Openvpn random reconnects with error "TUN write error..."

nokia88

Hello all,

Recently i created a new OpenVPN configuration because the old one was a bit outdated.
Everything seems to work well, except for the macOS clients. They seems to randomly reconnect the VPN connection. It doesn't happen at a fixed time, for example every 60minutes, but really at random like sometimes 10 times in 5minutes.

When i check the logs in the OpenVPN connect client i can see the following TUN errors:

10:27:35 TUN write error: cannot identify IP version for prefix
10:27:36 EVENT: TUN_ERROR TUN I/O error⏎
10:27:36 TUN Error: TUN I/O error
10:27:36 Client terminated, restarting in 5000 ms...
10:27:36 MacLifeCycle NET_IFACE en6
10:27:36 MacLifeCycle NET_IFACE en6
10:27:36 SetupClient: transmitting tun destroy request to /var/run/agent_ovpnconnect.sock
GET unix://[/var/run/agent_ovpnconnect.sock]/tun-destroy : 200 OK
/sbin/route delete -net x.x.x.x -netmask 255.255.255.252 x.x.x.x
delete net x.x.x.x: gateway x.x.x.x
/sbin/route delete -net x.x.x.x -netmask 255.255.255.0 x.x.x.x
delete net x.x.x.x: gateway x.x.x.x
/sbin/route delete -net x.x.x.x -netmask 255.255.255.255 x.x.x.x
delete net x.x.x.x: gateway x.x.x.x
/sbin/route delete -net 0.0.0.0 -netmask x.x.x.x x.x.x.x
delete net 0.0.0.0: gateway x.x.x.x
/sbin/route delete -net x.x.x.x-netmask x.x.x.x x.x.x.x
delete net x.x.x.x: gateway x.x.x.x
/sbin/ifconfig utun2 down
MacDNSAction: FLAGS=F
10:27:36 MacLifeCycle NET_STATE 1 status=ReachableViaWiFi flags=-R -------
10:27:40 EVENT: RECONNECTING 
10:27:41 Contacting x.x.x.x:11940 via UDP
10:27:41 UnixCommandAgent: transmitting bypass route to /var/run/agent_ovpnconnect.sock
{
	"host" : "x.x.x.x",
	"ipv6" : false,
	"pid" : 15555
}

10:27:41 Connecting to [x.x.x.x]:11940 (x.x.x.x) via UDPv4

In Pfsense -> System Logs -> Open VPN i don't see errors, just a normal reconnect.

Using the TunnelBlick OpenVPN client on the same machine seems to run without any issues so far. (MacOS Big Sur)
On Windows i'm using the OpenVPN GUI client also without any issues.

Could this be a problem related to the OpenVPN Connect client and MacOS, a configuration issue or something else?

I'm running Pfsense 2.5.1.

Pfsense openvpn server

Server mode = Remote Access ( User Auth)
Backend for Authentication = Active Directory
Protocol = UDP on IPv4 only
Device mode = tun - layer 3 tunnel Mode
Interface = wan
Local Port 11940
TLS configuration : Use a TLS key
TLS key XXX
TLS key usage mode = TLS authentication
TLS keydir direction = use default direction
Peer Certificate Authority = CA
Server certificate = vpnXXX
DH Parameter Lenght = ECHD Only
Data Encryption Alogrithms = AES-256-GCM
Fallback Data encryption algortims = AES-256-GCM
Auth Digest Algoritm = SHA512
IPv4 tunnel network x.x.x.x/24
Redirect IPv4 Gateway = Force all client-generated IPv4 traffic through the tunnel.
Dynamic IP = Allow connected clients to retain their connections if their IP address changes.
Topology = net30
Ping settings Inactive = 0
Ping Method = keepalive
Interval 10
Timeout 60

VPN client config

dev tun
tls-version-min "1.2" version
persist-tun
persist-key
cipher AES-256-GCM
ncp-ciphers AES-256-GCM
auth SHA512
tls-client
client
resolv-retry infinite
remote x.x.x.x 11940 udp4
auth-user-pass
remote-cert-tls server
compress
auth-nocache
reneg-sec 0
<ca>
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
</ca>
setenv CLIENT_CERT 0
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
xxx
-----END OpenVPN Static key V1-----
</tls-auth>