Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN drops connection after 120 seconds

    OpenVPN
    2
    13
    742
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sandman42
      last edited by

      Hi,

      I have a pfSense 2.4.5 that acts as an OpenVPN server with 8 tunnels on it
      Every tunnel stays on for 120 seconds, then goes down and returns up after 20 minutes.

      It shouldn't be a problem of no traffic on tunnel, since I have a ping -t to the client, that answers when the tunnel is up and gives timeout when tunnel is down.

      What could be the cause of this kind of behavior? I need to have tunnel always up.

      Thanks and ciao

      N 1 Reply Last reply Reply Quote 0
      • N
        netblues @sandman42
        last edited by

        @sandman42 Looks like a duplicate tunnel issue.
        Are you using different credentials for each tunnel?

        S 1 Reply Last reply Reply Quote 0
        • S
          sandman42 @netblues
          last edited by

          @netblues Hi,
          thanks for your answer.
          I don't use credentials (i.e. user/pass). I use a pre-shared key (2048 bit OpenVPN static key).

          Remote is not human, it's a LTE router.

          Ciao

          N 1 Reply Last reply Reply Quote 0
          • N
            netblues @sandman42
            last edited by

            @sandman42 same key for all sessions?

            S 1 Reply Last reply Reply Quote 0
            • S
              sandman42 @netblues
              last edited by

              @netblues Yes, same key

              N 1 Reply Last reply Reply Quote 0
              • N
                netblues @sandman42
                last edited by

                @sandman42 Try connecting with different key.
                Also see this setting

                352ff533-78a9-4a3c-97f4-437c796e91cf-image.png

                Allow duplicate connections might also work.

                Can you post your openvpn settings?

                S 1 Reply Last reply Reply Quote 0
                • S
                  sandman42 @netblues
                  last edited by

                  @netblues I've tried to use a different key.
                  If I keep a ping -t from a machine on server side to another machine on the remote, tunnel remains up. If i stop the ping, it goes down after two minutes.

                  Where are the settings you've shown?
                  In the pfSense version I actually use (2.4.5-RELEASE-p1 (amd64)) I haven't found them.

                  Which openvpn setting you need? the pfsense or the remote ones?

                  Thanks

                  N 1 Reply Last reply Reply Quote 0
                  • N
                    netblues @sandman42
                    last edited by netblues

                    @sandman42 pfsense vpn server definition settings.
                    However if it doesn't stop when pinging then its lte related.
                    Most probably you are behind cgn, and either your carrier or your end device drops the connection

                    The float option on openvpn allows the tunnel to reestablish if the client ip changes. Check this option
                    But it does take some time for this to happen.
                    And if the traffic is not client generated, then it won't work
                    You can make pfsense run the pings thoough, if this is an acceptable solution, (with 0 payload too to keep traffic at minimum)

                    S 1 Reply Last reply Reply Quote 0
                    • S
                      sandman42 @netblues
                      last edited by

                      @netblues Here are pfSense OpenVPN settings

                      1-GeneralInformation.JPG 2-CryptoSettings.JPG 3-Tunnel.JPG 4-Ping.JPG 5-Advanced.JPG

                      How can I set the continuous ping from pfsense?

                      Thanks

                      N 1 Reply Last reply Reply Quote 0
                      • N
                        netblues @sandman42
                        last edited by

                        @sandman42 change setting to remote access and the setting will appear

                        One way of doing this is creating custom gateways and setting the monitor ip to the ip assigned to the client.
                        No actions needed if gateway goes down.

                        S 1 Reply Last reply Reply Quote 0
                        • S
                          sandman42 @netblues
                          last edited by

                          @netblues I've tried: no difference.

                          Ciao

                          N 1 Reply Last reply Reply Quote 0
                          • N
                            netblues @sandman42
                            last edited by

                            @sandman42 As I said, if the problem appears with a single connection, the problem is somewhere else.
                            Especially if the problem goes away with constant ping.

                            S 1 Reply Last reply Reply Quote 0
                            • S
                              sandman42 @netblues
                              last edited by

                              @netblues it appears on all OpenVPN connections. I've chosen the one that has the best UMTS signal level, so to avoid disconnections for low signal

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.