Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Frequent OpenVPN client disconnects

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      CosmoNerd
      last edited by

      Fellows,

      i see over the last two days frequent disconnects on OpenVPN connecting to VyprVPN.

      pfSens Build: 2.2-BETA (amd64) built on Sun Nov 16 23:44:31 CST 2014 running on VMWare ESXI instance

      The disconnect can happen anywhere between 1 and 10 minutes and then without interruption for 4 hours before the frequent disconnects reoccur. I already swapped Network cards with no avail.

      Any advice?

      OpenVPN Log:

      Dec 16 20:51:00 openvpn[30295]: MANAGEMENT: Client disconnected
      Dec 16 20:51:00 openvpn[30295]: MANAGEMENT: CMD 'status 2'
      Dec 16 20:51:00 openvpn[30295]: MANAGEMENT: CMD 'state 1'
      Dec 16 20:51:00 openvpn[30295]: MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
      Dec 16 20:51:00 openvpn[28840]: MANAGEMENT: Client disconnected
      Dec 16 20:51:00 openvpn[28840]: MANAGEMENT: CMD 'status 2'
      Dec 16 20:51:00 openvpn[28840]: MANAGEMENT: CMD 'state 1'
      Dec 16 20:51:00 openvpn[28840]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
      Dec 16 20:50:59 openvpn[30295]: MANAGEMENT: Client disconnected
      Dec 16 20:50:59 openvpn[30295]: MANAGEMENT: CMD 'status 2'
      Dec 16 20:50:59 openvpn[30295]: MANAGEMENT: CMD 'state 1'
      Dec 16 20:50:59 openvpn[28840]: MANAGEMENT: Client disconnected
      Dec 16 20:50:59 openvpn[30295]: MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
      Dec 16 20:50:59 openvpn[28840]: MANAGEMENT: CMD 'status 2'
      Dec 16 20:50:59 openvpn[28840]: MANAGEMENT: CMD 'state 1'
      Dec 16 20:50:59 openvpn[28840]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
      Dec 16 20:50:58 openvpn[30295]: MANAGEMENT: Client disconnected
      Dec 16 20:50:58 openvpn[30295]: MANAGEMENT: CMD 'status 2'
      Dec 16 20:50:58 openvpn[30295]: MANAGEMENT: CMD 'state 1'
      Dec 16 20:50:58 openvpn[28840]: MANAGEMENT: Client disconnected
      Dec 16 20:50:58 openvpn[30295]: MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
      Dec 16 20:50:58 openvpn[28840]: MANAGEMENT: CMD 'status 2'
      Dec 16 20:50:58 openvpn[28840]: MANAGEMENT: CMD 'state 1'
      Dec 16 20:50:58 openvpn[28840]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
      Dec 16 20:50:57 openvpn[30295]: MANAGEMENT: Client disconnected
      Dec 16 20:50:57 openvpn[30295]: MANAGEMENT: CMD 'status 2'
      Dec 16 20:50:57 openvpn[30295]: MANAGEMENT: CMD 'state 1'
      Dec 16 20:50:57 openvpn[28840]: MANAGEMENT: Client disconnected
      Dec 16 20:50:57 openvpn[30295]: MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
      Dec 16 20:50:57 openvpn[28840]: MANAGEMENT: CMD 'status 2'
      Dec 16 20:50:57 openvpn[28840]: MANAGEMENT: CMD 'state 1'
      Dec 16 20:50:57 openvpn[28840]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
      Dec 16 20:50:56 openvpn[30295]: MANAGEMENT: Client disconnected
      Dec 16 20:50:56 openvpn[30295]: MANAGEMENT: CMD 'status 2'
      Dec 16 20:50:56 openvpn[30295]: MANAGEMENT: CMD 'state 1'
      Dec 16 20:50:56 openvpn[28840]: MANAGEMENT: Client disconnected
      Dec 16 20:50:56 openvpn[30295]: MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
      Dec 16 20:50:56 openvpn[28840]: MANAGEMENT: CMD 'status 2'
      Dec 16 20:50:56 openvpn[28840]: MANAGEMENT: CMD 'state 1'
      Dec 16 20:50:56 openvpn[28840]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
      Dec 16 20:50:30 openvpn[30295]: Initialization Sequence Completed
      Dec 16 20:50:30 openvpn[30295]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
      Dec 16 20:50:30 openvpn[30295]: /sbin/route add -net 128.0.0.0 10.12.0.1 128.0.0.0
      Dec 16 20:50:30 openvpn[30295]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
      Dec 16 20:50:30 openvpn[30295]: /sbin/route add -net 0.0.0.0 10.12.0.1 128.0.0.0
      Dec 16 20:50:30 openvpn[30295]: /sbin/route add -net 203.170.29.30 76.123.198.1 255.255.255.255
      Dec 16 20:50:30 openvpn[30295]: /usr/local/sbin/ovpn-linkup ovpnc2 1500 1570 10.12.21.4 255.255.0.0 init
      Dec 16 20:50:30 openvpn[30295]: /sbin/route add -net 10.12.0.0 10.12.21.4 255.255.0.0
      Dec 16 20:50:30 openvpn[30295]: /sbin/ifconfig ovpnc2 10.12.21.4 10.12.21.4 mtu 1500 netmask 255.255.0.0 up
      Dec 16 20:50:30 openvpn[30295]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Dec 16 20:50:30 openvpn[30295]: TUN/TAP device /dev/tun2 opened
      Dec 16 20:50:30 openvpn[30295]: TUN/TAP device ovpnc2 exists previously, keep at program end
      Dec 16 20:50:30 openvpn[30295]: ROUTE_GATEWAY XX.XXX.XXX.XXX
      Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: –ip-win32 and/or --dhcp-option options modified
      Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: route-related options modified
      Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: route options modified
      Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: –ifconfig/up options modified
      Dec 16 20:50:30 openvpn[30295]: Socket Buffers: R=[65536->262144] S=[65536->65536]
      Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: –sndbuf/--rcvbuf options modified
      Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: explicit notify parm(s) modified
      Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: timers and/or timeouts modified
      Dec 16 20:50:30 openvpn[30295]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 203.170.29.53,dhcp-option DNS 203.170.29.54,explicit-exit-notify 5,rcvbuf 262144,route-gateway 10.12.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.12.21.4 255.255.0.0'
      Dec 16 20:50:30 openvpn[30295]: SENT CONTROL [hk1.vyprvpn.com]: 'PUSH_REQUEST' (status=1)
      Dec 16 20:50:28 openvpn[30295]: [hk1.vyprvpn.com] Peer Connection Initiated with [AF_INET]203.170.29.30:443
      Dec 16 20:50:28 openvpn[30295]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
      Dec 16 20:50:28 openvpn[30295]: Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
      Dec 16 20:50:28 openvpn[30295]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
      Dec 16 20:50:28 openvpn[30295]: Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
      Dec 16 20:50:28 openvpn[30295]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

      OpenVPN config:
      dev ovpnc1
      verb 3
      dev-type tun
      tun-ipv6
      dev-node /dev/tun1
      writepid /var/run/openvpn_client1.pid
      #user nobody
      #group nobody
      script-security 3
      daemon
      keepalive 10 60
      ping-timer-rem
      persist-tun
      persist-key
      proto udp
      cipher AES-256-CBC
      auth SHA256
      up /usr/local/sbin/ovpn-linkup
      down /usr/local/sbin/ovpn-linkdown
      local XX.XXX.XXX.XXX
      tls-client
      client
      lport 60111
      management /var/etc/openvpn/client1.sock unix
      remote de1.vpn.goldenfrog.com 443
      auth-user-pass /var/etc/openvpn/client1.up
      ca /var/etc/openvpn/client1.ca
      comp-lzo yes
      resolv-retry infinite
      persist-key
      persist-tun
      persist-remote-ip
      keysize 256
      tls-cipher DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA
      float
      keepalive 10 60
      #route-nopull

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.