Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN Servers restarts continuously

    OpenVPN
    4
    10
    2350
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cristofer1989 last edited by

      Hello.
      I have been using OpenVPN in pfsense for 2 years without any problem.
      Yesterday suddenly all my users started getting disconnected every 2 minutes.
      I saw the logs and I notice that the process restarts every few minutes, so I activated the verbose and there is the log:

      Jun 14 15:54:14 openvpn[93227]: Initialization Sequence Completed
      Jun 14 15:54:14 openvpn[93227]: TCPv4_SERVER link remote: [undef]
      Jun 14 15:54:14 openvpn[93227]: TCPv4_SERVER link local (bound): [AF_INET]XXX.XXX.XXX.XXX:443
      Jun 14 15:54:14 openvpn[93227]: Listening for incoming TCP connection on [AF_INET]XXX.XXX.XXX.XXX:443
      Jun 14 15:54:14 openvpn[92139]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
      Jun 14 15:54:14 openvpn[92139]: /sbin/ifconfig ovpns1 10.1.1.1 10.1.1.2 mtu 1500 netmask 255.255.255.255 up
      Jun 14 15:54:14 openvpn[92139]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Jun 14 15:54:14 openvpn[92139]: TUN/TAP device /dev/tun1 opened
      Jun 14 15:54:14 openvpn[92139]: TUN/TAP device ovpns1 exists previously, keep at program end
      Jun 14 15:54:14 openvpn[92139]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
      Jun 14 15:54:14 openvpn[92139]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
      Jun 14 15:54:14 openvpn[92139]: OpenVPN 2.3.2 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014
      Jun 14 15:54:14 openvpn[40411]: SIGTERM[hard,] received, process exiting
      Jun 14 15:54:14 openvpn[40411]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
      Jun 14 15:36:00 openvpn[40411]: USER/XXX.XXX.XXX.XXX:12816 Connection reset, restarting [0]
      Jun 14 15:35:32 openvpn[40411]: USER/XXX.XXX.XXX.XXX:12816 send_push_reply(): safe_cap=940
      Jun 14 15:35:30 openvpn[40411]: USER/XXX.XXX.XXX.XXX:12816 MULTI_sva: pool returned IPv4=10.1.1.6, IPv6=(Not enabled)
      Jun 14 15:35:30 openvpn[40411]: XXX.XXX.XXX.XXX:12816 [movil] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:12816
      Jun 14 15:35:30 openvpn: user 'USER' authenticated
      Jun 14 15:35:25 openvpn[40411]: TCP connection established with [AF_INET]XXX.XXX.XXX.XXX:12816
      Jun 14 15:27:47 openvpn[40411]: Initialization Sequence Completed
      Jun 14 15:27:47 openvpn[40411]: TCPv4_SERVER link remote: [undef]
      Jun 14 15:27:47 openvpn[40411]: TCPv4_SERVER link local (bound): [AF_INET]XXX.XXX.XXX.XXX:443
      Jun 14 15:27:47 openvpn[40411]: Listening for incoming TCP connection on [AF_INET]XXX.XXX.XXX.XXX:443
      Jun 14 15:27:47 openvpn[39793]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
      Jun 14 15:27:47 openvpn[39793]: /sbin/ifconfig ovpns1 10.1.1.1 10.1.1.2 mtu 1500 netmask 255.255.255.255 up
      Jun 14 15:27:47 openvpn[39793]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Jun 14 15:27:47 openvpn[39793]: TUN/TAP device /dev/tun1 opened
      Jun 14 15:27:47 openvpn[39793]: TUN/TAP device ovpns1 exists previously, keep at program end
      Jun 14 15:27:47 openvpn[39793]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
      Jun 14 15:27:47 openvpn[39793]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
      Jun 14 15:27:47 openvpn[39793]: OpenVPN 2.3.2 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014
      Jun 14 15:27:47 openvpn[87330]: SIGTERM[hard,] received, process exiting
      Jun 14 15:27:47 openvpn[87330]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
      Jun 14 15:27:47 openvpn[87330]: Closing TUN/TAP interface
      Jun 14 15:27:47 openvpn[87330]: /sbin/route delete -net 10.1.1.0 10.1.1.2 255.255.255.0
      Jun 14 15:27:47 openvpn[87330]: TCP/UDP: Closing socke

      It keeps restarting even without any user conected to it.
      Anyone know what's the problem???

      Here the verbose log:

      Jun 14 15:16:18 openvpn[87330]: Initialization Sequence Completed
      Jun 14 15:16:18 openvpn[87330]: MULTI: TCP INIT maxclients=20 maxevents=24
      Jun 14 15:16:18 openvpn[87330]: IFCONFIG POOL: base=10.1.1.4 size=62, ipv6=0
      Jun 14 15:16:18 openvpn[87330]: MULTI: multi_init called, r=256 v=256
      Jun 14 15:16:18 openvpn[87330]: TCPv4_SERVER link remote: [undef]
      Jun 14 15:16:18 openvpn[87330]: TCPv4_SERVER link local (bound): [AF_INET]XXX.XXX.XXX.XXX:443
      Jun 14 15:16:18 openvpn[87330]: Listening for incoming TCP connection on [AF_INET]XXX.XXX.XXX.XXX:443
      Jun 14 15:16:18 openvpn[85634]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
      Jun 14 15:16:18 openvpn[85634]: /sbin/route add -net 10.1.1.0 10.1.1.2 255.255.255.0
      Jun 14 15:16:18 openvpn[85634]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
      Jun 14 15:16:18 openvpn[85634]: /sbin/ifconfig ovpns1 10.1.1.1 10.1.1.2 mtu 1500 netmask 255.255.255.255 up
      Jun 14 15:16:18 openvpn[85634]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Jun 14 15:16:18 openvpn[85634]: TUN/TAP device /dev/tun1 opened
      Jun 14 15:16:18 openvpn[85634]: TUN/TAP device ovpns1 exists previously, keep at program end
      Jun 14 15:16:18 openvpn[85634]: ROUTE_GATEWAY XXX.XXX.XXX.XXX
      Jun 14 15:16:18 openvpn[85634]: Socket Buffers: R=[65228->65536] S=[65228->65536]
      Jun 14 15:16:18 openvpn[85634]: TLS-Auth MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
      Jun 14 15:16:18 openvpn[85634]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
      Jun 14 15:16:18 openvpn[85634]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
      Jun 14 15:16:18 openvpn[85634]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
      Jun 14 15:16:18 openvpn[85634]: Diffie-Hellman initialized with 1024 bit key
      Jun 14 15:16:18 openvpn[85634]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
      Jun 14 15:16:18 openvpn[85634]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/server1.sock
      Jun 14 15:16:18 openvpn[85634]: OpenVPN 2.3.2 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014
      Jun 14 15:16:18 openvpn[85634]: auth_user_pass_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: pull = DISABLED
      Jun 14 15:16:18 openvpn[85634]: client = DISABLED
      Jun 14 15:16:18 openvpn[85634]: port_share_port = 0
      Jun 14 15:16:18 openvpn[85634]: port_share_host = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: auth_user_pass_verify_script_via_file = DISABLED
      Jun 14 15:16:18 openvpn[85634]: auth_user_pass_verify_script = '/var/etc/openvpn/server1.php'
      Jun 14 15:16:18 openvpn[85634]: max_routes_per_client = 256
      Jun 14 15:16:18 openvpn[85634]: max_clients = 20
      Jun 14 15:16:18 openvpn[85634]: cf_per = 0
      Jun 14 15:16:18 openvpn[85634]: cf_max = 0
      Jun 14 15:16:18 openvpn[85634]: duplicate_cn = DISABLED
      Jun 14 15:16:18 openvpn[85634]: enable_c2c = ENABLED
      Jun 14 15:16:18 openvpn[85634]: push_ifconfig_ipv6_remote = ::
      Jun 14 15:16:18 openvpn[85634]: push_ifconfig_ipv6_local = ::/0
      Jun 14 15:16:18 openvpn[85634]: push_ifconfig_ipv6_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: push_ifconfig_remote_netmask = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: push_ifconfig_local = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: push_ifconfig_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: tmp_dir = '/tmp'
      Jun 14 15:16:18 openvpn[85634]: ccd_exclusive = DISABLED
      Jun 14 15:16:18 openvpn[85634]: client_config_dir = '/var/etc/openvpn-csc'
      Jun 14 15:16:18 openvpn[85634]: client_disconnect_script = '/usr/local/sbin/openvpn.attributes.sh'
      Jun 14 15:16:18 openvpn[85634]: learn_address_script = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: client_connect_script = '/usr/local/sbin/openvpn.attributes.sh'
      Jun 14 15:16:18 openvpn[85634]: virtual_hash_size = 256
      Jun 14 15:16:18 openvpn[85634]: real_hash_size = 256
      Jun 14 15:16:18 openvpn[85634]: tcp_queue_limit = 64
      Jun 14 15:16:18 openvpn[85634]: n_bcast_buf = 256
      Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_pool_netbits = 0
      Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_pool_base = ::
      Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_pool_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_persist_refresh_freq = 600
      Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_persist_filename = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_netmask = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_end = 10.1.1.251
      Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_start = 10.1.1.4
      Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_defined = ENABLED
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'ping-restart 60'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'ping 10'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'topology net30'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'route 10.1.1.0 255.255.255.0'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'redirect-gateway def1'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'dhcp-option DNS 10.1.1.1'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'dhcp-option DOMAIN domain.es'
      Jun 14 15:16:18 openvpn[85634]: push_entry = 'route 192.168.10.0 255.255.255.0'
      Jun 14 15:16:18 openvpn[85634]: server_bridge_pool_end = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: server_bridge_pool_start = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: server_bridge_netmask = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: server_bridge_ip = 0.0.0.0
      Jun 14 15:16:18 openvpn[85634]: server_netbits_ipv6 = 0
      Jun 14 15:16:18 openvpn[85634]: server_network_ipv6 = ::
      Jun 14 15:16:18 openvpn[85634]: server_netmask = 255.255.255.0
      Jun 14 15:16:18 openvpn[85634]: server_network = 10.1.1.0
      Jun 14 15:16:18 openvpn[85634]: tls_auth_file = '/var/etc/openvpn/server1.tls-auth'
      Jun 14 15:16:18 openvpn[85634]: tls_exit = DISABLED
      Jun 14 15:16:18 openvpn[85634]: push_peer_info = DISABLED
      Jun 14 15:16:18 openvpn[85634]: single_session = DISABLED
      Jun 14 15:16:18 openvpn[85634]: transition_window = 3600
      Jun 14 15:16:18 openvpn[85634]: handshake_window = 60
      Jun 14 15:16:18 openvpn[85634]: renegotiate_seconds = 3600
      Jun 14 15:16:18 openvpn[85634]: renegotiate_packets = 0
      Jun 14 15:16:18 openvpn[85634]: renegotiate_bytes = 0
      Jun 14 15:16:18 openvpn[85634]: tls_timeout = 2
      Jun 14 15:16:18 openvpn[85634]: ssl_flags = 2
      Jun 14 15:16:18 openvpn[85634]: remote_cert_eku = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
      Jun 14 15:16:18 openvpn[85634]: ns_cert_type = 0
      Jun 14 15:16:18 openvpn[85634]: crl_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: verify_x509_name = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: verify_x509_type = 0
      Jun 14 15:16:18 openvpn[85634]: tls_export_cert = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: tls_verify = '/var/etc/openvpn/server1.tls-verify.php'
      Jun 14 15:16:18 openvpn[85634]: cipher_list = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: pkcs12_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: priv_key_file = '/var/etc/openvpn/server1.key'
      Jun 14 15:16:18 openvpn[85634]: cert_file = '/var/etc/openvpn/server1.cert'
      Jun 14 15:16:18 openvpn[85634]: dh_file = '/etc/dh-parameters.1024'
      Jun 14 15:16:18 openvpn[85634]: ca_path = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: ca_file = '/var/etc/openvpn/server1.ca'
      Jun 14 15:16:18 openvpn[85634]: key_method = 2
      Jun 14 15:16:18 openvpn[85634]: tls_client = DISABLED
      Jun 14 15:16:18 openvpn[85634]: tls_server = ENABLED
      Jun 14 15:16:18 openvpn[85634]: test_crypto = DISABLED
      Jun 14 15:16:18 openvpn[85634]: use_iv = ENABLED
      Jun 14 15:16:18 openvpn[85634]: packet_id_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: replay_time = 15
      Jun 14 15:16:18 openvpn[85634]: replay_window = 64
      Jun 14 15:16:18 openvpn[85634]: mute_replay_warnings = DISABLED
      Jun 14 15:16:18 openvpn[85634]: replay = ENABLED
      Jun 14 15:16:18 openvpn[85634]: engine = DISABLED
      Jun 14 15:16:18 openvpn[85634]: keysize = 0
      Jun 14 15:16:18 openvpn[85634]: prng_nonce_secret_len = 16
      Jun 14 15:16:18 openvpn[85634]: prng_hash = 'SHA1'
      Jun 14 15:16:18 openvpn[85634]: authname = 'SHA1'
      Jun 14 15:16:18 openvpn[85634]: authname_defined = ENABLED
      Jun 14 15:16:18 openvpn[85634]: ciphername = 'AES-128-CBC'
      Jun 14 15:16:18 openvpn[85634]: ciphername_defined = ENABLED
      Jun 14 15:16:18 openvpn[85634]: key_direction = 1
      Jun 14 15:16:18 openvpn[85634]: shared_secret_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: management_flags = 256
      Jun 14 15:16:18 openvpn[85634]: management_client_group = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: management_client_user = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: management_write_peer_info_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: management_echo_buffer_size = 100
      Jun 14 15:16:18 openvpn[85634]: management_log_history_cache = 250
      Jun 14 15:16:18 openvpn[85634]: management_user_pass = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: management_port = 0
      Jun 14 15:16:18 openvpn[85634]: management_addr = '/var/etc/openvpn/server1.sock'
      Jun 14 15:16:18 openvpn[85634]: route 10.1.1.0/255.255.255.0/nil/nil
      Jun 14 15:16:18 openvpn[85634]: allow_pull_fqdn = DISABLED
      Jun 14 15:16:18 openvpn[85634]: max_routes = 100
      Jun 14 15:16:18 openvpn[85634]: route_gateway_via_dhcp = DISABLED
      Jun 14 15:16:18 openvpn[85634]: route_nopull = DISABLED
      Jun 14 15:16:18 openvpn[85634]: route_delay_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: route_delay_window = 30
      Jun 14 15:16:18 openvpn[85634]: route_delay = 0
      Jun 14 15:16:18 openvpn[85634]: route_noexec = DISABLED
      Jun 14 15:16:18 openvpn[85634]: route_default_metric = 0
      Jun 14 15:16:18 openvpn[85634]: route_default_gateway = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: route_script = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: lzo = 7
      Jun 14 15:16:18 openvpn[85634]: fast_io = DISABLED
      Jun 14 15:16:18 openvpn[85634]: sockflags = 0
      Jun 14 15:16:18 openvpn[85634]: sndbuf = 65536
      Jun 14 15:16:18 openvpn[85634]: rcvbuf = 65536
      Jun 14 15:16:18 openvpn[85634]: occ = ENABLED
      Jun 14 15:16:18 openvpn[85634]: status_file_update_freq = 60
      Jun 14 15:16:18 openvpn[85634]: status_file_version = 1
      Jun 14 15:16:18 openvpn[85634]: status_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: gremlin = 0
      Jun 14 15:16:18 openvpn[85634]: mute = 0
      Jun 14 15:16:18 openvpn[85634]: verbosity = 5
      Jun 14 15:16:18 openvpn[85634]: nice = 0
      Jun 14 15:16:18 openvpn[85634]: suppress_timestamps = DISABLED
      Jun 14 15:16:18 openvpn[85634]: log = DISABLED
      Jun 14 15:16:18 openvpn[85634]: inetd = 0
      Jun 14 15:16:18 openvpn[85634]: daemon = ENABLED
      Jun 14 15:16:18 openvpn[85634]: up_delay = DISABLED
      Jun 14 15:16:18 openvpn[85634]: up_restart = DISABLED
      Jun 14 15:16:18 openvpn[85634]: down_pre = DISABLED
      Jun 14 15:16:18 openvpn[85634]: down_script = '/usr/local/sbin/ovpn-linkdown'
      Jun 14 15:16:18 openvpn[85634]: up_script = '/usr/local/sbin/ovpn-linkup'
      Jun 14 15:16:18 openvpn[85634]: writepid = '/var/run/openvpn_server1.pid'
      Jun 14 15:16:18 openvpn[85634]: cd_dir = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: chroot_dir = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: groupname = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: username = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: resolve_retry_seconds = 1000000000
      Jun 14 15:16:18 openvpn[85634]: passtos = DISABLED
      Jun 14 15:16:18 openvpn[85634]: persist_key = ENABLED
      Jun 14 15:16:18 openvpn[85634]: persist_remote_ip = ENABLED
      Jun 14 15:16:18 openvpn[85634]: persist_local_ip = DISABLED
      Jun 14 15:16:18 openvpn[85634]: persist_tun = ENABLED
      Jun 14 15:16:18 openvpn[85634]: remap_sigusr1 = 0
      Jun 14 15:16:18 openvpn[85634]: ping_timer_remote = ENABLED
      Jun 14 15:16:18 openvpn[85634]: ping_rec_timeout_action = 2
      Jun 14 15:16:18 openvpn[85634]: ping_rec_timeout = 120
      Jun 14 15:16:18 openvpn[85634]: ping_send_timeout = 10
      Jun 14 15:16:18 openvpn[85634]: inactivity_timeout = 0
      Jun 14 15:16:18 openvpn[85634]: keepalive_timeout = 60
      Jun 14 15:16:18 openvpn[85634]: keepalive_ping = 10
      Jun 14 15:16:18 openvpn[85634]: mlock = DISABLED
      Jun 14 15:16:18 openvpn[85634]: mtu_test = 0
      Jun 14 15:16:18 openvpn[85634]: shaper = 0
      Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_remote = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_netbits = 0
      Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_local = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: ifconfig_nowarn = DISABLED
      Jun 14 15:16:18 openvpn[85634]: ifconfig_noexec = DISABLED
      Jun 14 15:16:18 openvpn[85634]: ifconfig_remote_netmask = '10.1.1.2'
      Jun 14 15:16:18 openvpn[85634]: ifconfig_local = '10.1.1.1'
      Jun 14 15:16:18 openvpn[85634]: tun_ipv6 = ENABLED
      Jun 14 15:16:18 openvpn[85634]: topology = 1
      Jun 14 15:16:18 openvpn[85634]: lladdr = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: dev_node = '/dev/tun1'
      Jun 14 15:16:18 openvpn[85634]: dev_type = 'tun'
      Jun 14 15:16:18 openvpn[85634]: dev = 'ovpns1'
      Jun 14 15:16:18 openvpn[85634]: ipchange = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: remote_random = DISABLED
      Jun 14 15:16:18 openvpn[85634]: Connection profiles END
      Jun 14 15:16:18 openvpn[85634]: explicit_exit_notification = 0
      Jun 14 15:16:18 openvpn[85634]: mssfix = 1450
      Jun 14 15:16:18 openvpn[85634]: fragment = 0
      Jun 14 15:16:18 openvpn[85634]: mtu_discover_type = -1
      Jun 14 15:16:18 openvpn[85634]: tun_mtu_extra_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: tun_mtu_extra = 0
      Jun 14 15:16:18 openvpn[85634]: link_mtu_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: link_mtu = 1500
      Jun 14 15:16:18 openvpn[85634]: tun_mtu_defined = ENABLED
      Jun 14 15:16:18 openvpn[85634]: tun_mtu = 1500
      Jun 14 15:16:18 openvpn[85634]: socks_proxy_retry = DISABLED
      Jun 14 15:16:18 openvpn[85634]: socks_proxy_port = 0
      Jun 14 15:16:18 openvpn[85634]: socks_proxy_server = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: connect_retry_max = 0
      Jun 14 15:16:18 openvpn[85634]: connect_timeout = 10
      Jun 14 15:16:18 openvpn[85634]: connect_retry_seconds = 5
      Jun 14 15:16:18 openvpn[85634]: bind_local = ENABLED
      Jun 14 15:16:18 openvpn[85634]: bind_defined = DISABLED
      Jun 14 15:16:18 openvpn[85634]: remote_float = ENABLED
      Jun 14 15:16:18 openvpn[85634]: remote_port = 1194
      Jun 14 15:16:18 openvpn[85634]: remote = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: local_port = 443
      Jun 14 15:16:18 openvpn[85634]: local = 'XXX.XXX.XXX.XXX'
      Jun 14 15:16:18 openvpn[85634]: proto = tcp-server
      Jun 14 15:16:18 openvpn[85634]: Connection profiles [default]:
      Jun 14 15:16:18 openvpn[85634]: show_tls_ciphers = DISABLED
      Jun 14 15:16:18 openvpn[85634]: key_pass_file = '[UNDEF]'
      Jun 14 15:16:18 openvpn[85634]: genkey = DISABLED
      Jun 14 15:16:18 openvpn[85634]: show_engines = DISABLED
      Jun 14 15:16:18 openvpn[85634]: show_digests = DISABLED
      Jun 14 15:16:18 openvpn[85634]: show_ciphers = DISABLED
      Jun 14 15:16:18 openvpn[85634]: mode = 1
      Jun 14 15:16:18 openvpn[85634]: config = '/var/etc/openvpn/server1.conf'
      Jun 14 15:16:18 openvpn[85634]: Current Parameter Settings:
      Jun 14 15:14:09 openvpn[6589]: SIGTERM[hard,] received, process exiting
      Jun 14 15:14:09 openvpn[6589]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
      Jun 14 15:14:09 openvpn[6589]: Closing TUN/TAP interface
      Jun 14 15:14:09 openvpn[6589]: /sbin/route delete -net 10.1.1.0 10.1.1.2 255.255.255.0
      Jun 14 15:14:09 openvpn[6589]: TCP/UDP: Closing socket
      Jun 14 15:14:07 openvpn[6589]: TCP/UDP: Closing socket

      1 Reply Last reply Reply Quote 0
      • M
        mxbsuper last edited by

        Hi There,

        I had this problem today and found that disabling LZO Header Compression cured it for me.

        Regards

        Mark

        1 Reply Last reply Reply Quote 0
        • C
          cristofer1989 last edited by

          @mxbsuper:

          Hi There,

          I had this problem today and found that disabling LZO Header Compression cured it for me.

          Regards

          Mark

          Thanks for the answer but it doesn't work for me. I disabled LZO Compression and it still is restarting every 5 minutes :(

          1 Reply Last reply Reply Quote 0
          • C
            cristofer1989 last edited by

            I have reinstalled pfsense from 0 in another machine and exactly the same problem… I must stop using pfsense to openvpn...

            1 Reply Last reply Reply Quote 0
            • ?
              Guest last edited by

              Have look, two potential issues:

              https://forum.pfsense.org/index.php?topic=76975.msg426742#msg426742

              latency is going up, apparently…

              1 Reply Last reply Reply Quote 0
              • C
                cristofer1989 last edited by

                @chemlud:

                Have look, two potential issues:

                https://forum.pfsense.org/index.php?topic=76975.msg426742#msg426742

                latency is going up, apparently…

                Thank you for the answer.
                I edited the file as the post says but it got even worst… now the server restarts every 10 seconds...
                EDIT: I notice that my latency sometimes is avobe 600ms, so I change the latency range from 1000 to 2000 in order to check...
                EDIT2: Even changing the values it continues failing, so I disabled the gateway monitoring
                EDIT3: Nothing... even with the monitorization disabled it keeps restarting...

                1 Reply Last reply Reply Quote 0
                • ?
                  Guest last edited by

                  You should investigate the systlog (not the openVPN log), as something is restarting the openVPN service (as after a new WAN IP had been obtained) to find out what is causing the restartings…

                  1 Reply Last reply Reply Quote 0
                  • H
                    heper last edited by

                    https://redmine.pfsense.org/issues/3669

                    might be this … try disabling gateway-monitoring on the openvpn-interface.
                    if that solves it, manually patch issue 3669 or gitsync or wait for 2.1.4-release

                    1 Reply Last reply Reply Quote 0
                    • ?
                      Guest last edited by

                      @cristofer1989:

                      …
                      EDIT3: Nothing... even with the monitorization disabled it keeps restarting...

                      ;)

                      1 Reply Last reply Reply Quote 0
                      • C
                        cristofer1989 last edited by

                        The problem is solved for now.
                        I stopped the apinger service manually and it stops restarting.
                        Every 5 minutes that service made a "alert" of gateway down, but it isn't true… the gateway was ok all time.
                        For now, I will keep that service down.
                        Thank you for your answers :)

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post

                        Products

                        • Platform Overview
                        • TNSR
                        • pfSense
                        • Appliances

                        Services

                        • Training
                        • Professional Services

                        Support

                        • Subscription Plans
                        • Contact Support
                        • Product Lifecycle
                        • Documentation

                        News

                        • Media Coverage
                        • Press
                        • Events

                        Resources

                        • Blog
                        • FAQ
                        • Find a Partner
                        • Resource Library
                        • Security Information

                        Company

                        • About Us
                        • Careers
                        • Partners
                        • Contact Us
                        • Legal
                        Our Mission

                        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                        Subscribe to our Newsletter

                        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                        © 2021 Rubicon Communications, LLC | Privacy Policy