Problems with clients

garona

Hi, i having a trouble for a couple of days, my vpn clients are working for 3 or 4 days, after this, we can't connect using installed client and need to download the same client again, and i am in this loop. On pfsense we have a dynamic public ip and dyndns configured.Someone have or has this kind of problem?
Thanks

Rico

Whats in the OpenVPN Server and Client Logs when the connection stops working?

-Rico

garona

Client:
Wed Oct 09 11:28:44 2019 TCP/UDP: Incoming packet rejected from [AF_INET]XXX.XXX.XXX.XX:1194[2], expected peer address: [AF_INET]XXX.XXX.XXX.XX:1199 (allow this incoming source address/port by removing --remote or adding --float)
Wed Oct 09 11:28:53 2019 TCP/UDP: Incoming packet rejected from [AF_INET]XXX.XXX.XXX.XX:1194[2], expected peer address: [AF_INET]XXX.XXX.XXX.XX:1199 (allow this incoming source address/port by removing --remote or adding --float)
Wed Oct 09 11:29:03 2019 TCP/UDP: Incoming packet rejected from [AF_INET]XXX.XXX.XXX.XX:1194[2], expected peer address: [AF_INET]XXX.XXX.XXX.XX:1199 (allow this incoming source address/port by removing --remote or adding --float)
Wed Oct 09 11:29:14 2019 TCP/UDP: Incoming packet rejected from [AF_INET]XXX.XXX.XXX.XX:1194[2], expected peer address: [AF_INET]XXX.XXX.XXX.XX:1199 (allow this incoming source address/port by removing --remote or adding --float)
Wed Oct 09 11:29:23 2019 TCP/UDP: Incoming packet rejected from [AF_INET]XXX.XXX.XXX.XX:1194[2], expected peer address: [AF_INET]XXX.XXX.XXX.XX:1199 (allow this incoming source address/port by removing --remote or adding --float)
Wed Oct 09 11:29:43 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Oct 09 11:29:43 2019 TLS Error: TLS handshake failed
Wed Oct 09 11:29:43 2019 SIGUSR1[soft,tls-error] received, process restarting
Wed Oct 09 11:29:48 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]XXX.XXX.XXX.XX:1199
Wed Oct 09 11:29:48 2019 UDP link local (bound): [AF_INET][undef]:1194
Wed Oct 09 11:29:48 2019 UDP link remote: [AF_INET]XXX.XXX.XXX.XX:1199

Openvpn Server:
Oct 9 11:17:04 openvpn 54762 XXX.XXX.XX.XXX:1194 [another.user] Peer Connection Initiated with [AF_INET]XXX.XXX.XX.XXX:1194
Oct 9 11:17:04 openvpn user 'another.user' could not authenticate.
Oct 9 11:25:24 openvpn 54762 another.user/XXX.XXX.XX.XXX:6502 peer info: IV_VER=2.4.5
Oct 9 11:25:24 openvpn 54762 another.user/XXX.XXX.XX.XXX:6502 peer info: IV_PLAT=win
Oct 9 11:25:24 openvpn 54762 another.user/XXX.XXX.XX.XXX:6502 peer info: IV_PROTO=2
Oct 9 11:25:24 openvpn 54762 another.user/XXX.XXX.XX.XXX:6502 peer info: IV_LZ4=1
Oct 9 11:25:24 openvpn 54762 another.user/XXX.XXX.XX.XXX:6502 peer info: IV_LZ4v2=1
Oct 9 11:25:24 openvpn 54762 another.user/XXX.XXX.XX.XXX:6502 peer info: IV_LZO=1
Oct 9 11:25:24 openvpn 54762 another.user/XXX.XXX.XX.XXX:6502 peer info: IV_COMP_STUB=1
Oct 9 11:25:24 openvpn 54762 another.user/XXX.XXX.XX.XXX:6502 peer info: IV_COMP_STUBv2=1
Oct 9 11:25:24 openvpn 54762 another.user/XXX.XXX.XX.XXX:6502 peer info: IV_TCPNL=1
Oct 9 11:25:24 openvpn 54762 another.user/XXX.XXX.XX.XXX:6502 peer info: IV_GUI_VER=OpenVPN_GUI_11
Oct 9 11:25:24 openvpn user 'another.user' authenticated
Oct 9 11:29:26 openvpn 54762 my.user/XXX.XXX.XX.XXX:1378 [my.user] Inactivity timeout (--ping-restart), restarting

The user that i tried to connect doesn't appear in server logs.

Pippin

No access to pfS at the moment but on client side add

float

to the config.
Could be a checkbox too in CSO.
See --float in manual 2.4:
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage