OpenVPN suddenly won't stay connected.



  • Been using OpenVPN without a bit of trouble for well over a year.  Suddenly last night it won't stay connected.

    Log file

    Wed 12/31/69 07:00 PM: SUCCESS: pid=652
    Wed 12/31/69 07:00 PM: SUCCESS: real-time state notification set to ON
    Wed 12/31/69 07:00 PM: SUCCESS: real-time log notification set to ON
    Wed 02/04/09 09:12 PM:   management_client_user = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   management_client_group = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   management_flags = 6
    Wed 02/04/09 09:12 PM:   shared_secret_file = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   key_direction = 0
    Wed 02/04/09 09:12 PM:   ciphername_defined = ENABLED
    Wed 02/04/09 09:12 PM:   ciphername = 'BF-CBC'
    Wed 02/04/09 09:12 PM:   authname_defined = ENABLED
    Wed 02/04/09 09:12 PM:   authname = 'SHA1'
    Wed 02/04/09 09:12 PM:   prng_hash = 'SHA1'
    Wed 02/04/09 09:12 PM:   prng_nonce_secret_len = 16
    Wed 02/04/09 09:12 PM:   keysize = 0
    Wed 02/04/09 09:12 PM:   engine = DISABLED
    Wed 02/04/09 09:12 PM:   replay = ENABLED
    Wed 02/04/09 09:12 PM:   mute_replay_warnings = DISABLED
    Wed 02/04/09 09:12 PM:   replay_window = 64
    Wed 02/04/09 09:12 PM:   replay_time = 15
    Wed 02/04/09 09:12 PM:   packet_id_file = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   use_iv = ENABLED
    Wed 02/04/09 09:12 PM:   test_crypto = DISABLED
    Wed 02/04/09 09:12 PM:   tls_server = DISABLED
    Wed 02/04/09 09:12 PM:   tls_client = ENABLED
    Wed 02/04/09 09:12 PM:   key_method = 2
    Wed 02/04/09 09:12 PM:   ca_file = '/Users/stephen/Library/openvpn/DMVPN/ca.crt'
    Wed 02/04/09 09:12 PM:   ca_path = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   dh_file = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   cert_file = '/Users/stephen/Library/openvpn/DMVPN/swkdelmck.crt'
    Wed 02/04/09 09:12 PM:   priv_key_file = '/Users/stephen/Library/openvpn/DMVPN/swkdelmck.key'
    Wed 02/04/09 09:12 PM:   pkcs12_file = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   cipher_list = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   tls_verify = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   tls_remote = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   crl_file = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   ns_cert_type = 64
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
    Wed 02/04/09 09:12 PM:   remote_cert_eku = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   tls_timeout = 2
    Wed 02/04/09 09:12 PM:   renegotiate_bytes = 0
    Wed 02/04/09 09:12 PM:   renegotiate_packets = 0
    Wed 02/04/09 09:12 PM:   renegotiate_seconds = 3600
    Wed 02/04/09 09:12 PM:   handshake_window = 60
    Wed 02/04/09 09:12 PM:   transition_window = 3600
    Wed 02/04/09 09:12 PM:   single_session = DISABLED
    Wed 02/04/09 09:12 PM:   tls_exit = DISABLED
    Wed 02/04/09 09:12 PM:   tls_auth_file = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   server_network = 0.0.0.0
    Wed 02/04/09 09:12 PM:   server_netmask = 0.0.0.0
    Wed 02/04/09 09:12 PM:   server_bridge_ip = 0.0.0.0
    Wed 02/04/09 09:12 PM:   server_bridge_netmask = 0.0.0.0
    Wed 02/04/09 09:12 PM:   server_bridge_pool_start = 0.0.0.0
    Wed 02/04/09 09:12 PM:   server_bridge_pool_end = 0.0.0.0
    Wed 02/04/09 09:12 PM:   ifconfig_pool_defined = DISABLED
    Wed 02/04/09 09:12 PM:   ifconfig_pool_start = 0.0.0.0
    Wed 02/04/09 09:12 PM:   ifconfig_pool_end = 0.0.0.0
    Wed 02/04/09 09:12 PM:   ifconfig_pool_netmask = 0.0.0.0
    Wed 02/04/09 09:12 PM:   ifconfig_pool_persist_filename = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   ifconfig_pool_persist_refresh_freq = 600
    Wed 02/04/09 09:12 PM:   n_bcast_buf = 256
    Wed 02/04/09 09:12 PM:   tcp_queue_limit = 64
    Wed 02/04/09 09:12 PM:   real_hash_size = 256
    Wed 02/04/09 09:12 PM:   virtual_hash_size = 256
    Wed 02/04/09 09:12 PM:   client_connect_script = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   learn_address_script = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   client_disconnect_script = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   client_config_dir = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   ccd_exclusive = DISABLED
    Wed 02/04/09 09:12 PM:   tmp_dir = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   push_ifconfig_defined = DISABLED
    Wed 02/04/09 09:12 PM:   push_ifconfig_local = 0.0.0.0
    Wed 02/04/09 09:12 PM:   push_ifconfig_remote_netmask = 0.0.0.0
    Wed 02/04/09 09:12 PM:   enable_c2c = DISABLED
    Wed 02/04/09 09:12 PM:   duplicate_cn = DISABLED
    Wed 02/04/09 09:12 PM:   cf_max = 0
    Wed 02/04/09 09:12 PM:   cf_per = 0
    Wed 02/04/09 09:12 PM:   max_clients = 1024
    Wed 02/04/09 09:12 PM:   max_routes_per_client = 256
    Wed 02/04/09 09:12 PM:   auth_user_pass_verify_script = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   auth_user_pass_verify_script_via_file = DISABLED
    Wed 02/04/09 09:12 PM:   ssl_flags = 0
    Wed 02/04/09 09:12 PM:   port_share_host = '[UNDEF]'
    Wed 02/04/09 09:12 PM:   port_share_port = 0
    Wed 02/04/09 09:12 PM:   client = DISABLED
    Wed 02/04/09 09:12 PM:   pull = ENABLED
    Wed 02/04/09 09:12 PM:   auth_user_pass_file = '[UNDEF]'
    Wed 02/04/09 09:12 PM: OpenVPN 2.1_rc15 i386-apple-darwin9.5.0 [SSL] [LZO2] built on Nov 19 2008
    Wed 02/04/09 09:12 PM: MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
    Wed 02/04/09 09:12 PM:  waiting...
    Wed 02/04/09 09:12 PM: MANAGEMENT: Client connected from 127.0.0.1:1337
    Wed 12/31/69 07:00 PM: END
    Wed 12/31/69 07:00 PM: SUCCESS: hold release succeeded
    Wed 02/04/09 09:12 PM: WARNING: --ping should normally be used with --ping-restart or --ping-exit
    Wed 02/04/09 09:12 PM: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Wed 02/04/09 09:12 PM: WARNING: file '/Users/stephen/Library/openvpn/DMVPN/swkdelmck.key' is group or others accessible
    Wed 02/04/09 09:12 PM: LZO compression initialized
    Wed 02/04/09 09:12 PM: Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
    Wed 02/04/09 09:12 PM: Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
    Wed 02/04/09 09:12 PM: tls-client'
    Wed 02/04/09 09:12 PM: tls-server'
    Wed 02/04/09 09:12 PM: Local Options hash (VER=V4): '69109d17'
    Wed 02/04/09 09:12 PM: Expected Remote Options hash (VER=V4): 'c0103fa8'
    Wed 02/04/09 09:12 PM: Attempting to establish TCP connection with ***.***.***.***:1194 [nonblock]
    Wed 02/04/09 09:12 PM: 
    Wed 02/04/09 09:12 PM: TCP connection established with ***.***.***.***:1194
    Wed 02/04/09 09:12 PM: Socket Buffers: R=[525624->65536] S=[131768->65536]
    Wed 02/04/09 09:12 PM: TCPv4_CLIENT link local: [undef]
    Wed 02/04/09 09:12 PM: TCPv4_CLIENT link remote: ***.***.***.***:1194
    Wed 02/04/09 09:12 PM: 
    Wed 02/04/09 09:12 PM: 
    Wed 02/04/09 09:12 PM:  sid=1d8d082f cc397870
    Wed 02/04/09 09:12 PM:  /C=US/ST=KY/L=Louisville/O=pfSense/CN=/root/easyrsa4pfsense/emailAddress=sullrich@gmail.com
    Wed 02/04/09 09:12 PM: VERIFY OK: nsCertType=SERVER
    Wed 02/04/09 09:12 PM:  /C=US/ST=KY/L=Louisville/O=pfSense/CN=server/emailAddress=sullrich@gmail.com
    Wed 02/04/09 09:12 PM: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Wed 02/04/09 09:12 PM: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Wed 02/04/09 09:12 PM: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Wed 02/04/09 09:12 PM: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Wed 02/04/09 09:12 PM:  1024 bit RSA
    Wed 02/04/09 09:12 PM: [server] Peer Connection Initiated with ***.***.***.***:1194
    Wed 02/04/09 09:12 PM: 
    Wed 02/04/09 09:12 PM: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
    Wed 02/04/09 09:12 PM: ifconfig 10.0.100.6 10.0.100.5'
    Wed 02/04/09 09:12 PM: OPTIONS IMPORT: timers and/or timeouts modified
    Wed 02/04/09 09:12 PM: OPTIONS IMPORT: --ifconfig/up options modified
    Wed 02/04/09 09:12 PM: OPTIONS IMPORT: route options modified
    Wed 02/04/09 09:12 PM: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
    Wed 02/04/09 09:12 PM: ROUTE default_gateway=192.168.0.1
    Wed 02/04/09 09:12 PM: TUN/TAP device /dev/tun0 opened
    Wed 02/04/09 09:12 PM: 
    Wed 02/04/09 09:12 PM: /sbin/ifconfig tun0 delete
    Wed 02/04/09 09:12 PM: NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
    Wed 02/04/09 09:12 PM: /sbin/ifconfig tun0 10.0.100.6 10.0.100.5 mtu 1500 netmask 255.255.255.255 up
    Wed 02/04/09 09:12 PM: /Applications/Tunnelblick.app/Contents/Resources/client.up.osx.sh tun0 1500 1544 10.0.100.6 10.0.100.5 init
    Wed 02/04/09 09:12 PM: 
    Wed 02/04/09 09:12 PM: /sbin/route add -net 10.0.0.0 10.0.100.5 255.255.255.0
    Wed 02/04/09 09:12 PM: /sbin/route add -net 10.0.100.1 10.0.100.5 255.255.255.255
    Wed 02/04/09 09:12 PM: Initialization Sequence Completed
    Wed 02/04/09 09:12 PM: ***.***.***.***
    Wed 02/04/09 09:13 PM:  restarting [0]
    Wed 02/04/09 09:13 PM: TCP/UDP: Closing socket
    Wed 02/04/09 09:13 PM:  process restarting
    Wed 02/04/09 09:13 PM: 
    Wed 12/31/69 07:00 PM: SUCCESS: hold release succeeded
    Wed 02/04/09 09:13 PM: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Wed 02/04/09 09:13 PM: Re-using SSL/TLS context
    Wed 02/04/09 09:13 PM: LZO compression initialized
    Wed 02/04/09 09:13 PM: Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
    Wed 02/04/09 09:13 PM: Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
    Wed 02/04/09 09:13 PM: tls-client'
    Wed 02/04/09 09:13 PM: tls-server'
    Wed 02/04/09 09:13 PM: Local Options hash (VER=V4): '69109d17'
    Wed 02/04/09 09:13 PM: Expected Remote Options hash (VER=V4): 'c0103fa8'
    Wed 02/04/09 09:13 PM: Attempting to establish TCP connection with ***.***.***.***:1194 [nonblock]
    Wed 02/04/09 09:13 PM: 
    Wed 02/04/09 09:13 PM: TCP connection established with ***.***.***.***:1194
    Wed 02/04/09 09:13 PM: Socket Buffers: R=[525624->65536] S=[131768->65536]
    Wed 02/04/09 09:13 PM: TCPv4_CLIENT link local: [undef]
    Wed 02/04/09 09:13 PM: TCPv4_CLIENT link remote: ***.***.***.***:1194
    Wed 02/04/09 09:13 PM: 
    Wed 02/04/09 09:13 PM: 
    Wed 02/04/09 09:13 PM:  sid=2ff8656e 33de7b9f
    Wed 02/04/09 09:13 PM:  /C=US/ST=KY/L=Louisville/O=pfSense/CN=/root/easyrsa4pfsense/emailAddress=sullrich@gmail.com
    Wed 02/04/09 09:13 PM: VERIFY OK: nsCertType=SERVER
    Wed 02/04/09 09:13 PM:  /C=US/ST=KY/L=Louisville/O=pfSense/CN=server/emailAddress=sullrich@gmail.com
    Wed 02/04/09 09:13 PM: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Wed 02/04/09 09:13 PM: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Wed 02/04/09 09:13 PM: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Wed 02/04/09 09:13 PM: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Wed 02/04/09 09:13 PM:  1024 bit RSA
    Wed 02/04/09 09:13 PM: [server] Peer Connection Initiated with ***.***.***.***:1194
    Wed 02/04/09 09:13 PM: 
    Wed 02/04/09 09:13 PM: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
    Wed 02/04/09 09:13 PM: ifconfig 10.0.100.6 10.0.100.5'
    Wed 02/04/09 09:13 PM: OPTIONS IMPORT: timers and/or timeouts modified
    Wed 02/04/09 09:13 PM: OPTIONS IMPORT: --ifconfig/up options modified
    Wed 02/04/09 09:13 PM: OPTIONS IMPORT: route options modified
    Wed 02/04/09 09:13 PM: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
    Wed 02/04/09 09:13 PM: Preserving previous TUN/TAP instance: tun0
    Wed 02/04/09 09:13 PM: Initialization Sequence Completed
    Wed 02/04/09 09:13 PM: ***.***.***.***
    
    This is from tunnelblick on my mac but I get the same constant disconnects from windows with openvpn-gui.
    
    Thanks for any insight you can offer.[/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i]
    

Locked