Frequent OpenVPN client disconnects
-
Fellows,
i see over the last two days frequent disconnects on OpenVPN connecting to VyprVPN.
pfSens Build: 2.2-BETA (amd64) built on Sun Nov 16 23:44:31 CST 2014 running on VMWare ESXI instance
The disconnect can happen anywhere between 1 and 10 minutes and then without interruption for 4 hours before the frequent disconnects reoccur. I already swapped Network cards with no avail.
Any advice?
OpenVPN Log:
Dec 16 20:51:00 openvpn[30295]: MANAGEMENT: Client disconnected
Dec 16 20:51:00 openvpn[30295]: MANAGEMENT: CMD 'status 2'
Dec 16 20:51:00 openvpn[30295]: MANAGEMENT: CMD 'state 1'
Dec 16 20:51:00 openvpn[30295]: MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
Dec 16 20:51:00 openvpn[28840]: MANAGEMENT: Client disconnected
Dec 16 20:51:00 openvpn[28840]: MANAGEMENT: CMD 'status 2'
Dec 16 20:51:00 openvpn[28840]: MANAGEMENT: CMD 'state 1'
Dec 16 20:51:00 openvpn[28840]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Dec 16 20:50:59 openvpn[30295]: MANAGEMENT: Client disconnected
Dec 16 20:50:59 openvpn[30295]: MANAGEMENT: CMD 'status 2'
Dec 16 20:50:59 openvpn[30295]: MANAGEMENT: CMD 'state 1'
Dec 16 20:50:59 openvpn[28840]: MANAGEMENT: Client disconnected
Dec 16 20:50:59 openvpn[30295]: MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
Dec 16 20:50:59 openvpn[28840]: MANAGEMENT: CMD 'status 2'
Dec 16 20:50:59 openvpn[28840]: MANAGEMENT: CMD 'state 1'
Dec 16 20:50:59 openvpn[28840]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Dec 16 20:50:58 openvpn[30295]: MANAGEMENT: Client disconnected
Dec 16 20:50:58 openvpn[30295]: MANAGEMENT: CMD 'status 2'
Dec 16 20:50:58 openvpn[30295]: MANAGEMENT: CMD 'state 1'
Dec 16 20:50:58 openvpn[28840]: MANAGEMENT: Client disconnected
Dec 16 20:50:58 openvpn[30295]: MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
Dec 16 20:50:58 openvpn[28840]: MANAGEMENT: CMD 'status 2'
Dec 16 20:50:58 openvpn[28840]: MANAGEMENT: CMD 'state 1'
Dec 16 20:50:58 openvpn[28840]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Dec 16 20:50:57 openvpn[30295]: MANAGEMENT: Client disconnected
Dec 16 20:50:57 openvpn[30295]: MANAGEMENT: CMD 'status 2'
Dec 16 20:50:57 openvpn[30295]: MANAGEMENT: CMD 'state 1'
Dec 16 20:50:57 openvpn[28840]: MANAGEMENT: Client disconnected
Dec 16 20:50:57 openvpn[30295]: MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
Dec 16 20:50:57 openvpn[28840]: MANAGEMENT: CMD 'status 2'
Dec 16 20:50:57 openvpn[28840]: MANAGEMENT: CMD 'state 1'
Dec 16 20:50:57 openvpn[28840]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Dec 16 20:50:56 openvpn[30295]: MANAGEMENT: Client disconnected
Dec 16 20:50:56 openvpn[30295]: MANAGEMENT: CMD 'status 2'
Dec 16 20:50:56 openvpn[30295]: MANAGEMENT: CMD 'state 1'
Dec 16 20:50:56 openvpn[28840]: MANAGEMENT: Client disconnected
Dec 16 20:50:56 openvpn[30295]: MANAGEMENT: Client connected from /var/etc/openvpn/client2.sock
Dec 16 20:50:56 openvpn[28840]: MANAGEMENT: CMD 'status 2'
Dec 16 20:50:56 openvpn[28840]: MANAGEMENT: CMD 'state 1'
Dec 16 20:50:56 openvpn[28840]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Dec 16 20:50:30 openvpn[30295]: Initialization Sequence Completed
Dec 16 20:50:30 openvpn[30295]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
Dec 16 20:50:30 openvpn[30295]: /sbin/route add -net 128.0.0.0 10.12.0.1 128.0.0.0
Dec 16 20:50:30 openvpn[30295]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
Dec 16 20:50:30 openvpn[30295]: /sbin/route add -net 0.0.0.0 10.12.0.1 128.0.0.0
Dec 16 20:50:30 openvpn[30295]: /sbin/route add -net 203.170.29.30 76.123.198.1 255.255.255.255
Dec 16 20:50:30 openvpn[30295]: /usr/local/sbin/ovpn-linkup ovpnc2 1500 1570 10.12.21.4 255.255.0.0 init
Dec 16 20:50:30 openvpn[30295]: /sbin/route add -net 10.12.0.0 10.12.21.4 255.255.0.0
Dec 16 20:50:30 openvpn[30295]: /sbin/ifconfig ovpnc2 10.12.21.4 10.12.21.4 mtu 1500 netmask 255.255.0.0 up
Dec 16 20:50:30 openvpn[30295]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 16 20:50:30 openvpn[30295]: TUN/TAP device /dev/tun2 opened
Dec 16 20:50:30 openvpn[30295]: TUN/TAP device ovpnc2 exists previously, keep at program end
Dec 16 20:50:30 openvpn[30295]: ROUTE_GATEWAY XX.XXX.XXX.XXX
Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: –ip-win32 and/or --dhcp-option options modified
Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: route-related options modified
Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: route options modified
Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: –ifconfig/up options modified
Dec 16 20:50:30 openvpn[30295]: Socket Buffers: R=[65536->262144] S=[65536->65536]
Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: –sndbuf/--rcvbuf options modified
Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: explicit notify parm(s) modified
Dec 16 20:50:30 openvpn[30295]: OPTIONS IMPORT: timers and/or timeouts modified
Dec 16 20:50:30 openvpn[30295]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 203.170.29.53,dhcp-option DNS 203.170.29.54,explicit-exit-notify 5,rcvbuf 262144,route-gateway 10.12.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.12.21.4 255.255.0.0'
Dec 16 20:50:30 openvpn[30295]: SENT CONTROL [hk1.vyprvpn.com]: 'PUSH_REQUEST' (status=1)
Dec 16 20:50:28 openvpn[30295]: [hk1.vyprvpn.com] Peer Connection Initiated with [AF_INET]203.170.29.30:443
Dec 16 20:50:28 openvpn[30295]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Dec 16 20:50:28 openvpn[30295]: Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 16 20:50:28 openvpn[30295]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Dec 16 20:50:28 openvpn[30295]: Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 16 20:50:28 openvpn[30295]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyOpenVPN config:
dev ovpnc1
verb 3
dev-type tun
tun-ipv6
dev-node /dev/tun1
writepid /var/run/openvpn_client1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-256-CBC
auth SHA256
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local XX.XXX.XXX.XXX
tls-client
client
lport 60111
management /var/etc/openvpn/client1.sock unix
remote de1.vpn.goldenfrog.com 443
auth-user-pass /var/etc/openvpn/client1.up
ca /var/etc/openvpn/client1.ca
comp-lzo yes
resolv-retry infinite
persist-key
persist-tun
persist-remote-ip
keysize 256
tls-cipher DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA
float
keepalive 10 60
#route-nopull