Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Strange behavior with Dynamic-IP

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 987 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      Electrone
      last edited by

      hi
      i am testing Open-VPN to connect 5 location in Pre-Shared Key Site-Site VPN using Dynamic IPs and Dynu service and 5 different UDP ports

      after configuring the 5 locations every thing worked fine . i can reach both Lans in every location .

      but once i reboot the router ( aDSL ) and after the router get new IP which is connected to the open-vpns server , all OpenVPN connections disconnected . and never connect back

      the clients can see the new Mapped IP to the Dynu domain . and can connect to it . but it never get connected .

      i reboot the 5 machines with no success. i confirm that the nslookup for each machine can get the new correct IP for the Open-VPN server .

      i already attached logs from both the server and the clients .

      the new correct IP is XX.XX.188.168

      i am using the latest Pfsense version 2.2.6

      server

      Dec 29 14:07:18 	openvpn[54478]: client_config_dir = '[UNDEF]'
      Dec 29 14:07:18 	openvpn[54478]: ccd_exclusive = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: tmp_dir = '/tmp'
      Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_defined = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_local = 0.0.0.0
      Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_remote_netmask = 0.0.0.0
      Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_defined = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_local = ::/0
      Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_remote = ::
      Dec 29 14:07:18 	openvpn[54478]: enable_c2c = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: duplicate_cn = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: cf_max = 0
      Dec 29 14:07:18 	openvpn[54478]: cf_per = 0
      Dec 29 14:07:18 	openvpn[54478]: max_clients = 1024
      Dec 29 14:07:18 	openvpn[54478]: max_routes_per_client = 256
      Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_verify_script = '[UNDEF]'
      Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_verify_script_via_file = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: port_share_host = '[UNDEF]'
      Dec 29 14:07:18 	openvpn[54478]: port_share_port = 0
      Dec 29 14:07:18 	openvpn[54478]: client = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: pull = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_file = '[UNDEF]'
      Dec 29 14:07:18 	openvpn[54478]: OpenVPN 2.3.8 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 21 2015
      Dec 29 14:07:18 	openvpn[54478]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09
      Dec 29 14:07:18 	openvpn[54587]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
      Dec 29 14:07:18 	openvpn[54587]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
      Dec 29 14:07:18 	openvpn[54587]: Static Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
      Dec 29 14:07:18 	openvpn[54587]: Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
      Dec 29 14:07:18 	openvpn[54587]: Static Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
      Dec 29 14:07:18 	openvpn[54587]: Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
      Dec 29 14:07:18 	openvpn[54587]: LZO compression initialized
      Dec 29 14:07:18 	openvpn[54587]: Socket Buffers: R=[42080->65536] S=[57344->65536]
      Dec 29 14:07:18 	openvpn[54587]: ROUTE_GATEWAY 172.16.16.100
      Dec 29 14:07:18 	openvpn[54587]: TUN/TAP device ovpnc1 exists previously, keep at program end
      Dec 29 14:07:18 	openvpn[54587]: TUN/TAP device /dev/tun1 opened
      Dec 29 14:07:18 	openvpn[54587]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Dec 29 14:07:18 	openvpn[54587]: /sbin/ifconfig ovpnc1 10.0.6.2 10.0.6.1 mtu 1500 netmask 255.255.255.255 up
      Dec 29 14:07:18 	openvpn[54587]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1561 10.0.6.2 10.0.6.1 init
      Dec 29 14:07:18 	openvpn[54587]: /sbin/route add -net 192.168.100.0 10.0.6.1 255.255.252.0
      Dec 29 14:07:18 	openvpn[54587]: /sbin/route add -net 192.168.19.0 10.0.6.1 255.255.255.0
      Dec 29 14:07:18 	openvpn[54587]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ]
      Dec 29 14:07:18 	openvpn[54587]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.1 10.0.6.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
      Dec 29 14:07:18 	openvpn[54587]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.2 10.0.6.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
      Dec 29 14:07:18 	openvpn[54587]: Local Options hash (VER=V4): '07a82d2f'
      Dec 29 14:07:18 	openvpn[54587]: Expected Remote Options hash (VER=V4): '5a902af9'
      Dec 29 14:07:18 	openvpn[54587]: UDPv4 link local (bound): [AF_INET]172.16.16.50
      Dec 29 14:07:18 	openvpn[54587]: UDPv4 link remote: [AF_INET]xx.xx.188.168:1197
      Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
      Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: CMD 'state 1'
      Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: Client xx.xx.188.168
      

      client

      Dec 29 14:07:18 	openvpn[54478]: client_config_dir = '[UNDEF]'
      Dec 29 14:07:18 	openvpn[54478]: ccd_exclusive = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: tmp_dir = '/tmp'
      Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_defined = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_local = 0.0.0.0
      Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_remote_netmask = 0.0.0.0
      Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_defined = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_local = ::/0
      Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_remote = ::
      Dec 29 14:07:18 	openvpn[54478]: enable_c2c = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: duplicate_cn = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: cf_max = 0
      Dec 29 14:07:18 	openvpn[54478]: cf_per = 0
      Dec 29 14:07:18 	openvpn[54478]: max_clients = 1024
      Dec 29 14:07:18 	openvpn[54478]: max_routes_per_client = 256
      Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_verify_script = '[UNDEF]'
      Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_verify_script_via_file = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: port_share_host = '[UNDEF]'
      Dec 29 14:07:18 	openvpn[54478]: port_share_port = 0
      Dec 29 14:07:18 	openvpn[54478]: client = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: pull = DISABLED
      Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_file = '[UNDEF]'
      Dec 29 14:07:18 	openvpn[54478]: OpenVPN 2.3.8 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 21 2015
      Dec 29 14:07:18 	openvpn[54478]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09
      Dec 29 14:07:18 	openvpn[54587]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
      Dec 29 14:07:18 	openvpn[54587]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
      Dec 29 14:07:18 	openvpn[54587]: Static Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
      Dec 29 14:07:18 	openvpn[54587]: Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
      Dec 29 14:07:18 	openvpn[54587]: Static Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
      Dec 29 14:07:18 	openvpn[54587]: Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
      Dec 29 14:07:18 	openvpn[54587]: LZO compression initialized
      Dec 29 14:07:18 	openvpn[54587]: Socket Buffers: R=[42080->65536] S=[57344->65536]
      Dec 29 14:07:18 	openvpn[54587]: ROUTE_GATEWAY 172.16.16.100
      Dec 29 14:07:18 	openvpn[54587]: TUN/TAP device ovpnc1 exists previously, keep at program end
      Dec 29 14:07:18 	openvpn[54587]: TUN/TAP device /dev/tun1 opened
      Dec 29 14:07:18 	openvpn[54587]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Dec 29 14:07:18 	openvpn[54587]: /sbin/ifconfig ovpnc1 10.0.6.2 10.0.6.1 mtu 1500 netmask 255.255.255.255 up
      Dec 29 14:07:18 	openvpn[54587]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1561 10.0.6.2 10.0.6.1 init
      Dec 29 14:07:18 	openvpn[54587]: /sbin/route add -net 192.168.100.0 10.0.6.1 255.255.252.0
      Dec 29 14:07:18 	openvpn[54587]: /sbin/route add -net 192.168.19.0 10.0.6.1 255.255.255.0
      Dec 29 14:07:18 	openvpn[54587]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ]
      Dec 29 14:07:18 	openvpn[54587]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.1 10.0.6.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
      Dec 29 14:07:18 	openvpn[54587]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.2 10.0.6.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
      Dec 29 14:07:18 	openvpn[54587]: Local Options hash (VER=V4): '07a82d2f'
      Dec 29 14:07:18 	openvpn[54587]: Expected Remote Options hash (VER=V4): '5a902af9'
      Dec 29 14:07:18 	openvpn[54587]: UDPv4 link local (bound): [AF_INET]172.16.16.50
      Dec 29 14:07:18 	openvpn[54587]: UDPv4 link remote: [AF_INET]xx.xx.188.168:1197
      Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
      Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: CMD 'state 1'
      Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: Client disconnected
      
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.