OPENVPN Drops connection



  • I have OPENVPN Client running on my pfsense.  Everything seems to work great, I have the routing/interface/firewall rules and NAT setup as per the default instructions.

    My gateway for my LAN is 172.22.22.1 which is also my pfsense IP address (naturally)  I have called the VPN connection:

    MYVPN

    Now to my issue.  As many know already, OpenVPN can sometimes loose connection for reasons unknown.  This happens to me periodically.  I have been scouting the great WWW to find a solution, but can't seem to find anything that suits my needs.  I stumbled on failover and another post that some guy wrote a PHP script.  Neither of these I really understand that much to be honest.

    So my question is.  Is failover the solution to monitoring my traffic and switching over the connection upon fail.  Or is there a more robust package that can take care of this issue.

    I will ask though, if some kind ladies or gents do reply, can you please give baby steps so that I understand what it is I need to do exactly.

    Many thanks in advance. ???



  • Post more information so we can help:
    a) What is the server end? (another pfSense, an OpenVPN provider…)
    b) How do you specify the server end? (a DNS name, a static IP address...)
    c) What sort of failures do you see? (is it trying to reconnect every minute, but not succeeding, or has the OpenVPN client process died completely... - OpenVN logs)
    d) OpenVPN client conf file
    e) What type of physical internet connection do you have? and do you see any packet loss (e.g. on gateway monitor)?
    f) Anything else you think might be interesting about your setup.



  • Sorry for the late reply.  I have been bogged down with work.

    So here are my answers:

    a) What is the server end? (another pfSense, an OpenVPN provider…)

    OpenVPN provider

    b) How do you specify the server end? (a DNS name, a static IP address…)

    DNS name

    c) What sort of failures do you see? (is it trying to reconnect every minute, but not succeeding, or has the OpenVPN client process died completely… - OpenVN logs)

    openvpn[12214]: RESOLVE: Cannot resolve host address:

    d) OpenVPN client conf file

     [color] 
    
     <openvpn><openvpn-client><vpnid>1</vpnid>
    			<protocol>UDP</protocol>
    			<dev_mode>tun</dev_mode>
    			 <ipaddr><interface>wan</interface>
    			 <local_port><server_addr>vpn.myvpnprovider.com</server_addr>
    			<server_port>1194</server_port>
    			 <resolve_retry><proxy_addr><proxy_port><proxy_authtype>none</proxy_authtype>
    			 <proxy_user><proxy_passwd><mode>p2p_tls</mode>
    			<custom_options>auth-user-pass /etc/openvpn-passwd.txt;persist-tun;keepalive 10 60;</custom_options>
    			<caref>5186a2372a50b</caref>
    			<certref>5186a29ecfa1d</certref>
    			<crypto>BF-CBC</crypto>
    			<engine>none</engine>
    			 <tunnel_network><remote_network><use_shaper><compression>yes</compression>
    			 <passtos></passtos></use_shaper></remote_network></tunnel_network></proxy_passwd></proxy_user></proxy_port></proxy_addr></resolve_retry></local_port></ipaddr></openvpn-client> 
    
    [/color]</openvpn>
    

    e) What type of physical internet connection do you have? and do you see any packet loss (e.g. on gateway monitor)?

    ADSL2 and no packet loss

    f) Anything else you think might be interesting about your setup.

    I have an interface setup as VPN and the routes setup accordingly.  Also I am using NAT to pass all LAN traffic through the VPN interface