swkdelmck.key' is group or others accessible
Wed 02/04/09 09:12 PM: LZO compression initialized
Wed 02/04/09 09:12 PM: Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Wed 02/04/09 09:12 PM: Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Wed 02/04/09 09:12 PM: tls-client'
Wed 02/04/09 09:12 PM: tls-server'
Wed 02/04/09 09:12 PM: Local Options hash (VER=V4): '69109d17'
Wed 02/04/09 09:12 PM: Expected Remote Options hash (VER=V4): 'c0103fa8'
Wed 02/04/09 09:12 PM: Attempting to establish TCP connection with ***.***.***.***:1194 [nonblock]
Wed 02/04/09 09:12 PM: 
Wed 02/04/09 09:12 PM: TCP connection established with ***.***.***.***:1194
Wed 02/04/09 09:12 PM: Socket Buffers: R=[525624->65536] S=[131768->65536]
Wed 02/04/09 09:12 PM: TCPv4_CLIENT link local: [undef]
Wed 02/04/09 09:12 PM: TCPv4_CLIENT link remote: ***.***.***.***:1194
Wed 02/04/09 09:12 PM: 
Wed 02/04/09 09:12 PM: 
Wed 02/04/09 09:12 PM:  sid=1d8d082f cc397870
Wed 02/04/09 09:12 PM:  /C=US/ST=KY/L=Louisville/O=pfSense/CN=/root/easyrsa4pfsense/emailAddress=sullrich@gmail.com
Wed 02/04/09 09:12 PM: VERIFY OK: nsCertType=SERVER
Wed 02/04/09 09:12 PM:  /C=US/ST=KY/L=Louisville/O=pfSense/CN=server/emailAddress=sullrich@gmail.com
Wed 02/04/09 09:12 PM: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed 02/04/09 09:12 PM: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed 02/04/09 09:12 PM: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed 02/04/09 09:12 PM: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed 02/04/09 09:12 PM:  1024 bit RSA
Wed 02/04/09 09:12 PM: [server] Peer Connection Initiated with ***.***.***.***:1194
Wed 02/04/09 09:12 PM: 
Wed 02/04/09 09:12 PM: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed 02/04/09 09:12 PM: ifconfig 10.0.100.6 10.0.100.5'
Wed 02/04/09 09:12 PM: OPTIONS IMPORT: timers and/or timeouts modified
Wed 02/04/09 09:12 PM: OPTIONS IMPORT: --ifconfig/up options modified
Wed 02/04/09 09:12 PM: OPTIONS IMPORT: route options modified
Wed 02/04/09 09:12 PM: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed 02/04/09 09:12 PM: ROUTE default_gateway=192.168.0.1
Wed 02/04/09 09:12 PM: TUN/TAP device /dev/tun0 opened
Wed 02/04/09 09:12 PM: 
Wed 02/04/09 09:12 PM: /sbin/ifconfig tun0 delete
Wed 02/04/09 09:12 PM: NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
Wed 02/04/09 09:12 PM: /sbin/ifconfig tun0 10.0.100.6 10.0.100.5 mtu 1500 netmask 255.255.255.255 up
Wed 02/04/09 09:12 PM: /Applications/Tunnelblick.app/Contents/Resources/client.up.osx.sh tun0 1500 1544 10.0.100.6 10.0.100.5 init
Wed 02/04/09 09:12 PM: 
Wed 02/04/09 09:12 PM: /sbin/route add -net 10.0.0.0 10.0.100.5 255.255.255.0
Wed 02/04/09 09:12 PM: /sbin/route add -net 10.0.100.1 10.0.100.5 255.255.255.255
Wed 02/04/09 09:12 PM: Initialization Sequence Completed
Wed 02/04/09 09:12 PM: ***.***.***.***
Wed 02/04/09 09:13 PM:  restarting [0]
Wed 02/04/09 09:13 PM: TCP/UDP: Closing socket
Wed 02/04/09 09:13 PM:  process restarting
Wed 02/04/09 09:13 PM: 
Wed 12/31/69 07:00 PM: SUCCESS: hold release succeeded
Wed 02/04/09 09:13 PM: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed 02/04/09 09:13 PM: Re-using SSL/TLS context
Wed 02/04/09 09:13 PM: LZO compression initialized
Wed 02/04/09 09:13 PM: Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Wed 02/04/09 09:13 PM: Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Wed 02/04/09 09:13 PM: tls-client'
Wed 02/04/09 09:13 PM: tls-server'
Wed 02/04/09 09:13 PM: Local Options hash (VER=V4): '69109d17'
Wed 02/04/09 09:13 PM: Expected Remote Options hash (VER=V4): 'c0103fa8'
Wed 02/04/09 09:13 PM: Attempting to establish TCP connection with ***.***.***.***:1194 [nonblock]
Wed 02/04/09 09:13 PM: 
Wed 02/04/09 09:13 PM: TCP connection established with ***.***.***.***:1194
Wed 02/04/09 09:13 PM: Socket Buffers: R=[525624->65536] S=[131768->65536]
Wed 02/04/09 09:13 PM: TCPv4_CLIENT link local: [undef]
Wed 02/04/09 09:13 PM: TCPv4_CLIENT link remote: ***.***.***.***:1194
Wed 02/04/09 09:13 PM: 
Wed 02/04/09 09:13 PM: 
Wed 02/04/09 09:13 PM:  sid=2ff8656e 33de7b9f
Wed 02/04/09 09:13 PM:  /C=US/ST=KY/L=Louisville/O=pfSense/CN=/root/easyrsa4pfsense/emailAddress=sullrich@gmail.com
Wed 02/04/09 09:13 PM: VERIFY OK: nsCertType=SERVER
Wed 02/04/09 09:13 PM:  /C=US/ST=KY/L=Louisville/O=pfSense/CN=server/emailAddress=sullrich@gmail.com
Wed 02/04/09 09:13 PM: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed 02/04/09 09:13 PM: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed 02/04/09 09:13 PM: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed 02/04/09 09:13 PM: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed 02/04/09 09:13 PM:  1024 bit RSA
Wed 02/04/09 09:13 PM: [server] Peer Connection Initiated with ***.***.***.***:1194
Wed 02/04/09 09:13 PM: 
Wed 02/04/09 09:13 PM: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed 02/04/09 09:13 PM: ifconfig 10.0.100.6 10.0.100.5'
Wed 02/04/09 09:13 PM: OPTIONS IMPORT: timers and/or timeouts modified
Wed 02/04/09 09:13 PM: OPTIONS IMPORT: --ifconfig/up options modified
Wed 02/04/09 09:13 PM: OPTIONS IMPORT: route options modified
Wed 02/04/09 09:13 PM: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed 02/04/09 09:13 PM: Preserving previous TUN/TAP instance: tun0
Wed 02/04/09 09:13 PM: Initialization Sequence Completed
Wed 02/04/09 09:13 PM: ***.***.***.***

This is from tunnelblick on my mac but I get the same constant disconnects from windows with openvpn-gui.

Thanks for any insight you can offer.[/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i]
    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy