Site-to-Site : Client reports not being connected but Server reports connected
-
Hello all!
I have a site to site VPN set up. The client end is reporting (from the dashboard) "Unable to contact daemon. Service not running?". However, the server side reports the client connecting and then disconnect. The odd thing is, I have connectivity between the two. I can log into devices on the remote network from the server side. So it seem stop be working. The error bother me because I don't want my data to be traversing the link unsecured. Is that possible?
Also a packet capture show a lot of malformed packets in the OpenVPN Traffic. I have posted the logs below:
Client logs:
Feb 17 16:28:05 openvpn[83787]: ifconfig_pool_end = 0.0.0.0
Feb 17 16:28:05 openvpn[83787]: ifconfig_pool_netmask = 0.0.0.0
Feb 17 16:28:05 openvpn[83787]: ifconfig_pool_persist_filename = '[UNDEF]'
Feb 17 16:28:05 openvpn[83787]: ifconfig_pool_persist_refresh_freq = 600
Feb 17 16:28:05 openvpn[83787]: ifconfig_ipv6_pool_defined = DISABLED
Feb 17 16:28:05 openvpn[83787]: ifconfig_ipv6_pool_base = ::
Feb 17 16:28:05 openvpn[83787]: ifconfig_ipv6_pool_netbits = 0
Feb 17 16:28:05 openvpn[83787]: n_bcast_buf = 256
Feb 17 16:28:05 openvpn[83787]: tcp_queue_limit = 64
Feb 17 16:28:05 openvpn[83787]: real_hash_size = 256
Feb 17 16:28:05 openvpn[83787]: virtual_hash_size = 256
Feb 17 16:28:05 openvpn[83787]: client_connect_script = '[UNDEF]'
Feb 17 16:28:05 openvpn[83787]: learn_address_script = '[UNDEF]'
Feb 17 16:28:05 openvpn[83787]: client_disconnect_script = '[UNDEF]'
Feb 17 16:28:05 openvpn[83787]: client_config_dir = '[UNDEF]'
Feb 17 16:28:05 openvpn[83787]: ccd_exclusive = DISABLED
Feb 17 16:28:05 openvpn[83787]: tmp_dir = '/tmp'
Feb 17 16:28:05 openvpn[83787]: push_ifconfig_defined = DISABLED
Feb 17 16:28:05 openvpn[83787]: push_ifconfig_local = 0.0.0.0
Feb 17 16:28:05 openvpn[83787]: push_ifconfig_remote_netmask = 0.0.0.0
Feb 17 16:28:05 openvpn[83787]: push_ifconfig_ipv6_defined = DISABLED
Feb 17 16:28:05 openvpn[83787]: push_ifconfig_ipv6_local = ::/0
Feb 17 16:28:05 openvpn[83787]: push_ifconfig_ipv6_remote = ::
Feb 17 16:28:05 openvpn[83787]: enable_c2c = DISABLED
Feb 17 16:28:05 openvpn[83787]: duplicate_cn = DISABLED
Feb 17 16:28:05 openvpn[83787]: cf_max = 0
Feb 17 16:28:05 openvpn[83787]: cf_per = 0
Feb 17 16:28:05 openvpn[83787]: max_clients = 1024
Feb 17 16:28:05 openvpn[83787]: max_routes_per_client = 256
Feb 17 16:28:05 openvpn[83787]: auth_user_pass_verify_script = '[UNDEF]'
Feb 17 16:28:05 openvpn[83787]: auth_user_pass_verify_script_via_file = DISABLED
Feb 17 16:28:05 openvpn[83787]: port_share_host = '[UNDEF]'
Feb 17 16:28:05 openvpn[83787]: port_share_port = 0
Feb 17 16:28:05 openvpn[83787]: client = DISABLED
Feb 17 16:28:05 openvpn[83787]: pull = DISABLED
Feb 17 16:28:05 openvpn[83787]: auth_user_pass_file = '[UNDEF]'
Feb 17 16:28:05 openvpn[83787]: OpenVPN 2.3.6 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Dec 1 2014
Feb 17 16:28:05 openvpn[83787]: library versions: OpenSSL 1.0.1k-freebsd 8 Jan 2015, LZO 2.08
Feb 17 16:28:05 openvpn[83787]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
Feb 17 16:28:05 openvpn[84906]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
Feb 17 16:28:05 openvpn[84906]: Static Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Feb 17 16:28:05 openvpn[84906]: Static Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Feb 17 16:28:05 openvpn[84906]: Static Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Feb 17 16:28:05 openvpn[84906]: Static Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Feb 17 16:28:05 openvpn[84906]: LZO compression initialized
Feb 17 16:28:05 openvpn[84906]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Feb 17 16:28:10 openvpn[84906]: ROUTE_GATEWAY 192.168.1.1
Feb 17 16:28:10 openvpn[84906]: TUN/TAP device ovpnc1 exists previously, keep at program end
Feb 17 16:28:10 openvpn[84906]: Cannot open TUN/TAP dev /dev/tun1: Device busy (errno=16)
Feb 17 16:28:10 openvpn[84906]: Exiting due to fatal errorServer Logs
Feb 17 16:33:27 openvpn[66184]: /sbin/route delete -net 192.168.11.0 10.10.11.2 255.255.255.0
Feb 17 16:33:27 openvpn[66184]: Closing TUN/TAP interface
Feb 17 16:33:27 openvpn[66184]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1573 10.10.11.1 10.10.11.2 init
Feb 17 16:33:27 openvpn[66184]: SIGTERM[hard,] received, process exiting
Feb 17 16:33:28 openvpn[33411]: OpenVPN 2.3.6 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Dec 1 2014
Feb 17 16:33:28 openvpn[33411]: library versions: OpenSSL 1.0.1k-freebsd 8 Jan 2015, LZO 2.08
Feb 17 16:33:28 openvpn[33411]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/server1.sock
Feb 17 16:33:28 openvpn[33497]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
Feb 17 16:33:28 openvpn[33497]: Static Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Feb 17 16:33:28 openvpn[33497]: Static Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Feb 17 16:33:28 openvpn[33497]: Static Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Feb 17 16:33:28 openvpn[33497]: Static Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Feb 17 16:33:28 openvpn[33497]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Feb 17 16:33:28 openvpn[33497]: ROUTE_GATEWAY [Masked IP]
Feb 17 16:33:28 openvpn[33497]: TUN/TAP device ovpns1 exists previously, keep at program end
Feb 17 16:33:28 openvpn[33497]: TUN/TAP device /dev/tun1 opened
Feb 17 16:33:28 openvpn[33497]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Feb 17 16:33:28 openvpn[33497]: /sbin/ifconfig ovpns1 10.10.11.1 10.10.11.2 mtu 1500 netmask 255.255.255.255 up
Feb 17 16:33:28 openvpn[33497]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1573 10.10.11.1 10.10.11.2 init
Feb 17 16:33:28 openvpn[33497]: /sbin/route add -net 192.168.11.0 10.10.11.2 255.255.255.0
Feb 17 16:33:28 openvpn[33497]: UDPv4 link local (bound): [AF_INET][MaskedIP]:1194
Feb 17 16:33:28 openvpn[33497]: UDPv4 link remote: [undef]
Feb 17 16:33:30 openvpn[33497]: Peer Connection Initiated with [AF_INET][maskedIP]:47482
Feb 17 16:33:30 openvpn[33497]: Initialization Sequence Completed
Feb 17 16:33:38 openvpn[33497]: WARNING: 'tun-ipv6' is present in remote config but missing in local config, remote='tun-ipv6'
Feb 17 16:34:05 openvpn[33497]: MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Feb 17 16:34:06 openvpn[33497]: MANAGEMENT: CMD 'status 2'
Feb 17 16:34:06 openvpn[33497]: MANAGEMENT: CMD 'quit'
Feb 17 16:34:06 openvpn[33497]: MANAGEMENT: Client disconnected
Feb 17 16:35:09 openvpn[33497]: MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
Feb 17 16:35:09 openvpn[33497]: MANAGEMENT: CMD 'status 2'
Feb 17 16:35:09 openvpn[33497]: MANAGEMENT: CMD 'quit'
Feb 17 16:35:09 openvpn[33497]: MANAGEMENT: Client disconnectedCan anyone help? If more info is needed let me know.
Thanks!
-
Restart the openvpn service on both ends.
-
I have multiple times with no success.