4. OpenVPN Servers restarts continuously

OpenVPN Servers restarts continuously

  • C

    Hello.
    I have been using OpenVPN in pfsense for 2 years without any problem.
    Yesterday suddenly all my users started getting disconnected every 2 minutes.
    I saw the logs and I notice that the process restarts every few minutes, so I activated the verbose and there is the log:

    Jun 14 15:54:14 openvpn[93227]: Initialization Sequence Completed
    Jun 14 15:54:14 openvpn[93227]: TCPv4_SERVER link remote: [undef]
    Jun 14 15:54:14 openvpn[93227]: TCPv4_SERVER link local (bound): [AF_INET]XXX.XXX.XXX.XXX:443
    Jun 14 15:54:14 openvpn[93227]: Listening for incoming TCP connection on [AF_INET]XXX.XXX.XXX.XXX:443
    Jun 14 15:54:14 openvpn[92139]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
    Jun 14 15:54:14 openvpn[92139]: /sbin/ifconfig ovpns1 10.1.1.1 10.1.1.2 mtu 1500 netmask 255.255.255.255 up
    Jun 14 15:54:14 openvpn[92139]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
    Jun 14 15:54:14 openvpn[92139]: TUN/TAP device /dev/tun1 opened
    Jun 14 15:54:14 openvpn[92139]: TUN/TAP device ovpns1 exists previously, keep at program end
    Jun 14 15:54:14 openvpn[92139]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
    Jun 14 15:54:14 openvpn[92139]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
    Jun 14 15:54:14 openvpn[92139]: OpenVPN 2.3.2 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014
    Jun 14 15:54:14 openvpn[40411]: SIGTERM[hard,] received, process exiting
    Jun 14 15:54:14 openvpn[40411]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
    Jun 14 15:36:00 openvpn[40411]: USER/XXX.XXX.XXX.XXX:12816 Connection reset, restarting [0]
    Jun 14 15:35:32 openvpn[40411]: USER/XXX.XXX.XXX.XXX:12816 send_push_reply(): safe_cap=940
    Jun 14 15:35:30 openvpn[40411]: USER/XXX.XXX.XXX.XXX:12816 MULTI_sva: pool returned IPv4=10.1.1.6, IPv6=(Not enabled)
    Jun 14 15:35:30 openvpn[40411]: XXX.XXX.XXX.XXX:12816 [movil] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:12816
    Jun 14 15:35:30 openvpn: user 'USER' authenticated
    Jun 14 15:35:25 openvpn[40411]: TCP connection established with [AF_INET]XXX.XXX.XXX.XXX:12816
    Jun 14 15:27:47 openvpn[40411]: Initialization Sequence Completed
    Jun 14 15:27:47 openvpn[40411]: TCPv4_SERVER link remote: [undef]
    Jun 14 15:27:47 openvpn[40411]: TCPv4_SERVER link local (bound): [AF_INET]XXX.XXX.XXX.XXX:443
    Jun 14 15:27:47 openvpn[40411]: Listening for incoming TCP connection on [AF_INET]XXX.XXX.XXX.XXX:443
    Jun 14 15:27:47 openvpn[39793]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
    Jun 14 15:27:47 openvpn[39793]: /sbin/ifconfig ovpns1 10.1.1.1 10.1.1.2 mtu 1500 netmask 255.255.255.255 up
    Jun 14 15:27:47 openvpn[39793]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
    Jun 14 15:27:47 openvpn[39793]: TUN/TAP device /dev/tun1 opened
    Jun 14 15:27:47 openvpn[39793]: TUN/TAP device ovpns1 exists previously, keep at program end
    Jun 14 15:27:47 openvpn[39793]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
    Jun 14 15:27:47 openvpn[39793]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
    Jun 14 15:27:47 openvpn[39793]: OpenVPN 2.3.2 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014
    Jun 14 15:27:47 openvpn[87330]: SIGTERM[hard,] received, process exiting
    Jun 14 15:27:47 openvpn[87330]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
    Jun 14 15:27:47 openvpn[87330]: Closing TUN/TAP interface
    Jun 14 15:27:47 openvpn[87330]: /sbin/route delete -net 10.1.1.0 10.1.1.2 255.255.255.0
    Jun 14 15:27:47 openvpn[87330]: TCP/UDP: Closing socke

    It keeps restarting even without any user conected to it.
    Anyone know what's the problem???

    Here the verbose log:

    Jun 14 15:16:18 openvpn[87330]: Initialization Sequence Completed
    Jun 14 15:16:18 openvpn[87330]: MULTI: TCP INIT maxclients=20 maxevents=24
    Jun 14 15:16:18 openvpn[87330]: IFCONFIG POOL: base=10.1.1.4 size=62, ipv6=0
    Jun 14 15:16:18 openvpn[87330]: MULTI: multi_init called, r=256 v=256
    Jun 14 15:16:18 openvpn[87330]: TCPv4_SERVER link remote: [undef]
    Jun 14 15:16:18 openvpn[87330]: TCPv4_SERVER link local (bound): [AF_INET]XXX.XXX.XXX.XXX:443
    Jun 14 15:16:18 openvpn[87330]: Listening for incoming TCP connection on [AF_INET]XXX.XXX.XXX.XXX:443
    Jun 14 15:16:18 openvpn[85634]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
    Jun 14 15:16:18 openvpn[85634]: /sbin/route add -net 10.1.1.0 10.1.1.2 255.255.255.0
    Jun 14 15:16:18 openvpn[85634]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
    Jun 14 15:16:18 openvpn[85634]: /sbin/ifconfig ovpns1 10.1.1.1 10.1.1.2 mtu 1500 netmask 255.255.255.255 up
    Jun 14 15:16:18 openvpn[85634]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
    Jun 14 15:16:18 openvpn[85634]: TUN/TAP device /dev/tun1 opened
    Jun 14 15:16:18 openvpn[85634]: TUN/TAP device ovpns1 exists previously, keep at program end
    Jun 14 15:16:18 openvpn[85634]: ROUTE_GATEWAY XXX.XXX.XXX.XXX
    Jun 14 15:16:18 openvpn[85634]: Socket Buffers: R=[65228->65536] S=[65228->65536]
    Jun 14 15:16:18 openvpn[85634]: TLS-Auth MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
    Jun 14 15:16:18 openvpn[85634]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    Jun 14 15:16:18 openvpn[85634]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    Jun 14 15:16:18 openvpn[85634]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
    Jun 14 15:16:18 openvpn[85634]: Diffie-Hellman initialized with 1024 bit key
    Jun 14 15:16:18 openvpn[85634]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
    Jun 14 15:16:18 openvpn[85634]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/server1.sock
    Jun 14 15:16:18 openvpn[85634]: OpenVPN 2.3.2 amd64-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014
    Jun 14 15:16:18 openvpn[85634]: auth_user_pass_file = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: pull = DISABLED
    Jun 14 15:16:18 openvpn[85634]: client = DISABLED
    Jun 14 15:16:18 openvpn[85634]: port_share_port = 0
    Jun 14 15:16:18 openvpn[85634]: port_share_host = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: auth_user_pass_verify_script_via_file = DISABLED
    Jun 14 15:16:18 openvpn[85634]: auth_user_pass_verify_script = '/var/etc/openvpn/server1.php'
    Jun 14 15:16:18 openvpn[85634]: max_routes_per_client = 256
    Jun 14 15:16:18 openvpn[85634]: max_clients = 20
    Jun 14 15:16:18 openvpn[85634]: cf_per = 0
    Jun 14 15:16:18 openvpn[85634]: cf_max = 0
    Jun 14 15:16:18 openvpn[85634]: duplicate_cn = DISABLED
    Jun 14 15:16:18 openvpn[85634]: enable_c2c = ENABLED
    Jun 14 15:16:18 openvpn[85634]: push_ifconfig_ipv6_remote = ::
    Jun 14 15:16:18 openvpn[85634]: push_ifconfig_ipv6_local = ::/0
    Jun 14 15:16:18 openvpn[85634]: push_ifconfig_ipv6_defined = DISABLED
    Jun 14 15:16:18 openvpn[85634]: push_ifconfig_remote_netmask = 0.0.0.0
    Jun 14 15:16:18 openvpn[85634]: push_ifconfig_local = 0.0.0.0
    Jun 14 15:16:18 openvpn[85634]: push_ifconfig_defined = DISABLED
    Jun 14 15:16:18 openvpn[85634]: tmp_dir = '/tmp'
    Jun 14 15:16:18 openvpn[85634]: ccd_exclusive = DISABLED
    Jun 14 15:16:18 openvpn[85634]: client_config_dir = '/var/etc/openvpn-csc'
    Jun 14 15:16:18 openvpn[85634]: client_disconnect_script = '/usr/local/sbin/openvpn.attributes.sh'
    Jun 14 15:16:18 openvpn[85634]: learn_address_script = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: client_connect_script = '/usr/local/sbin/openvpn.attributes.sh'
    Jun 14 15:16:18 openvpn[85634]: virtual_hash_size = 256
    Jun 14 15:16:18 openvpn[85634]: real_hash_size = 256
    Jun 14 15:16:18 openvpn[85634]: tcp_queue_limit = 64
    Jun 14 15:16:18 openvpn[85634]: n_bcast_buf = 256
    Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_pool_netbits = 0
    Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_pool_base = ::
    Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_pool_defined = DISABLED
    Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_persist_refresh_freq = 600
    Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_persist_filename = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_netmask = 0.0.0.0
    Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_end = 10.1.1.251
    Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_start = 10.1.1.4
    Jun 14 15:16:18 openvpn[85634]: ifconfig_pool_defined = ENABLED
    Jun 14 15:16:18 openvpn[85634]: push_entry = 'ping-restart 60'
    Jun 14 15:16:18 openvpn[85634]: push_entry = 'ping 10'
    Jun 14 15:16:18 openvpn[85634]: push_entry = 'topology net30'
    Jun 14 15:16:18 openvpn[85634]: push_entry = 'route 10.1.1.0 255.255.255.0'
    Jun 14 15:16:18 openvpn[85634]: push_entry = 'redirect-gateway def1'
    Jun 14 15:16:18 openvpn[85634]: push_entry = 'dhcp-option DNS 10.1.1.1'
    Jun 14 15:16:18 openvpn[85634]: push_entry = 'dhcp-option DOMAIN domain.es'
    Jun 14 15:16:18 openvpn[85634]: push_entry = 'route 192.168.10.0 255.255.255.0'
    Jun 14 15:16:18 openvpn[85634]: server_bridge_pool_end = 0.0.0.0
    Jun 14 15:16:18 openvpn[85634]: server_bridge_pool_start = 0.0.0.0
    Jun 14 15:16:18 openvpn[85634]: server_bridge_netmask = 0.0.0.0
    Jun 14 15:16:18 openvpn[85634]: server_bridge_ip = 0.0.0.0
    Jun 14 15:16:18 openvpn[85634]: server_netbits_ipv6 = 0
    Jun 14 15:16:18 openvpn[85634]: server_network_ipv6 = ::
    Jun 14 15:16:18 openvpn[85634]: server_netmask = 255.255.255.0
    Jun 14 15:16:18 openvpn[85634]: server_network = 10.1.1.0
    Jun 14 15:16:18 openvpn[85634]: tls_auth_file = '/var/etc/openvpn/server1.tls-auth'
    Jun 14 15:16:18 openvpn[85634]: tls_exit = DISABLED
    Jun 14 15:16:18 openvpn[85634]: push_peer_info = DISABLED
    Jun 14 15:16:18 openvpn[85634]: single_session = DISABLED
    Jun 14 15:16:18 openvpn[85634]: transition_window = 3600
    Jun 14 15:16:18 openvpn[85634]: handshake_window = 60
    Jun 14 15:16:18 openvpn[85634]: renegotiate_seconds = 3600
    Jun 14 15:16:18 openvpn[85634]: renegotiate_packets = 0
    Jun 14 15:16:18 openvpn[85634]: renegotiate_bytes = 0
    Jun 14 15:16:18 openvpn[85634]: tls_timeout = 2
    Jun 14 15:16:18 openvpn[85634]: ssl_flags = 2
    Jun 14 15:16:18 openvpn[85634]: remote_cert_eku = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: remote_cert_ku = 0
    Jun 14 15:16:18 openvpn[85634]: ns_cert_type = 0
    Jun 14 15:16:18 openvpn[85634]: crl_file = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: verify_x509_name = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: verify_x509_type = 0
    Jun 14 15:16:18 openvpn[85634]: tls_export_cert = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: tls_verify = '/var/etc/openvpn/server1.tls-verify.php'
    Jun 14 15:16:18 openvpn[85634]: cipher_list = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: pkcs12_file = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: priv_key_file = '/var/etc/openvpn/server1.key'
    Jun 14 15:16:18 openvpn[85634]: cert_file = '/var/etc/openvpn/server1.cert'
    Jun 14 15:16:18 openvpn[85634]: dh_file = '/etc/dh-parameters.1024'
    Jun 14 15:16:18 openvpn[85634]: ca_path = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: ca_file = '/var/etc/openvpn/server1.ca'
    Jun 14 15:16:18 openvpn[85634]: key_method = 2
    Jun 14 15:16:18 openvpn[85634]: tls_client = DISABLED
    Jun 14 15:16:18 openvpn[85634]: tls_server = ENABLED
    Jun 14 15:16:18 openvpn[85634]: test_crypto = DISABLED
    Jun 14 15:16:18 openvpn[85634]: use_iv = ENABLED
    Jun 14 15:16:18 openvpn[85634]: packet_id_file = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: replay_time = 15
    Jun 14 15:16:18 openvpn[85634]: replay_window = 64
    Jun 14 15:16:18 openvpn[85634]: mute_replay_warnings = DISABLED
    Jun 14 15:16:18 openvpn[85634]: replay = ENABLED
    Jun 14 15:16:18 openvpn[85634]: engine = DISABLED
    Jun 14 15:16:18 openvpn[85634]: keysize = 0
    Jun 14 15:16:18 openvpn[85634]: prng_nonce_secret_len = 16
    Jun 14 15:16:18 openvpn[85634]: prng_hash = 'SHA1'
    Jun 14 15:16:18 openvpn[85634]: authname = 'SHA1'
    Jun 14 15:16:18 openvpn[85634]: authname_defined = ENABLED
    Jun 14 15:16:18 openvpn[85634]: ciphername = 'AES-128-CBC'
    Jun 14 15:16:18 openvpn[85634]: ciphername_defined = ENABLED
    Jun 14 15:16:18 openvpn[85634]: key_direction = 1
    Jun 14 15:16:18 openvpn[85634]: shared_secret_file = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: management_flags = 256
    Jun 14 15:16:18 openvpn[85634]: management_client_group = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: management_client_user = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: management_write_peer_info_file = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: management_echo_buffer_size = 100
    Jun 14 15:16:18 openvpn[85634]: management_log_history_cache = 250
    Jun 14 15:16:18 openvpn[85634]: management_user_pass = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: management_port = 0
    Jun 14 15:16:18 openvpn[85634]: management_addr = '/var/etc/openvpn/server1.sock'
    Jun 14 15:16:18 openvpn[85634]: route 10.1.1.0/255.255.255.0/nil/nil
    Jun 14 15:16:18 openvpn[85634]: allow_pull_fqdn = DISABLED
    Jun 14 15:16:18 openvpn[85634]: max_routes = 100
    Jun 14 15:16:18 openvpn[85634]: route_gateway_via_dhcp = DISABLED
    Jun 14 15:16:18 openvpn[85634]: route_nopull = DISABLED
    Jun 14 15:16:18 openvpn[85634]: route_delay_defined = DISABLED
    Jun 14 15:16:18 openvpn[85634]: route_delay_window = 30
    Jun 14 15:16:18 openvpn[85634]: route_delay = 0
    Jun 14 15:16:18 openvpn[85634]: route_noexec = DISABLED
    Jun 14 15:16:18 openvpn[85634]: route_default_metric = 0
    Jun 14 15:16:18 openvpn[85634]: route_default_gateway = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: route_script = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: lzo = 7
    Jun 14 15:16:18 openvpn[85634]: fast_io = DISABLED
    Jun 14 15:16:18 openvpn[85634]: sockflags = 0
    Jun 14 15:16:18 openvpn[85634]: sndbuf = 65536
    Jun 14 15:16:18 openvpn[85634]: rcvbuf = 65536
    Jun 14 15:16:18 openvpn[85634]: occ = ENABLED
    Jun 14 15:16:18 openvpn[85634]: status_file_update_freq = 60
    Jun 14 15:16:18 openvpn[85634]: status_file_version = 1
    Jun 14 15:16:18 openvpn[85634]: status_file = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: gremlin = 0
    Jun 14 15:16:18 openvpn[85634]: mute = 0
    Jun 14 15:16:18 openvpn[85634]: verbosity = 5
    Jun 14 15:16:18 openvpn[85634]: nice = 0
    Jun 14 15:16:18 openvpn[85634]: suppress_timestamps = DISABLED
    Jun 14 15:16:18 openvpn[85634]: log = DISABLED
    Jun 14 15:16:18 openvpn[85634]: inetd = 0
    Jun 14 15:16:18 openvpn[85634]: daemon = ENABLED
    Jun 14 15:16:18 openvpn[85634]: up_delay = DISABLED
    Jun 14 15:16:18 openvpn[85634]: up_restart = DISABLED
    Jun 14 15:16:18 openvpn[85634]: down_pre = DISABLED
    Jun 14 15:16:18 openvpn[85634]: down_script = '/usr/local/sbin/ovpn-linkdown'
    Jun 14 15:16:18 openvpn[85634]: up_script = '/usr/local/sbin/ovpn-linkup'
    Jun 14 15:16:18 openvpn[85634]: writepid = '/var/run/openvpn_server1.pid'
    Jun 14 15:16:18 openvpn[85634]: cd_dir = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: chroot_dir = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: groupname = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: username = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: resolve_retry_seconds = 1000000000
    Jun 14 15:16:18 openvpn[85634]: passtos = DISABLED
    Jun 14 15:16:18 openvpn[85634]: persist_key = ENABLED
    Jun 14 15:16:18 openvpn[85634]: persist_remote_ip = ENABLED
    Jun 14 15:16:18 openvpn[85634]: persist_local_ip = DISABLED
    Jun 14 15:16:18 openvpn[85634]: persist_tun = ENABLED
    Jun 14 15:16:18 openvpn[85634]: remap_sigusr1 = 0
    Jun 14 15:16:18 openvpn[85634]: ping_timer_remote = ENABLED
    Jun 14 15:16:18 openvpn[85634]: ping_rec_timeout_action = 2
    Jun 14 15:16:18 openvpn[85634]: ping_rec_timeout = 120
    Jun 14 15:16:18 openvpn[85634]: ping_send_timeout = 10
    Jun 14 15:16:18 openvpn[85634]: inactivity_timeout = 0
    Jun 14 15:16:18 openvpn[85634]: keepalive_timeout = 60
    Jun 14 15:16:18 openvpn[85634]: keepalive_ping = 10
    Jun 14 15:16:18 openvpn[85634]: mlock = DISABLED
    Jun 14 15:16:18 openvpn[85634]: mtu_test = 0
    Jun 14 15:16:18 openvpn[85634]: shaper = 0
    Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_remote = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_netbits = 0
    Jun 14 15:16:18 openvpn[85634]: ifconfig_ipv6_local = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: ifconfig_nowarn = DISABLED
    Jun 14 15:16:18 openvpn[85634]: ifconfig_noexec = DISABLED
    Jun 14 15:16:18 openvpn[85634]: ifconfig_remote_netmask = '10.1.1.2'
    Jun 14 15:16:18 openvpn[85634]: ifconfig_local = '10.1.1.1'
    Jun 14 15:16:18 openvpn[85634]: tun_ipv6 = ENABLED
    Jun 14 15:16:18 openvpn[85634]: topology = 1
    Jun 14 15:16:18 openvpn[85634]: lladdr = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: dev_node = '/dev/tun1'
    Jun 14 15:16:18 openvpn[85634]: dev_type = 'tun'
    Jun 14 15:16:18 openvpn[85634]: dev = 'ovpns1'
    Jun 14 15:16:18 openvpn[85634]: ipchange = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: remote_random = DISABLED
    Jun 14 15:16:18 openvpn[85634]: Connection profiles END
    Jun 14 15:16:18 openvpn[85634]: explicit_exit_notification = 0
    Jun 14 15:16:18 openvpn[85634]: mssfix = 1450
    Jun 14 15:16:18 openvpn[85634]: fragment = 0
    Jun 14 15:16:18 openvpn[85634]: mtu_discover_type = -1
    Jun 14 15:16:18 openvpn[85634]: tun_mtu_extra_defined = DISABLED
    Jun 14 15:16:18 openvpn[85634]: tun_mtu_extra = 0
    Jun 14 15:16:18 openvpn[85634]: link_mtu_defined = DISABLED
    Jun 14 15:16:18 openvpn[85634]: link_mtu = 1500
    Jun 14 15:16:18 openvpn[85634]: tun_mtu_defined = ENABLED
    Jun 14 15:16:18 openvpn[85634]: tun_mtu = 1500
    Jun 14 15:16:18 openvpn[85634]: socks_proxy_retry = DISABLED
    Jun 14 15:16:18 openvpn[85634]: socks_proxy_port = 0
    Jun 14 15:16:18 openvpn[85634]: socks_proxy_server = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: connect_retry_max = 0
    Jun 14 15:16:18 openvpn[85634]: connect_timeout = 10
    Jun 14 15:16:18 openvpn[85634]: connect_retry_seconds = 5
    Jun 14 15:16:18 openvpn[85634]: bind_local = ENABLED
    Jun 14 15:16:18 openvpn[85634]: bind_defined = DISABLED
    Jun 14 15:16:18 openvpn[85634]: remote_float = ENABLED
    Jun 14 15:16:18 openvpn[85634]: remote_port = 1194
    Jun 14 15:16:18 openvpn[85634]: remote = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: local_port = 443
    Jun 14 15:16:18 openvpn[85634]: local = 'XXX.XXX.XXX.XXX'
    Jun 14 15:16:18 openvpn[85634]: proto = tcp-server
    Jun 14 15:16:18 openvpn[85634]: Connection profiles [default]:
    Jun 14 15:16:18 openvpn[85634]: show_tls_ciphers = DISABLED
    Jun 14 15:16:18 openvpn[85634]: key_pass_file = '[UNDEF]'
    Jun 14 15:16:18 openvpn[85634]: genkey = DISABLED
    Jun 14 15:16:18 openvpn[85634]: show_engines = DISABLED
    Jun 14 15:16:18 openvpn[85634]: show_digests = DISABLED
    Jun 14 15:16:18 openvpn[85634]: show_ciphers = DISABLED
    Jun 14 15:16:18 openvpn[85634]: mode = 1
    Jun 14 15:16:18 openvpn[85634]: config = '/var/etc/openvpn/server1.conf'
    Jun 14 15:16:18 openvpn[85634]: Current Parameter Settings:
    Jun 14 15:14:09 openvpn[6589]: SIGTERM[hard,] received, process exiting
    Jun 14 15:14:09 openvpn[6589]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 10.1.1.1 10.1.1.2 init
    Jun 14 15:14:09 openvpn[6589]: Closing TUN/TAP interface
    Jun 14 15:14:09 openvpn[6589]: /sbin/route delete -net 10.1.1.0 10.1.1.2 255.255.255.0
    Jun 14 15:14:09 openvpn[6589]: TCP/UDP: Closing socket
    Jun 14 15:14:07 openvpn[6589]: TCP/UDP: Closing socket

    0
  • M

    Hi There,

    I had this problem today and found that disabling LZO Header Compression cured it for me.

    Regards

    Mark

    0
  • C

    @mxbsuper:

    Hi There,

    I had this problem today and found that disabling LZO Header Compression cured it for me.

    Regards

    Mark

    Thanks for the answer but it doesn't work for me. I disabled LZO Compression and it still is restarting every 5 minutes :(

    0
  • C

    I have reinstalled pfsense from 0 in another machine and exactly the same problem… I must stop using pfsense to openvpn...

    0
  • ?

    Have look, two potential issues:

    https://forum.pfsense.org/index.php?topic=76975.msg426742#msg426742

    latency is going up, apparently…

    0
  • C

    @chemlud:

    Have look, two potential issues:

    https://forum.pfsense.org/index.php?topic=76975.msg426742#msg426742

    latency is going up, apparently…

    Thank you for the answer.
    I edited the file as the post says but it got even worst… now the server restarts every 10 seconds...
    EDIT: I notice that my latency sometimes is avobe 600ms, so I change the latency range from 1000 to 2000 in order to check...
    EDIT2: Even changing the values it continues failing, so I disabled the gateway monitoring
    EDIT3: Nothing... even with the monitorization disabled it keeps restarting...

    0
  • ?

    You should investigate the systlog (not the openVPN log), as something is restarting the openVPN service (as after a new WAN IP had been obtained) to find out what is causing the restartings…

    0
  • H

    https://redmine.pfsense.org/issues/3669

    might be this … try disabling gateway-monitoring on the openvpn-interface.
    if that solves it, manually patch issue 3669 or gitsync or wait for 2.1.4-release

    0
  • ?

    @cristofer1989:


    EDIT3: Nothing... even with the monitorization disabled it keeps restarting...

    ;)

    0
  • C

    The problem is solved for now.
    I stopped the apinger service manually and it stops restarting.
    Every 5 minutes that service made a "alert" of gateway down, but it isn't true… the gateway was ok all time.
    For now, I will keep that service down.
    Thank you for your answers :)

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy