OpenVPN Site to Site keeps disconnecting after upgrade to 2.5.0

decibel83

Hi everyone,
I've already read many posts about problems on OpenVPN after upgrading to pfSense 2.5.0, but I did not managed in solving my problem.

I have a Site to Site OpenVPN connection which was working very well before upgrading the client to pfSense 2.5.0.
The server is still on version 2.4.4 and I cannot upgrade it at the moment (i have to wait some weeks before doing it).

The problem is that the VPN connection keeps disconnecting and reconnecting about 2-3 times per day automatically without any intervention.

The strange thing is that it is connected since 4 days on the server:

but it is connected since just few hours on the client (the screenshot was taken at the same time of the server one):

On both server and client logs I don't see any relevant errors.

Logs on the server when the client reconnects (only the reconnection log):

Mar 17 17:47:15 	openvpn 	81008 	Peer Connection Initiated with [AF_INET]192.0.2.1:5916
Mar 17 17:42:26 	openvpn 	81008 	Peer Connection Initiated with [AF_INET]192.0.2.1:44201 

Logs on the client are much bigger but not relevant:

Mar 17 17:46:38 	openvpn 	90610 	Initialization Sequence Completed
Mar 17 17:46:38 	openvpn 	90610 	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mar 17 17:46:37 	openvpn 	90610 	Peer Connection Initiated with [AF_INET]192.0.2.2:4834
Mar 17 17:46:37 	openvpn 	90610 	UDPv4 link remote: [AF_INET]192.0.2.2:4834
Mar 17 17:46:37 	openvpn 	90610 	UDPv4 link local (bound): [AF_INET]10.0.0.10:0
Mar 17 17:46:37 	openvpn 	90610 	TCP/UDP: Preserving recently used remote address: [AF_INET]192.0.2.2:4834
Mar 17 17:46:37 	openvpn 	90610 	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 192.168.234.250 192.168.234.249 init
Mar 17 17:46:37 	openvpn 	90610 	/sbin/ifconfig ovpnc1 192.168.234.250 192.168.234.249 mtu 1500 netmask 255.255.255.255 up
Mar 17 17:46:37 	openvpn 	90610 	ioctl(TUNSIFMODE): Device busy (errno=16)
Mar 17 17:46:37 	openvpn 	90610 	TUN/TAP device /dev/tun1 opened
Mar 17 17:46:37 	openvpn 	90610 	TUN/TAP device ovpnc1 exists previously, keep at program end
Mar 17 17:46:36 	openvpn 	90610 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mar 17 17:46:36 	openvpn 	89797 	library versions: OpenSSL 1.1.1i-freebsd 8 Dec 2020, LZO 2.10
Mar 17 17:46:36 	openvpn 	89797 	OpenVPN 2.5.0 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Feb 5 2021
Mar 17 17:46:36 	openvpn 	89797 	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled 

I've already checked both configuration on server and client and parameters are the same. I've already tried setting the Inactive parameter on client to 0 and to 172800 (2 days) without solving the problem.

Could you help me to understand how I can solve, please?

Thank you very much!

jimp

Something is restarting it, but you'll need to check through the other logs (e.g. system log, gateway log) to see what is triggering that.