4. Unstable OpenVPN

Unstable OpenVPN

  • K

    Hi, Iam have OpenVPN site-to-site Iam access with VNC Linux Host over OpenVPN but every 1 minute iam loss connection VNC

    the VPN is not down but problem with VNC

    0
  • D
    Banned

    What a wealth of info…

    0
  • K

    Sorry my bad

    Apr 7 09:45:10 openvpn[90084]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    Apr 7 09:45:10 openvpn[90084]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
    Apr 7 09:45:10 openvpn[90327]: UDPv4 link local (bound): [AF_INET]192.168.200.2
    Apr 7 09:45:10 openvpn[90327]: UDPv4 link remote: [AF_INET]200.70.95.32:5069
    Apr 7 09:45:10 openvpn[90327]: WARNING: 'ifconfig' is present in remote config but missing in local config, remote='ifconfig 50.0.69.2 50.0.69.1'
    Apr 7 09:45:10 openvpn[90327]: [server_rech01] Peer Connection Initiated with [AF_INET]200.70.95.32:5069
    Apr 7 09:45:12 openvpn[90327]: TUN/TAP device ovpnc1 exists previously, keep at program end
    Apr 7 09:45:12 openvpn[90327]: TUN/TAP device /dev/tun1 opened
    Apr 7 09:45:12 openvpn[90327]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
    Apr 7 09:45:12 openvpn[90327]: /sbin/ifconfig ovpnc1 50.0.69.2 50.0.69.1 mtu 1500 netmask 255.255.255.255 up
    Apr 7 09:45:12 openvpn[90327]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1542 50.0.69.2 50.0.69.1 init
    Apr 7 09:45:12 openvpn[90327]: Initialization Sequence Completed
    Apr 7 10:45:11 openvpn[90327]: WARNING: 'ifconfig' is present in remote config but missing in local config, remote='ifconfig 50.0.69.2 50.0.69.1'

    I'am enable net.inet.ip.fastforwarding to 1 in System –> System Tunnbles

    information: https://forums.openvpn.net/topic9934.html

    Log Firewall OK all pass

    pass
    Apr 7 11:20:51 ovpnc1 Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 50.0.69.1:61672 Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 192.168.7.100:5901 TCP:S
    pass
    Apr 7 11:23:32 ovpnc1 Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 50.0.69.1:61726 Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 192.168.7.100:5901 TCP:S
    pass
    Apr 7 11:25:29 ovpnc1 Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 50.0.69.1:49748 Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 192.168.7.166:5900 TCP:S
    pass
    Apr 7 11:26:17 ovpnc1 Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 50.0.69.1:49769 Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 192.168.7.166:5900 TCP:S
    pass
    Apr 7 11:26:36 LAN Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.7.166:1332 Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 217.146.26.212:5938 TCP:S
    pass
    Apr 7 11:26:37 LAN Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.7.166:1333 Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 178.77.120.104:5938 TCP:S
    pass
    Apr 7 11:26:38 LAN Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.7.166:1333 Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 178.77.120.104:5938 TCP:S
    pass
    Apr 7 11:26:39 LAN Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.7.166:1334 Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 88.198.136.212:5938 TCP:S


    0
  • D
    Banned

    Looks like your connectivity sucks badly… I'd suggest to undo the "tuning".

    0
  • K

    OK Disable ipforwardfast,

    in the meantime

    add a option:

    link-mtu 1400;

    now VNC not down maybe say that but

    I'am look  in Logs OpenVPN

    openvpn[8247]: WARNING: normally if you use –mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1358)
    Apr 7 12:26:17 openvpn[8465]: UDPv4 link local (bound): [AF_INET]192.168.200.2
    Apr 7 12:26:17 openvpn[8465]: UDPv4 link remote: [AF_INET]200.150.81.211:5069
    Apr 7 12:26:17 openvpn[8465]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1400', remote='link-mtu 1542'
    Apr 7 12:26:17 openvpn[8465]: WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1358', remote='tun-mtu 1500'

    0
  • D
    Banned

    Hmmm, yeah? So, set it consistently on both ends?

    0
  • K

    just because u said took a fall VNC and returned, but more fast, believe it is the MTU question the problem

    0
  • K

    I'am remove 1400

    and add

    tun-mtu 1500;

    now is work :D

    0
  • D
    Banned

    Good… Mainly, these things need to match on both ends.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy