losing OpenVPN connection every 20 - 120 seconds
-
Im trying to understand your internet connection a little.
What is it? DSL or fiber.. or? The ping time to the first gateway says that maybe the router is on premises. But fiber can be fairly quick as well.. Can you go to a command window and do c:>ping -n 2000 google.com and post the results??
My guess is that somehow your connection past your gateway is going up and down intermittently and causing the VPN connection to reset.
Otherwise the VPN server your pointed at may have issues.
-
fiber coming to white box which is directly connected by cat 6 cable to pf sense box wan port using ppoe type connection with user name and password
Microsoft Windows [Version 10.0.18363.535]
(c) 2019 Microsoft Corporation. All rights reserved.C:\Users\akila>ping -n 2000 google.com
Pinging google.com [172.217.19.174] with 32 bytes of data:
Reply from 172.217.19.174: bytes=32 time=8ms TTL=55
Reply from 172.217.19.174: bytes=32 time=7ms TTL=55
Reply from 172.217.19.174: bytes=32 time=7ms TTL=55
Reply from 172.217.19.174: bytes=32 time=7ms TTL=55
Reply from 172.217.19.174: bytes=32 time=7ms TTL=55
Reply from 172.217.19.174: bytes=32 time=12ms TTL=55 -
if you are not using it disable ipv6 under pppoe connection: ipv6 configuration type -> none
-
@kiokoman ok let me see
-
problem still the same
-
under system >advanced >networking : network interfaces. is reset all states checked or unchecked? i would uncheck that
-
@bcruze its was unchecked only
-
i even changed vpn server location but behaviour is still same
Jan 9 16:28:23 php-fpm 45949 /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use OPT1_VPNV4.
Jan 9 16:28:27 php-fpm 78271 /rc.newwanip: Creating rrd update script
Jan 9 16:28:29 php-fpm 78271 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 10.106.0.226 -> 10.187.0.86 - Restarting packages.
Jan 9 16:28:29 check_reload_status Starting packages
Jan 9 16:28:30 php-fpm 343 /rc.start_packages: Restarting/Starting all packages.
Jan 9 16:28:46 check_reload_status Syncing firewall -
did you reboot the system after the ip6 change posted above?
system > advanced > miscellanous > gateway monitoring > flush all states when gateway is down? what is that set too? i would have it unchecked as well
-
@bcruze ok let me do it now
-
@akkiz no difference still disconnects......
-
@chpalmer i also tried connecting a modem before pf box and used dhcp in wan interface but the problem is still same and wan ip never changes
-
Where did you get all those custom options from in the OpenVPN setup? Most of those are duplicated in the normal settings anyway.
I don't actually see any errors there. The connection comes up and receives a new IP from the server. It's assigned so has a gateway, pfSense treats it as a WAN and triggers the appropriate scripts when that happens. You could disable 'gateway monitoring action' for now to reduce what is run there.
Do you have a conflict with the LAN? What subnet are you running there? Can we see the routing table from Diag > Routes?
Steve
-
@stephenw10 hi custom options were taken as per user guide of express vpn i deleted them made no difference ,also gateway monitoring was disabled didnt help either
-
my guess is that your ISP is doing something funky with traffic and affecting your VPN. Have you rebooted your modem device? Maybe contact the ISP and ask if they have been having issues..
We have over 10 OpenVPN instances running between here and various locations and I can tell you that rarely do they ever go down. And if they do its a connectivity issue..
-
@chpalmer yes the isp here blocks vpn networks just like china,but internet speeds are very very good its a 250/50mbps line but on open vpn i usually get 50mbps on my laptop using express vpn app,like i told ddwrt works fine,and yes i rebooted
-
@akkiz said in losing OpenVPN connection every 20 - 120 seconds:
also gateway monitoring was disabled didnt help either
Don't disable monitoring disable the monitoring action.
The routing table looks OK except that I see only ovpnc2 there and your logs earlier showed ovpnc1. Havbe you configured two clients connecting to the same server? Are they still both enabled and disconnecting each other?
It looks to be connecting to the server since you're getting an IP address. Do you see any traffic coming back across the tunnel? Check the Status > OpenVPN page for traffic in both directions.
Steve
-
@stephenw10 ok i enabled monitoring as u adviced,yes i added 2 clients but enabled only one but no effect still disconnecting
-
Hi,
This is something I didn't see before :
@akkiz said in losing OpenVPN connection every 20 - 120 seconds:
Jan 8 18:52:14 php-fpm 342 /rc.newwanip: rc.newwanip called with empty interface.
This is an error condition.
Way back, the pfSense coders said this about the event of a "empty interface" :/* XXX: This really possible? */( see the rc.rc.newwanip file )
So, a very special situation - I can't tell anything more. Never saw such a issue.
The result will be :
Filters - firewall re reloaled.
Packages get restarted.
... and bail out.Btw : this is me just thinking out loud.
I do have an Express VPN account, but never set it up with pfSense.re-edit : "Empty interface" is normal after all: The VPN clients is bound to an Interface (bu you : the OPT1 interface) without an IPv4 or IPv6 specified. That's ok.
-
Ok so it connects and there is two way traffic and then presumably it disconnects.
Let see more OpenVPN logs showing that happening.
