Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Site to Site keeps disconnecting after upgrade to 2.5.0

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 610 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      decibel83
      last edited by decibel83

      Hi everyone,
      I've already read many posts about problems on OpenVPN after upgrading to pfSense 2.5.0, but I did not managed in solving my problem.

      I have a Site to Site OpenVPN connection which was working very well before upgrading the client to pfSense 2.5.0.
      The server is still on version 2.4.4 and I cannot upgrade it at the moment (i have to wait some weeks before doing it).

      The problem is that the VPN connection keeps disconnecting and reconnecting about 2-3 times per day automatically without any intervention.

      The strange thing is that it is connected since 4 days on the server:
      OPenVPN Status on server.png

      but it is connected since just few hours on the client (the screenshot was taken at the same time of the server one):
      OPenVPN Status on client.png

      On both server and client logs I don't see any relevant errors.

      Logs on the server when the client reconnects (only the reconnection log):

      Mar 17 17:47:15 	openvpn 	81008 	Peer Connection Initiated with [AF_INET]192.0.2.1:5916
      Mar 17 17:42:26 	openvpn 	81008 	Peer Connection Initiated with [AF_INET]192.0.2.1:44201 
      

      Logs on the client are much bigger but not relevant:

      Mar 17 17:46:38 	openvpn 	90610 	Initialization Sequence Completed
      Mar 17 17:46:38 	openvpn 	90610 	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
      Mar 17 17:46:37 	openvpn 	90610 	Peer Connection Initiated with [AF_INET]192.0.2.2:4834
      Mar 17 17:46:37 	openvpn 	90610 	UDPv4 link remote: [AF_INET]192.0.2.2:4834
      Mar 17 17:46:37 	openvpn 	90610 	UDPv4 link local (bound): [AF_INET]10.0.0.10:0
      Mar 17 17:46:37 	openvpn 	90610 	TCP/UDP: Preserving recently used remote address: [AF_INET]192.0.2.2:4834
      Mar 17 17:46:37 	openvpn 	90610 	/usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 192.168.234.250 192.168.234.249 init
      Mar 17 17:46:37 	openvpn 	90610 	/sbin/ifconfig ovpnc1 192.168.234.250 192.168.234.249 mtu 1500 netmask 255.255.255.255 up
      Mar 17 17:46:37 	openvpn 	90610 	ioctl(TUNSIFMODE): Device busy (errno=16)
      Mar 17 17:46:37 	openvpn 	90610 	TUN/TAP device /dev/tun1 opened
      Mar 17 17:46:37 	openvpn 	90610 	TUN/TAP device ovpnc1 exists previously, keep at program end
      Mar 17 17:46:36 	openvpn 	90610 	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
      Mar 17 17:46:36 	openvpn 	89797 	library versions: OpenSSL 1.1.1i-freebsd 8 Dec 2020, LZO 2.10
      Mar 17 17:46:36 	openvpn 	89797 	OpenVPN 2.5.0 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Feb 5 2021
      Mar 17 17:46:36 	openvpn 	89797 	Cipher negotiation is disabled since neither P2MP client nor server mode is enabled 
      

      I've already checked both configuration on server and client and parameters are the same. I've already tried setting the Inactive parameter on client to 0 and to 172800 (2 days) without solving the problem.

      Could you help me to understand how I can solve, please?

      Thank you very much!

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Something is restarting it, but you'll need to check through the other logs (e.g. system log, gateway log) to see what is triggering that.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.