Windows Client can't ping after disconnect and reconnect
-
Hey everyone,
I just configured OpenVPN on pfsense 2.5.0. I installed the client on two windows 10 clients. I am able to connect fine the first time and can ping across the tunnel fine. however, when i either press the reconnect button or completely disconnect and reconnect, the connection establishes but i am unable to ping across the tunnel.
when i am in the reconnected state, the connection will try and reconnect every minute or so. here are client logs during the troubled state.
if i restart the server, i can connect and everything works fine again.
if i disconnect the client for a few minutes and then connect again, things work fine again.
im not sure how to get the VPN server config from my pfsense box.
client config: (i am testing this on an internal LAB network so yes, 10.10.1.49 is currently acting as the WAN IP)
dev tun persist-tun persist-key ncp-disable cipher AES-256-CBC auth SHA256 tls-client client resolv-retry infinite remote 10.10.1.49 1194 udp4 auth-user-pass ca pfSense-UDP4-1194-ca.crt tls-auth pfSense-UDP4-1194-tls.key 1 remote-cert-tls server
Thu Mar 04 15:02:53 2021 [openvpn.my.home] Inactivity timeout (--ping-restart), restarting Thu Mar 04 15:02:53 2021 SIGUSR1[soft,ping-restart] received, process restarting Thu Mar 04 15:02:58 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]10.10.1.49:1194 Thu Mar 04 15:02:58 2021 UDPv4 link local (bound): [AF_INET][undef]:1194 Thu Mar 04 15:02:58 2021 UDPv4 link remote: [AF_INET]10.10.1.49:1194 Thu Mar 04 15:02:58 2021 [openvpn.my.home] Peer Connection Initiated with [AF_INET]10.10.1.49:1194 Thu Mar 04 15:02:59 2021 Preserving previous TUN/TAP instance: OpenVPN TAP-Windows6 Thu Mar 04 15:02:59 2021 Initialization Sequence Completed Thu Mar 04 15:03:59 2021 [openvpn.my.home] Inactivity timeout (--ping-restart), restarting Thu Mar 04 15:03:59 2021 SIGUSR1[soft,ping-restart] received, process restarting Thu Mar 04 15:04:04 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]10.10.1.49:1194 Thu Mar 04 15:04:04 2021 UDPv4 link local (bound): [AF_INET][undef]:1194 Thu Mar 04 15:04:04 2021 UDPv4 link remote: [AF_INET]10.10.1.49:1194 Thu Mar 04 15:04:04 2021 [openvpn.my.home] Peer Connection Initiated with [AF_INET]10.10.1.49:1194 Thu Mar 04 15:04:05 2021 Preserving previous TUN/TAP instance: OpenVPN TAP-Windows6 Thu Mar 04 15:04:05 2021 Initialization Sequence Completed
-
@se_marc
There was a thread about fast disconnect/reconnect would'nt work
There was a timer on tthe server that had to expire before reconnect.
I think 3 or 4 times 40 secsThere was a fix for that in the thread
-
@bingo600 awesome, ill give the forum another search!
-
the fix for this is in thread https://forum.netgate.com/topic/161324/openvpn-is-not-working-if-client-is-reconnected-immediately/11
i needed to check the box for "Use a random local source port (lport) for traffic from the client. Without this set, two clients may not run concurrently." on the client export plug-in. this option adds
lport 0
to the client config.