• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

OpenVPN Server not working

Scheduled Pinned Locked Moved 2.1 Snapshot Feedback and Problems - RETIRED
5 Posts 2 Posters 4.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • G
    ggzengel
    last edited by Jan 30, 2013, 2:45 AM

    2.1-BETA1 (amd64)
    built on Tue Jan 29 09:31:46 EST 2013

    I create an openvpn tun device with shared key.
    The only thing i see is:
    Jan 30 02:36:24 openvpn[19911]: Peer Connection Initiated with [AF_INET]5.6.7.8:28683
    Jan 30 02:35:22 openvpn[19911]: Peer Connection Initiated with [AF_INET]5.6.7.8:65182
    Jan 30 02:35:12 openvpn[19911]: Initialization Sequence Completed
    Jan 30 02:35:11 openvpn[19911]: Peer Connection Initiated with [AF_INET]5.6.7.8:40890
    Jan 30 02:35:11 openvpn[19911]: UDPv4 link remote: [undef]
    Jan 30 02:35:11 openvpn[19911]: UDPv4 link local (bound): [AF_INET]1.2.3.4:1194
    Jan 30 02:35:11 openvpn[18921]: /usr/local/sbin/ovpn-linkup ovpns2 1500 1561 10.255.255.129 10.255.255.130 init
    Jan 30 02:35:11 openvpn[18921]: /sbin/ifconfig ovpns2 10.255.255.129 10.255.255.130 mtu 1500 netmask 255.255.255.255 up
    Jan 30 02:35:11 openvpn[18921]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
    Jan 30 02:35:11 openvpn[18921]: TUN/TAP device /dev/tun2 opened
    Jan 30 02:35:11 openvpn[18921]: TUN/TAP device ovpns2 exists previously, keep at program end
    Jan 30 02:35:11 openvpn[18921]: Initializing OpenSSL support for engine 'cryptodev'
    Jan 30 02:35:11 openvpn[18921]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
    Jan 30 02:35:11 openvpn[18921]: OpenVPN 2.3.0 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jan 27 2013
    Jan 30 02:35:10 openvpn[19907]: SIGTERM[hard,] received, process exiting

    The client says:
    Jan 30 02:39:30 openvpn[94901]: UDPv4 link remote: [AF_INET]1.2.3.4:1194
    Jan 30 02:39:30 openvpn[94901]: UDPv4 link local (bound): [AF_INET]5.6.7.8
    Jan 30 02:39:30 openvpn[94901]: Preserving previous TUN/TAP instance: ovpnc2
    Jan 30 02:39:30 openvpn[94901]: Re-using pre-shared static key
    Jan 30 02:39:30 openvpn[94901]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
    Jan 30 02:39:28 openvpn[94901]: SIGUSR1[soft,ping-restart] received, process restarting
    Jan 30 02:39:28 openvpn[94901]: Inactivity timeout (–ping-restart), restarting
    Jan 30 02:38:28 openvpn[94901]: UDPv4 link remote: [AF_INET]1.2.3.4:1194
    Jan 30 02:38:28 openvpn[94901]: UDPv4 link local (bound): [AF_INET]5.6.7.8
    Jan 30 02:38:28 openvpn[94901]: Preserving previous TUN/TAP instance: ovpnc2
    Jan 30 02:38:28 openvpn[94901]: Re-using pre-shared static key
    Jan 30 02:38:28 openvpn[94901]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
    Jan 30 02:38:26 openvpn[94901]: SIGUSR1[soft,ping-restart] received, process restarting

    2.0.2-RELEASE (i386) as OVPN server is working with 2.1 client.

    If I look at the server config I will see (for Device Mode=tun):
    Bridge DHCP
    Bridge Interface
    Server Bridge DHCP Start
    Server Bridge DHCP End

    If I change Device Mode to tap the options will greyed out and if I change back to tun the options disappear.

    1 Reply Last reply Reply Quote 0
    • G
      ggzengel
      last edited by Feb 1, 2013, 8:59 PM

      The problem still exists:
      2.1-BETA1 (amd64)
      built on Fri Feb 1 01:33:53 EST 2013

      1 Reply Last reply Reply Quote 0
      • G
        ggzengel
        last edited by Feb 10, 2013, 3:56 PM

        I still have this problem with
        2.1-BETA1 (amd64)
        built on Sat Feb 9 23:46:16 EST 2013

        Server (A) is responding to the client (B). The status page shows bytes going in and out.
        The client (B) shows down in the openvpn status page.
        I cann't ping to the other side.
        The firewall log on both sides shows nothing.

        I have disabled compression. Changed from AES-256-CBC to AES-128-CBC. Disabled cryptodev in config. Nothing changed.
        The client (B) connect to an 3rd pfsense (C with 2.1-BETA1 (amd64) built on Fri Feb 1 01:33:53 EST 20) without errors.
        The server (A) has a openvpn client connection to the 3rd pfsense (C) without errors.

        In short:
        client (A) connect to server (C) without error.
        client (B) connect to server (C) without error.
        client (B) didn't connect to server (A). server (A) thinks client (B) is connected and shows bytes flowing, but client (B) didn't know.

        If I change the pre shared key on one side I get a cipher error as expected.

        The server logs:

        Feb 10 15:35:02 pfsense-er openvpn[48104]: Peer Connection Initiated with [AF_INET]78.42.74.173:33261
Feb 10 15:36:04 pfsense-er openvpn[48104]: Peer Connection Initiated with [AF_INET]78.42.74.173:40740
Feb 10 15:37:06 pfsense-er openvpn[48104]: Peer Connection Initiated with [AF_INET]78.42.74.173:62003
Feb 10 15:38:08 pfsense-er openvpn[48104]: Peer Connection Initiated with [AF_INET]78.42.74.173:21661
Feb 10 15:39:11 pfsense-er openvpn[48104]: Peer Connection Initiated with [AF_INET]78.42.74.173:51052
Feb 10 15:40:13 pfsense-er openvpn[48104]: Peer Connection Initiated with [AF_INET]78.42.74.173:38258
Feb 10 15:41:15 pfsense-er openvpn[48104]: Peer Connection Initiated with [AF_INET]78.42.74.173:63405
Feb 10 15:42:17 pfsense-er openvpn[48104]: Peer Connection Initiated with [AF_INET]78.42.74.173:64002
Feb 10 15:43:19 pfsense-er openvpn[48104]: Peer Connection Initiated with [AF_INET]78.42.74.173:11384
Feb 10 15:44:21 pfsense-er openvpn[48104]: Peer Connection Initiated with [AF_INET]78.42.74.173:12656
Feb 10 15:45:24 pfsense-er openvpn[48104]: Peer Connection Initiated with [AF_INET]78.42.74.173:7876
Feb 10 15:46:26 pfsense-er openvpn[48104]: Peer Connection Initiated with [AF_INET]78.42.74.173:58109

        The client logs:

        
Feb 10 15:43:19 pfsense-hd openvpn[89112]: Re-using pre-shared static key
Feb 10 15:43:19 pfsense-hd openvpn[89112]: Preserving previous TUN/TAP instance: ovpnc2
Feb 10 15:43:19 pfsense-hd openvpn[89112]: UDPv4 link local (bound): [AF_INET]78.42.74.173
Feb 10 15:43:19 pfsense-hd openvpn[89112]: UDPv4 link remote: [AF_INET]213.188.120.106:1194
Feb 10 15:44:19 pfsense-hd openvpn[89112]: Inactivity timeout (--ping-restart), restarting
Feb 10 15:44:19 pfsense-hd openvpn[89112]: SIGUSR1[soft,ping-restart] received, process restarting
Feb 10 15:44:21 pfsense-hd openvpn[89112]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Feb 10 15:44:21 pfsense-hd openvpn[89112]: Re-using pre-shared static key
Feb 10 15:44:21 pfsense-hd openvpn[89112]: Preserving previous TUN/TAP instance: ovpnc2
Feb 10 15:44:21 pfsense-hd openvpn[89112]: UDPv4 link local (bound): [AF_INET]78.42.74.173
Feb 10 15:44:21 pfsense-hd openvpn[89112]: UDPv4 link remote: [AF_INET]213.188.120.106:1194
Feb 10 15:45:22 pfsense-hd openvpn[89112]: Inactivity timeout (--ping-restart), restarting
Feb 10 15:45:22 pfsense-hd openvpn[89112]: SIGUSR1[soft,ping-restart] received, process restarting
Feb 10 15:45:24 pfsense-hd openvpn[89112]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Feb 10 15:45:24 pfsense-hd openvpn[89112]: Re-using pre-shared static key
Feb 10 15:45:24 pfsense-hd openvpn[89112]: Preserving previous TUN/TAP instance: ovpnc2
Feb 10 15:45:24 pfsense-hd openvpn[89112]: UDPv4 link local (bound): [AF_INET]78.42.74.173
Feb 10 15:45:24 pfsense-hd openvpn[89112]: UDPv4 link remote: [AF_INET]213.188.120.106:1194
Feb 10 15:46:24 pfsense-hd openvpn[89112]: Inactivity timeout (--ping-restart), restarting
Feb 10 15:46:24 pfsense-hd openvpn[89112]: SIGUSR1[soft,ping-restart] received, process restarting
Feb 10 15:46:26 pfsense-hd openvpn[89112]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Feb 10 15:46:26 pfsense-hd openvpn[89112]: Re-using pre-shared static key
Feb 10 15:46:26 pfsense-hd openvpn[89112]: Preserving previous TUN/TAP instance: ovpnc2
Feb 10 15:46:26 pfsense-hd openvpn[89112]: UDPv4 link local (bound): [AF_INET]78.42.74.173
Feb 10 15:46:26 pfsense-hd openvpn[89112]: UDPv4 link remote: [AF_INET]213.188.120.106:1194
Feb 10 15:47:26 pfsense-hd openvpn[89112]: Inactivity timeout (--ping-restart), restarting
Feb 10 15:47:26 pfsense-hd openvpn[89112]: SIGUSR1[soft,ping-restart] received, process restarting
Feb 10 15:47:28 pfsense-hd openvpn[89112]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Feb 10 15:47:28 pfsense-hd openvpn[89112]: Re-using pre-shared static key
Feb 10 15:47:28 pfsense-hd openvpn[89112]: Preserving previous TUN/TAP instance: ovpnc2
Feb 10 15:47:28 pfsense-hd openvpn[89112]: UDPv4 link local (bound): [AF_INET]78.42.74.173
Feb 10 15:47:28 pfsense-hd openvpn[89112]: UDPv4 link remote: [AF_INET]213.188.120.106:1194
        1 Reply Last reply Reply Quote 0
        • X
          xayumi
          last edited by Feb 19, 2013, 6:09 AM

          Same issue on 2.1-Beta1 Feb 17, 2013.

          1 Reply Last reply Reply Quote 0
          • X
            xayumi
            last edited by Feb 21, 2013, 9:31 AM

            Please kindly find the error as below, using android mobile client, it seems that when the throughput is over 3-4Mbps, then the connection start to drop.

            Feb 21 17:35:28 openvpn[99575]: calvin/182.239.65.158:47055 Connection reset, restarting [0]
            Feb 21 17:35:30 openvpn[99575]: TCP connection established with [AF_INET]182.239.65.158:36451
            Feb 21 17:35:34 openvpn: user 'xxxx' authenticated
            Feb 21 17:35:35 openvpn[99575]: 182.239.65.158:36451 [xxxx] Peer Connection Initiated with [AF_INET]182.239.65.158:36451
            Feb 21 17:35:35 openvpn[99575]: xxxx/182.239.65.158:36451 MULTI_sva: pool returned IPv4=10.10.111.10, IPv6=(Not enabled)
            Feb 21 17:35:36 openvpn[99575]: xxxx/182.239.65.158:36451 send_push_reply(): safe_cap=940

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received