Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN suddenly won't stay connected.

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 3.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      skent
      last edited by

      Been using OpenVPN without a bit of trouble for well over a year.  Suddenly last night it won't stay connected.

      Log file

      Wed 12/31/69 07:00 PM: SUCCESS: pid=652
Wed 12/31/69 07:00 PM: SUCCESS: real-time state notification set to ON
Wed 12/31/69 07:00 PM: SUCCESS: real-time log notification set to ON
Wed 02/04/09 09:12 PM:   management_client_user = '[UNDEF]'
Wed 02/04/09 09:12 PM:   management_client_group = '[UNDEF]'
Wed 02/04/09 09:12 PM:   management_flags = 6
Wed 02/04/09 09:12 PM:   shared_secret_file = '[UNDEF]'
Wed 02/04/09 09:12 PM:   key_direction = 0
Wed 02/04/09 09:12 PM:   ciphername_defined = ENABLED
Wed 02/04/09 09:12 PM:   ciphername = 'BF-CBC'
Wed 02/04/09 09:12 PM:   authname_defined = ENABLED
Wed 02/04/09 09:12 PM:   authname = 'SHA1'
Wed 02/04/09 09:12 PM:   prng_hash = 'SHA1'
Wed 02/04/09 09:12 PM:   prng_nonce_secret_len = 16
Wed 02/04/09 09:12 PM:   keysize = 0
Wed 02/04/09 09:12 PM:   engine = DISABLED
Wed 02/04/09 09:12 PM:   replay = ENABLED
Wed 02/04/09 09:12 PM:   mute_replay_warnings = DISABLED
Wed 02/04/09 09:12 PM:   replay_window = 64
Wed 02/04/09 09:12 PM:   replay_time = 15
Wed 02/04/09 09:12 PM:   packet_id_file = '[UNDEF]'
Wed 02/04/09 09:12 PM:   use_iv = ENABLED
Wed 02/04/09 09:12 PM:   test_crypto = DISABLED
Wed 02/04/09 09:12 PM:   tls_server = DISABLED
Wed 02/04/09 09:12 PM:   tls_client = ENABLED
Wed 02/04/09 09:12 PM:   key_method = 2
Wed 02/04/09 09:12 PM:   ca_file = '/Users/stephen/Library/openvpn/DMVPN/ca.crt'
Wed 02/04/09 09:12 PM:   ca_path = '[UNDEF]'
Wed 02/04/09 09:12 PM:   dh_file = '[UNDEF]'
Wed 02/04/09 09:12 PM:   cert_file = '/Users/stephen/Library/openvpn/DMVPN/swkdelmck.crt'
Wed 02/04/09 09:12 PM:   priv_key_file = '/Users/stephen/Library/openvpn/DMVPN/swkdelmck.key'
Wed 02/04/09 09:12 PM:   pkcs12_file = '[UNDEF]'
Wed 02/04/09 09:12 PM:   cipher_list = '[UNDEF]'
Wed 02/04/09 09:12 PM:   tls_verify = '[UNDEF]'
Wed 02/04/09 09:12 PM:   tls_remote = '[UNDEF]'
Wed 02/04/09 09:12 PM:   crl_file = '[UNDEF]'
Wed 02/04/09 09:12 PM:   ns_cert_type = 64
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_ku[i] = 0
Wed 02/04/09 09:12 PM:   remote_cert_eku = '[UNDEF]'
Wed 02/04/09 09:12 PM:   tls_timeout = 2
Wed 02/04/09 09:12 PM:   renegotiate_bytes = 0
Wed 02/04/09 09:12 PM:   renegotiate_packets = 0
Wed 02/04/09 09:12 PM:   renegotiate_seconds = 3600
Wed 02/04/09 09:12 PM:   handshake_window = 60
Wed 02/04/09 09:12 PM:   transition_window = 3600
Wed 02/04/09 09:12 PM:   single_session = DISABLED
Wed 02/04/09 09:12 PM:   tls_exit = DISABLED
Wed 02/04/09 09:12 PM:   tls_auth_file = '[UNDEF]'
Wed 02/04/09 09:12 PM:   server_network = 0.0.0.0
Wed 02/04/09 09:12 PM:   server_netmask = 0.0.0.0
Wed 02/04/09 09:12 PM:   server_bridge_ip = 0.0.0.0
Wed 02/04/09 09:12 PM:   server_bridge_netmask = 0.0.0.0
Wed 02/04/09 09:12 PM:   server_bridge_pool_start = 0.0.0.0
Wed 02/04/09 09:12 PM:   server_bridge_pool_end = 0.0.0.0
Wed 02/04/09 09:12 PM:   ifconfig_pool_defined = DISABLED
Wed 02/04/09 09:12 PM:   ifconfig_pool_start = 0.0.0.0
Wed 02/04/09 09:12 PM:   ifconfig_pool_end = 0.0.0.0
Wed 02/04/09 09:12 PM:   ifconfig_pool_netmask = 0.0.0.0
Wed 02/04/09 09:12 PM:   ifconfig_pool_persist_filename = '[UNDEF]'
Wed 02/04/09 09:12 PM:   ifconfig_pool_persist_refresh_freq = 600
Wed 02/04/09 09:12 PM:   n_bcast_buf = 256
Wed 02/04/09 09:12 PM:   tcp_queue_limit = 64
Wed 02/04/09 09:12 PM:   real_hash_size = 256
Wed 02/04/09 09:12 PM:   virtual_hash_size = 256
Wed 02/04/09 09:12 PM:   client_connect_script = '[UNDEF]'
Wed 02/04/09 09:12 PM:   learn_address_script = '[UNDEF]'
Wed 02/04/09 09:12 PM:   client_disconnect_script = '[UNDEF]'
Wed 02/04/09 09:12 PM:   client_config_dir = '[UNDEF]'
Wed 02/04/09 09:12 PM:   ccd_exclusive = DISABLED
Wed 02/04/09 09:12 PM:   tmp_dir = '[UNDEF]'
Wed 02/04/09 09:12 PM:   push_ifconfig_defined = DISABLED
Wed 02/04/09 09:12 PM:   push_ifconfig_local = 0.0.0.0
Wed 02/04/09 09:12 PM:   push_ifconfig_remote_netmask = 0.0.0.0
Wed 02/04/09 09:12 PM:   enable_c2c = DISABLED
Wed 02/04/09 09:12 PM:   duplicate_cn = DISABLED
Wed 02/04/09 09:12 PM:   cf_max = 0
Wed 02/04/09 09:12 PM:   cf_per = 0
Wed 02/04/09 09:12 PM:   max_clients = 1024
Wed 02/04/09 09:12 PM:   max_routes_per_client = 256
Wed 02/04/09 09:12 PM:   auth_user_pass_verify_script = '[UNDEF]'
Wed 02/04/09 09:12 PM:   auth_user_pass_verify_script_via_file = DISABLED
Wed 02/04/09 09:12 PM:   ssl_flags = 0
Wed 02/04/09 09:12 PM:   port_share_host = '[UNDEF]'
Wed 02/04/09 09:12 PM:   port_share_port = 0
Wed 02/04/09 09:12 PM:   client = DISABLED
Wed 02/04/09 09:12 PM:   pull = ENABLED
Wed 02/04/09 09:12 PM:   auth_user_pass_file = '[UNDEF]'
Wed 02/04/09 09:12 PM: OpenVPN 2.1_rc15 i386-apple-darwin9.5.0 [SSL] [LZO2] built on Nov 19 2008
Wed 02/04/09 09:12 PM: MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
Wed 02/04/09 09:12 PM:  waiting...
Wed 02/04/09 09:12 PM: MANAGEMENT: Client connected from 127.0.0.1:1337
Wed 12/31/69 07:00 PM: END
Wed 12/31/69 07:00 PM: SUCCESS: hold release succeeded
Wed 02/04/09 09:12 PM: WARNING: --ping should normally be used with --ping-restart or --ping-exit
Wed 02/04/09 09:12 PM: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed 02/04/09 09:12 PM: WARNING: file '/Users/stephen/Library/openvpn/DMVPN/swkdelmck.key' is group or others accessible
Wed 02/04/09 09:12 PM: LZO compression initialized
Wed 02/04/09 09:12 PM: Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Wed 02/04/09 09:12 PM: Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Wed 02/04/09 09:12 PM: tls-client'
Wed 02/04/09 09:12 PM: tls-server'
Wed 02/04/09 09:12 PM: Local Options hash (VER=V4): '69109d17'
Wed 02/04/09 09:12 PM: Expected Remote Options hash (VER=V4): 'c0103fa8'
Wed 02/04/09 09:12 PM: Attempting to establish TCP connection with ***.***.***.***:1194 [nonblock]
Wed 02/04/09 09:12 PM: 
Wed 02/04/09 09:12 PM: TCP connection established with ***.***.***.***:1194
Wed 02/04/09 09:12 PM: Socket Buffers: R=[525624->65536] S=[131768->65536]
Wed 02/04/09 09:12 PM: TCPv4_CLIENT link local: [undef]
Wed 02/04/09 09:12 PM: TCPv4_CLIENT link remote: ***.***.***.***:1194
Wed 02/04/09 09:12 PM: 
Wed 02/04/09 09:12 PM: 
Wed 02/04/09 09:12 PM:  sid=1d8d082f cc397870
Wed 02/04/09 09:12 PM:  /C=US/ST=KY/L=Louisville/O=pfSense/CN=/root/easyrsa4pfsense/emailAddress=sullrich@gmail.com
Wed 02/04/09 09:12 PM: VERIFY OK: nsCertType=SERVER
Wed 02/04/09 09:12 PM:  /C=US/ST=KY/L=Louisville/O=pfSense/CN=server/emailAddress=sullrich@gmail.com
Wed 02/04/09 09:12 PM: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed 02/04/09 09:12 PM: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed 02/04/09 09:12 PM: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed 02/04/09 09:12 PM: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed 02/04/09 09:12 PM:  1024 bit RSA
Wed 02/04/09 09:12 PM: [server] Peer Connection Initiated with ***.***.***.***:1194
Wed 02/04/09 09:12 PM: 
Wed 02/04/09 09:12 PM: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed 02/04/09 09:12 PM: ifconfig 10.0.100.6 10.0.100.5'
Wed 02/04/09 09:12 PM: OPTIONS IMPORT: timers and/or timeouts modified
Wed 02/04/09 09:12 PM: OPTIONS IMPORT: --ifconfig/up options modified
Wed 02/04/09 09:12 PM: OPTIONS IMPORT: route options modified
Wed 02/04/09 09:12 PM: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed 02/04/09 09:12 PM: ROUTE default_gateway=192.168.0.1
Wed 02/04/09 09:12 PM: TUN/TAP device /dev/tun0 opened
Wed 02/04/09 09:12 PM: 
Wed 02/04/09 09:12 PM: /sbin/ifconfig tun0 delete
Wed 02/04/09 09:12 PM: NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
Wed 02/04/09 09:12 PM: /sbin/ifconfig tun0 10.0.100.6 10.0.100.5 mtu 1500 netmask 255.255.255.255 up
Wed 02/04/09 09:12 PM: /Applications/Tunnelblick.app/Contents/Resources/client.up.osx.sh tun0 1500 1544 10.0.100.6 10.0.100.5 init
Wed 02/04/09 09:12 PM: 
Wed 02/04/09 09:12 PM: /sbin/route add -net 10.0.0.0 10.0.100.5 255.255.255.0
Wed 02/04/09 09:12 PM: /sbin/route add -net 10.0.100.1 10.0.100.5 255.255.255.255
Wed 02/04/09 09:12 PM: Initialization Sequence Completed
Wed 02/04/09 09:12 PM: ***.***.***.***
Wed 02/04/09 09:13 PM:  restarting [0]
Wed 02/04/09 09:13 PM: TCP/UDP: Closing socket
Wed 02/04/09 09:13 PM:  process restarting
Wed 02/04/09 09:13 PM: 
Wed 12/31/69 07:00 PM: SUCCESS: hold release succeeded
Wed 02/04/09 09:13 PM: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed 02/04/09 09:13 PM: Re-using SSL/TLS context
Wed 02/04/09 09:13 PM: LZO compression initialized
Wed 02/04/09 09:13 PM: Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Wed 02/04/09 09:13 PM: Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Wed 02/04/09 09:13 PM: tls-client'
Wed 02/04/09 09:13 PM: tls-server'
Wed 02/04/09 09:13 PM: Local Options hash (VER=V4): '69109d17'
Wed 02/04/09 09:13 PM: Expected Remote Options hash (VER=V4): 'c0103fa8'
Wed 02/04/09 09:13 PM: Attempting to establish TCP connection with ***.***.***.***:1194 [nonblock]
Wed 02/04/09 09:13 PM: 
Wed 02/04/09 09:13 PM: TCP connection established with ***.***.***.***:1194
Wed 02/04/09 09:13 PM: Socket Buffers: R=[525624->65536] S=[131768->65536]
Wed 02/04/09 09:13 PM: TCPv4_CLIENT link local: [undef]
Wed 02/04/09 09:13 PM: TCPv4_CLIENT link remote: ***.***.***.***:1194
Wed 02/04/09 09:13 PM: 
Wed 02/04/09 09:13 PM: 
Wed 02/04/09 09:13 PM:  sid=2ff8656e 33de7b9f
Wed 02/04/09 09:13 PM:  /C=US/ST=KY/L=Louisville/O=pfSense/CN=/root/easyrsa4pfsense/emailAddress=sullrich@gmail.com
Wed 02/04/09 09:13 PM: VERIFY OK: nsCertType=SERVER
Wed 02/04/09 09:13 PM:  /C=US/ST=KY/L=Louisville/O=pfSense/CN=server/emailAddress=sullrich@gmail.com
Wed 02/04/09 09:13 PM: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed 02/04/09 09:13 PM: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed 02/04/09 09:13 PM: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed 02/04/09 09:13 PM: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed 02/04/09 09:13 PM:  1024 bit RSA
Wed 02/04/09 09:13 PM: [server] Peer Connection Initiated with ***.***.***.***:1194
Wed 02/04/09 09:13 PM: 
Wed 02/04/09 09:13 PM: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed 02/04/09 09:13 PM: ifconfig 10.0.100.6 10.0.100.5'
Wed 02/04/09 09:13 PM: OPTIONS IMPORT: timers and/or timeouts modified
Wed 02/04/09 09:13 PM: OPTIONS IMPORT: --ifconfig/up options modified
Wed 02/04/09 09:13 PM: OPTIONS IMPORT: route options modified
Wed 02/04/09 09:13 PM: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed 02/04/09 09:13 PM: Preserving previous TUN/TAP instance: tun0
Wed 02/04/09 09:13 PM: Initialization Sequence Completed
Wed 02/04/09 09:13 PM: ***.***.***.***

This is from tunnelblick on my mac but I get the same constant disconnects from windows with openvpn-gui.

Thanks for any insight you can offer.[/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i]
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.