OpenVPN connection Reset
-
I have two pfSense firewalls set up with OpenVPN enabled. I am able to connect to one of them without issue. The other just keeps doing a soft reset (for lack of a better word). I have compared the configuration of both servers and they are identical except for the IP range and the dhcp-options being pushed.
The server configuration file, the client configuration file and the output from the client log are below. Does any one see anything mis-configured or that would cause this.
Server configuration file:
writepid /var/run/openvpn_server0.pid
#user nobody
#group nobody
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
dev tun
proto tcp-server
cipher BF-CBC
up /etc/rc.filter_configure
down /etc/rc.filter_configure
server 192.168.253.0 255.255.255.0
client-config-dir /var/etc/openvpn_csc
lport 1194
ca /var/etc/openvpn_server0.ca
cert /var/etc/openvpn_server0.cert
key /var/etc/openvpn_server0.key
dh /var/etc/openvpn_server0.dh
persist-remote-ip
float
push "route 192.168.2.0 255.255.255.0"
push "dhcp-option DNS 192.168.2.1"
push "dhcp-option DOMAIN mydomain.com"Client configuration file:
ca /Users/ron/.openvpn/location2/ca.crt
cert /Users/ron/.openvpn/location2/myvpn.crt
key /Users/ron/.openvpn/location2/myvpn.key
pull
tls-client
tls-remote vpn.mydomain.com
proto tcp-client
dev tun
remote vpn.mydomain.com
resolv-retry infinite
nobind
persist-key
persist-tun
up "/Users/myusername/.openvpn/acm-client.py up"
down "/Users/myusername/.openvpn/acm-client.py down"
port 1194
comp-lzo
ping 15
ping-restart 45
ping-timer-rem
verb 3
mute 20Client Connection Log:
Fri 02/16/07 02:26 PM: Control Channel MTU parms [ L:1543 D:140 EF:40 EB:0 ET:0 EL:0 ]
Fri 02/16/07 02:26 PM: Data Channel MTU parms [ L:1543 D:1450 EF:43 EB:4 ET:0 EL:0 ]
Fri 02/16/07 02:26 PM: Local Options hash (VER=V4): 'db02a8f8'
Fri 02/16/07 02:26 PM: Expected Remote Options hash (VER=V4): '7e068940'
Fri 02/16/07 02:26 PM: Attempting to establish TCP connection with 75.39.57.241:1194
Fri 02/16/07 02:26 PM: TCP connection established with 75.39.57.241:1194
Fri 02/16/07 02:26 PM: TCPv4_CLIENT link local: [undef]
Fri 02/16/07 02:26 PM: TCPv4_CLIENT link remote: 75.39.57.241:1194
Fri 02/16/07 02:26 PM: TLS: Initial packet from 75.39.57.241:1194
Fri 02/16/07 02:26 PM: VERIFY OK: depth=1
Fri 02/16/07 02:26 PM: VERIFY X509NAME OK: /C=US/ST=MyState/O=mycompany/OU=OpenVPN/CN=vpn.mydomain.com/emailAddress=myname@mydomain.com
Fri 02/16/07 02:26 PM: VERIFY OK: depth=0
Fri 02/16/07 02:26 PM: write TCPv4_CLIENT: Broken pipe (code=32)
Fri 02/16/07 02:26 PM: write TCPv4_CLIENT: Broken pipe (code=32)
Fri 02/16/07 02:26 PM: Connection reset
Fri 02/16/07 02:26 PM: TCP/UDP: Closing socket
Fri 02/16/07 02:26 PM: SIGUSR1[soft
Fri 02/16/07 02:26 PM: Re-using SSL/TLS context[/i]