Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unstable OpenVPN Connection.

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 519 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      robmontreal
      last edited by robmontreal

      Hello all...

      I could not find any post with same issue as me, so I am posting this.
      I am new to Pfsense. I just installed a 2100 MAX at the company my wife works for.

      All seems well except when I VPN in, the connection is unstable, meaning my openvpn client keeps dropping the connection or the connection is bad.
      Its pretty bad cannot keep an RDP session going, or just using windows explorer, is horrible.

      So i am not user what is causing this, my side their side or VPN.

      When i do a ping or traceroute test from the 2100, the stats are good.

      Is there something i can do to verify whether this is a network issues on their end or the 2100.

      I can VPN in to other networks without any issues, only this one. Here is some info:

      I am using UDP for VPN, should I try TCP?

      My openvpn client version is: Windows v2.5.7-1602

      My openvpn client log for the most recent connections is below:

      2022-06-23 09:06:49 OpenVPN 2.5.4 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 15 2021
      2022-06-23 09:06:49 Windows version 10.0 (Windows 10 or greater) 64bit
      2022-06-23 09:06:49 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
      2022-06-23 09:06:51 TCP/UDP: Preserving recently used remote address: [AF_INET]XXX.XXX.XXX.95:1194
      2022-06-23 09:06:51 UDPv4 link local: (not bound)
      2022-06-23 09:06:51 UDPv4 link remote: [AF_INET]XXX.XXX.XXX.95:1194
      2022-06-23 09:06:54 [NovaVPN] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.95:1194
      2022-06-23 09:06:56 open_tun
      2022-06-23 09:06:56 tap-windows6 device [Local Area Connection] opened
      2022-06-23 09:06:56 Set TAP-Windows TUN subnet mode network/local/netmask = 10.8.0.0/10.8.0.2/255.255.255.0 [SUCCEEDED]
      2022-06-23 09:06:56 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.2/255.255.255.0 on interface {B9D79B0E-960F-42B9-8F6E-BCFAA189FC7E} [DHCP-serv: 10.8.0.254, lease-time: 31536000]
      2022-06-23 09:06:56 Successful ARP Flush on interface [27] {B9D79B0E-960F-42B9-8F6E-BCFAA189FC7E}
      2022-06-23 09:06:56 IPv4 MTU set to 1500 on interface 27 using service
      2022-06-23 09:07:01 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
      2022-06-23 09:07:01 Initialization Sequence Completed
      2022-06-23 09:09:03 [NovaVPN] Inactivity timeout (--ping-restart), restarting
      2022-06-23 09:09:03 SIGUSR1[soft,ping-restart] received, process restarting
      2022-06-23 09:09:08 TCP/UDP: Preserving recently used remote address: [AF_INET]XXX.XXX.XXX.95:1194
      2022-06-23 09:09:08 UDPv4 link local: (not bound)
      2022-06-23 09:09:08 UDPv4 link remote: [AF_INET]XXX.XXX.XXX.95:1194
      2022-06-23 09:09:11 [NovaVPN] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.95:1194
      2022-06-23 09:09:12 Preserving previous TUN/TAP instance: Local Area Connection
      2022-06-23 09:09:12 Initialization Sequence Completed
      2022-06-23 09:11:02 [NovaVPN] Inactivity timeout (--ping-restart), restarting
      2022-06-23 09:11:02 SIGUSR1[soft,ping-restart] received, process restarting
      2022-06-23 09:11:07 TCP/UDP: Preserving recently used remote address: [AF_INET]XXX.XXX.XXX.95:1194
      2022-06-23 09:11:07 UDPv4 link local: (not bound)
      2022-06-23 09:11:07 UDPv4 link remote: [AF_INET]XXX.XXX.XXX.95:1194
      2022-06-23 09:11:09 [NovaVPN] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.95:1194
      2022-06-23 09:11:11 Preserving previous TUN/TAP instance: Local Area Connection
      2022-06-23 09:11:11 Initialization Sequence Completed
      2022-06-23 09:13:11 [NovaVPN] Inactivity timeout (--ping-restart), restarting
      2022-06-23 09:13:11 SIGUSR1[soft,ping-restart] received, process restarting
      2022-06-23 09:13:16 TCP/UDP: Preserving recently used remote address: [AF_INET]XXX.XXX.XXX.95:1194
      2022-06-23 09:13:16 UDPv4 link local: (not bound)
      2022-06-23 09:13:16 UDPv4 link remote: [AF_INET]XXX.XXX.XXX.95:1194
      2022-06-23 09:13:19 [NovaVPN] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.95:1194
      2022-06-23 09:13:20 Preserving previous TUN/TAP instance: Local Area Connection
      2022-06-23 09:13:20 Initialization Sequence Completed

      Pfsense version: 22.01 dashboard says its the latest.

      OpenVPN server:
      Mode: Remote Access ( SSL/TLS + User Auth )
      Data Ciphers: AES-256-GCM, AES-128-GCM, CHACHA20-POLY1305, AES-256-CBC
      Digest: SHA256
      D-H Params: 2048 bits

      Openvpn log from Pfsense:

      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_VER=2.5.3
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_PLAT=win
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_PROTO=6
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_NCP=2
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_LZ4=1
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_LZ4v2=1
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_LZO=1
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_COMP_STUB=1
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_COMP_STUBv2=1
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_TCPNL=1
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_GUI_VER=OpenVPN_GUI_11
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 peer info: IV_SSO=openurl,crtext
      Jun 23 18:20:18 openvpn 46628 XXX.XXX.XXX.242:53367 [Rob] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.242:53367
      Jun 23 18:20:19 openvpn 89083 user 'rob' authenticated
      Jun 23 18:20:19 openvpn 46628 Rob/XXX.XXX.XXX.242:53367 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
      Jun 23 18:20:19 openvpn 89505 openvpn server 'ovpns1' user 'rob' address 'XXX.XXX.XXX.242' - connected
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_VER=2.5.4
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_PLAT=win
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_PROTO=6
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_NCP=2
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_LZ4=1
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_LZ4v2=1
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_LZO=1
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_COMP_STUB=1
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_COMP_STUBv2=1
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_TCPNL=1
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_GUI_VER=OpenVPN_GUI_11
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 peer info: IV_SSO=openurl,crtext
      Jun 23 18:23:44 openvpn 46628 XXX.XXX.XXX.27:52965 [Rob] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.27:52965
      Jun 23 18:23:45 openvpn 73914 user 'rob' authenticated
      Jun 23 18:23:45 openvpn 74045 openvpn server 'ovpns1' user 'rob' address 'XXX.XXX.XXX.242' - disconnected
      Jun 23 18:23:45 openvpn 46628 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
      Jun 23 18:23:45 openvpn 75659 openvpn server 'ovpns1' user 'rob' address 'XXX.XXX.XXX.27' - connected
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_VER=2.5.3
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_PLAT=win
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_PROTO=6
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_NCP=2
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_LZ4=1
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_LZ4v2=1
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_LZO=1
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_COMP_STUB=1
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_COMP_STUBv2=1
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_TCPNL=1
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_GUI_VER=OpenVPN_GUI_11
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 peer info: IV_SSO=openurl,crtext
      Jun 23 18:24:49 openvpn 46628 XXX.XXX.XXX.242:60264 [Rob] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.242:60264
      Jun 23 18:24:50 openvpn 99678 user 'rob' authenticated
      Jun 23 18:24:50 openvpn 301 openvpn server 'ovpns1' user 'rob' address 'XXX.XXX.XXX.27' - disconnected
      Jun 23 18:24:50 openvpn 46628 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
      Jun 23 18:24:50 openvpn 1998 openvpn server 'ovpns1' user 'rob' address 'XXX.XXX.XXX.242' - connected
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_VER=2.5.4
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_PLAT=win
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_PROTO=6
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_NCP=2
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_LZ4=1
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_LZ4v2=1
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_LZO=1
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_COMP_STUB=1
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_COMP_STUBv2=1
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_TCPNL=1
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_GUI_VER=OpenVPN_GUI_11
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 peer info: IV_SSO=openurl,crtext
      Jun 23 18:25:57 openvpn 46628 XXX.XXX.XXX.27:52616 [Rob] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.27:52616
      Jun 23 18:25:58 openvpn 35623 user 'rob' authenticated
      Jun 23 18:25:58 openvpn 35981 openvpn server 'ovpns1' user 'rob' address 'XXX.XXX.XXX.242' - disconnected
      Jun 23 18:25:58 openvpn 46628 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
      Jun 23 18:25:59 openvpn 37576 openvpn server 'ovpns1' user 'rob' address 'XXX.XXX.XXX.27' - connected
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_VER=2.5.3
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_PLAT=win
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_PROTO=6
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_NCP=2
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_LZ4=1
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_LZ4v2=1
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_LZO=1
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_COMP_STUB=1
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_COMP_STUBv2=1
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_TCPNL=1
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_GUI_VER=OpenVPN_GUI_11
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 peer info: IV_SSO=openurl,crtext
      Jun 23 18:26:58 openvpn 46628 XXX.XXX.XXX.242:55280 [Rob] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.242:55280
      Jun 23 18:26:59 openvpn 11114 user 'rob' authenticated
      Jun 23 18:26:59 openvpn 11437 openvpn server 'ovpns1' user 'rob' address 'XXX.XXX.XXX.27' - disconnected
      Jun 23 18:26:59 openvpn 46628 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
      Jun 23 18:26:59 openvpn 13426 openvpn server 'ovpns1' user 'rob' address 'XXX.XXX.XXX.242' - connected
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_VER=2.5.4
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_PLAT=win
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_PROTO=6
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_NCP=2
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_LZ4=1
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_LZ4v2=1
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_LZO=1
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_COMP_STUB=1
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_COMP_STUBv2=1
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_TCPNL=1
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_GUI_VER=OpenVPN_GUI_11
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 peer info: IV_SSO=openurl,crtext
      Jun 23 18:28:06 openvpn 46628 XXX.XXX.XXX.27:58785 [Rob] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.27:58785
      Jun 23 18:28:07 openvpn 44387 user 'rob' authenticated
      Jun 23 18:28:07 openvpn 44500 openvpn server 'ovpns1' user 'rob' address 'XXX.XXX.XXX.242' - disconnected
      Jun 23 18:28:07 openvpn 46628 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
      Jun 23 18:28:07 openvpn 46117 openvpn server 'ovpns1' user 'rob' address 'XXX.XXX.XXX.27' - connected

      When I connect to a PC behind this router with something like vnc, without openvpn it works ok, but i do not think its really comparable though.

      Outgoing connections form the LAN are fine when in the office, but no real specifics test has been done. The crappy switch that is there is a 100mb and old, not sure if that would be an issue or not to make that much of a difference.

      Any help appreciated!

      Thanks to all and have a great day!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.