OpenVPN connection Reset



  • I have two pfSense firewalls set up with OpenVPN enabled. I am able to connect to one of them without issue. The other just keeps doing a soft reset (for lack of a better word). I have compared the configuration of both servers and they are identical except for the IP range and the dhcp-options being pushed.

    The server  configuration file, the client configuration file and the output from the client log are below. Does any one see anything mis-configured or that would cause this.

    Server configuration file:
    writepid /var/run/openvpn_server0.pid
    #user nobody
    #group nobody
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    dev tun
    proto tcp-server
    cipher BF-CBC
    up /etc/rc.filter_configure
    down /etc/rc.filter_configure
    server 192.168.253.0 255.255.255.0
    client-config-dir /var/etc/openvpn_csc
    lport 1194
    ca /var/etc/openvpn_server0.ca
    cert /var/etc/openvpn_server0.cert
    key /var/etc/openvpn_server0.key
    dh /var/etc/openvpn_server0.dh
    persist-remote-ip
    float
    push "route 192.168.2.0 255.255.255.0"
    push "dhcp-option DNS 192.168.2.1"
    push "dhcp-option DOMAIN mydomain.com"

    Client configuration file:
    ca /Users/ron/.openvpn/location2/ca.crt
    cert /Users/ron/.openvpn/location2/myvpn.crt
    key /Users/ron/.openvpn/location2/myvpn.key
    pull
    tls-client
    tls-remote vpn.mydomain.com
    proto tcp-client
    dev tun
    remote vpn.mydomain.com
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    up "/Users/myusername/.openvpn/acm-client.py up"
    down "/Users/myusername/.openvpn/acm-client.py down"
    port 1194
    comp-lzo
    ping 15
    ping-restart 45
    ping-timer-rem
    verb 3
    mute 20

    Client Connection Log:
    Fri 02/16/07 02:26 PM: Control Channel MTU parms [ L:1543 D:140 EF:40 EB:0 ET:0 EL:0 ]
    Fri 02/16/07 02:26 PM: Data Channel MTU parms [ L:1543 D:1450 EF:43 EB:4 ET:0 EL:0 ]
    Fri 02/16/07 02:26 PM: Local Options hash (VER=V4): 'db02a8f8'
    Fri 02/16/07 02:26 PM: Expected Remote Options hash (VER=V4): '7e068940'
    Fri 02/16/07 02:26 PM: Attempting to establish TCP connection with 75.39.57.241:1194
    Fri 02/16/07 02:26 PM: TCP connection established with 75.39.57.241:1194
    Fri 02/16/07 02:26 PM: TCPv4_CLIENT link local: [undef]
    Fri 02/16/07 02:26 PM: TCPv4_CLIENT link remote: 75.39.57.241:1194
    Fri 02/16/07 02:26 PM: TLS: Initial packet from 75.39.57.241:1194
    Fri 02/16/07 02:26 PM: VERIFY OK: depth=1
    Fri 02/16/07 02:26 PM: VERIFY X509NAME OK: /C=US/ST=MyState/O=mycompany/OU=OpenVPN/CN=vpn.mydomain.com/emailAddress=myname@mydomain.com
    Fri 02/16/07 02:26 PM: VERIFY OK: depth=0
    Fri 02/16/07 02:26 PM: write TCPv4_CLIENT: Broken pipe (code=32)
    Fri 02/16/07 02:26 PM: write TCPv4_CLIENT: Broken pipe (code=32)
    Fri 02/16/07 02:26 PM: Connection reset
    Fri 02/16/07 02:26 PM: TCP/UDP: Closing socket
    Fri 02/16/07 02:26 PM: SIGUSR1[soft
    Fri 02/16/07 02:26 PM: Re-using SSL/TLS context[/i]


Log in to reply