OpenVPN Site to Site keeps disconnecting after upgrade to 2.5.0
-
Hi everyone,
I've already read many posts about problems on OpenVPN after upgrading to pfSense 2.5.0, but I did not managed in solving my problem.I have a Site to Site OpenVPN connection which was working very well before upgrading the client to pfSense 2.5.0.
The server is still on version 2.4.4 and I cannot upgrade it at the moment (i have to wait some weeks before doing it).The problem is that the VPN connection keeps disconnecting and reconnecting about 2-3 times per day automatically without any intervention.
The strange thing is that it is connected since 4 days on the server:
but it is connected since just few hours on the client (the screenshot was taken at the same time of the server one):
On both server and client logs I don't see any relevant errors.
Logs on the server when the client reconnects (only the reconnection log):
Mar 17 17:47:15 openvpn 81008 Peer Connection Initiated with [AF_INET]192.0.2.1:5916 Mar 17 17:42:26 openvpn 81008 Peer Connection Initiated with [AF_INET]192.0.2.1:44201
Logs on the client are much bigger but not relevant:
Mar 17 17:46:38 openvpn 90610 Initialization Sequence Completed Mar 17 17:46:38 openvpn 90610 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Mar 17 17:46:37 openvpn 90610 Peer Connection Initiated with [AF_INET]192.0.2.2:4834 Mar 17 17:46:37 openvpn 90610 UDPv4 link remote: [AF_INET]192.0.2.2:4834 Mar 17 17:46:37 openvpn 90610 UDPv4 link local (bound): [AF_INET]10.0.0.10:0 Mar 17 17:46:37 openvpn 90610 TCP/UDP: Preserving recently used remote address: [AF_INET]192.0.2.2:4834 Mar 17 17:46:37 openvpn 90610 /usr/local/sbin/ovpn-linkup ovpnc1 1500 1572 192.168.234.250 192.168.234.249 init Mar 17 17:46:37 openvpn 90610 /sbin/ifconfig ovpnc1 192.168.234.250 192.168.234.249 mtu 1500 netmask 255.255.255.255 up Mar 17 17:46:37 openvpn 90610 ioctl(TUNSIFMODE): Device busy (errno=16) Mar 17 17:46:37 openvpn 90610 TUN/TAP device /dev/tun1 opened Mar 17 17:46:37 openvpn 90610 TUN/TAP device ovpnc1 exists previously, keep at program end Mar 17 17:46:36 openvpn 90610 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 17 17:46:36 openvpn 89797 library versions: OpenSSL 1.1.1i-freebsd 8 Dec 2020, LZO 2.10 Mar 17 17:46:36 openvpn 89797 OpenVPN 2.5.0 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Feb 5 2021 Mar 17 17:46:36 openvpn 89797 Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
I've already checked both configuration on server and client and parameters are the same. I've already tried setting the Inactive parameter on client to 0 and to 172800 (2 days) without solving the problem.
Could you help me to understand how I can solve, please?
Thank you very much!
-
Something is restarting it, but you'll need to check through the other logs (e.g. system log, gateway log) to see what is triggering that.