Strange behavior with Dynamic-IP
-
hi
i am testing Open-VPN to connect 5 location in Pre-Shared Key Site-Site VPN using Dynamic IPs and Dynu service and 5 different UDP portsafter configuring the 5 locations every thing worked fine . i can reach both Lans in every location .
but once i reboot the router ( aDSL ) and after the router get new IP which is connected to the open-vpns server , all OpenVPN connections disconnected . and never connect back
the clients can see the new Mapped IP to the Dynu domain . and can connect to it . but it never get connected .
i reboot the 5 machines with no success. i confirm that the nslookup for each machine can get the new correct IP for the Open-VPN server .
i already attached logs from both the server and the clients .
the new correct IP is XX.XX.188.168
i am using the latest Pfsense version 2.2.6
server
Dec 29 14:07:18 openvpn[54478]: client_config_dir = '[UNDEF]' Dec 29 14:07:18 openvpn[54478]: ccd_exclusive = DISABLED Dec 29 14:07:18 openvpn[54478]: tmp_dir = '/tmp' Dec 29 14:07:18 openvpn[54478]: push_ifconfig_defined = DISABLED Dec 29 14:07:18 openvpn[54478]: push_ifconfig_local = 0.0.0.0 Dec 29 14:07:18 openvpn[54478]: push_ifconfig_remote_netmask = 0.0.0.0 Dec 29 14:07:18 openvpn[54478]: push_ifconfig_ipv6_defined = DISABLED Dec 29 14:07:18 openvpn[54478]: push_ifconfig_ipv6_local = ::/0 Dec 29 14:07:18 openvpn[54478]: push_ifconfig_ipv6_remote = :: Dec 29 14:07:18 openvpn[54478]: enable_c2c = DISABLED Dec 29 14:07:18 openvpn[54478]: duplicate_cn = DISABLED Dec 29 14:07:18 openvpn[54478]: cf_max = 0 Dec 29 14:07:18 openvpn[54478]: cf_per = 0 Dec 29 14:07:18 openvpn[54478]: max_clients = 1024 Dec 29 14:07:18 openvpn[54478]: max_routes_per_client = 256 Dec 29 14:07:18 openvpn[54478]: auth_user_pass_verify_script = '[UNDEF]' Dec 29 14:07:18 openvpn[54478]: auth_user_pass_verify_script_via_file = DISABLED Dec 29 14:07:18 openvpn[54478]: port_share_host = '[UNDEF]' Dec 29 14:07:18 openvpn[54478]: port_share_port = 0 Dec 29 14:07:18 openvpn[54478]: client = DISABLED Dec 29 14:07:18 openvpn[54478]: pull = DISABLED Dec 29 14:07:18 openvpn[54478]: auth_user_pass_file = '[UNDEF]' Dec 29 14:07:18 openvpn[54478]: OpenVPN 2.3.8 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 21 2015 Dec 29 14:07:18 openvpn[54478]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09 Dec 29 14:07:18 openvpn[54587]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock Dec 29 14:07:18 openvpn[54587]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 29 14:07:18 openvpn[54587]: Static Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key Dec 29 14:07:18 openvpn[54587]: Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Dec 29 14:07:18 openvpn[54587]: Static Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key Dec 29 14:07:18 openvpn[54587]: Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Dec 29 14:07:18 openvpn[54587]: LZO compression initialized Dec 29 14:07:18 openvpn[54587]: Socket Buffers: R=[42080->65536] S=[57344->65536] Dec 29 14:07:18 openvpn[54587]: ROUTE_GATEWAY 172.16.16.100 Dec 29 14:07:18 openvpn[54587]: TUN/TAP device ovpnc1 exists previously, keep at program end Dec 29 14:07:18 openvpn[54587]: TUN/TAP device /dev/tun1 opened Dec 29 14:07:18 openvpn[54587]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 Dec 29 14:07:18 openvpn[54587]: /sbin/ifconfig ovpnc1 10.0.6.2 10.0.6.1 mtu 1500 netmask 255.255.255.255 up Dec 29 14:07:18 openvpn[54587]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1561 10.0.6.2 10.0.6.1 init Dec 29 14:07:18 openvpn[54587]: /sbin/route add -net 192.168.100.0 10.0.6.1 255.255.252.0 Dec 29 14:07:18 openvpn[54587]: /sbin/route add -net 192.168.19.0 10.0.6.1 255.255.255.0 Dec 29 14:07:18 openvpn[54587]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ] Dec 29 14:07:18 openvpn[54587]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.1 10.0.6.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret' Dec 29 14:07:18 openvpn[54587]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.2 10.0.6.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret' Dec 29 14:07:18 openvpn[54587]: Local Options hash (VER=V4): '07a82d2f' Dec 29 14:07:18 openvpn[54587]: Expected Remote Options hash (VER=V4): '5a902af9' Dec 29 14:07:18 openvpn[54587]: UDPv4 link local (bound): [AF_INET]172.16.16.50 Dec 29 14:07:18 openvpn[54587]: UDPv4 link remote: [AF_INET]xx.xx.188.168:1197 Dec 29 14:07:24 openvpn[54587]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock Dec 29 14:07:24 openvpn[54587]: MANAGEMENT: CMD 'state 1' Dec 29 14:07:24 openvpn[54587]: MANAGEMENT: Client xx.xx.188.168
client
Dec 29 14:07:18 openvpn[54478]: client_config_dir = '[UNDEF]' Dec 29 14:07:18 openvpn[54478]: ccd_exclusive = DISABLED Dec 29 14:07:18 openvpn[54478]: tmp_dir = '/tmp' Dec 29 14:07:18 openvpn[54478]: push_ifconfig_defined = DISABLED Dec 29 14:07:18 openvpn[54478]: push_ifconfig_local = 0.0.0.0 Dec 29 14:07:18 openvpn[54478]: push_ifconfig_remote_netmask = 0.0.0.0 Dec 29 14:07:18 openvpn[54478]: push_ifconfig_ipv6_defined = DISABLED Dec 29 14:07:18 openvpn[54478]: push_ifconfig_ipv6_local = ::/0 Dec 29 14:07:18 openvpn[54478]: push_ifconfig_ipv6_remote = :: Dec 29 14:07:18 openvpn[54478]: enable_c2c = DISABLED Dec 29 14:07:18 openvpn[54478]: duplicate_cn = DISABLED Dec 29 14:07:18 openvpn[54478]: cf_max = 0 Dec 29 14:07:18 openvpn[54478]: cf_per = 0 Dec 29 14:07:18 openvpn[54478]: max_clients = 1024 Dec 29 14:07:18 openvpn[54478]: max_routes_per_client = 256 Dec 29 14:07:18 openvpn[54478]: auth_user_pass_verify_script = '[UNDEF]' Dec 29 14:07:18 openvpn[54478]: auth_user_pass_verify_script_via_file = DISABLED Dec 29 14:07:18 openvpn[54478]: port_share_host = '[UNDEF]' Dec 29 14:07:18 openvpn[54478]: port_share_port = 0 Dec 29 14:07:18 openvpn[54478]: client = DISABLED Dec 29 14:07:18 openvpn[54478]: pull = DISABLED Dec 29 14:07:18 openvpn[54478]: auth_user_pass_file = '[UNDEF]' Dec 29 14:07:18 openvpn[54478]: OpenVPN 2.3.8 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 21 2015 Dec 29 14:07:18 openvpn[54478]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09 Dec 29 14:07:18 openvpn[54587]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock Dec 29 14:07:18 openvpn[54587]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 29 14:07:18 openvpn[54587]: Static Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key Dec 29 14:07:18 openvpn[54587]: Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Dec 29 14:07:18 openvpn[54587]: Static Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key Dec 29 14:07:18 openvpn[54587]: Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Dec 29 14:07:18 openvpn[54587]: LZO compression initialized Dec 29 14:07:18 openvpn[54587]: Socket Buffers: R=[42080->65536] S=[57344->65536] Dec 29 14:07:18 openvpn[54587]: ROUTE_GATEWAY 172.16.16.100 Dec 29 14:07:18 openvpn[54587]: TUN/TAP device ovpnc1 exists previously, keep at program end Dec 29 14:07:18 openvpn[54587]: TUN/TAP device /dev/tun1 opened Dec 29 14:07:18 openvpn[54587]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 Dec 29 14:07:18 openvpn[54587]: /sbin/ifconfig ovpnc1 10.0.6.2 10.0.6.1 mtu 1500 netmask 255.255.255.255 up Dec 29 14:07:18 openvpn[54587]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1561 10.0.6.2 10.0.6.1 init Dec 29 14:07:18 openvpn[54587]: /sbin/route add -net 192.168.100.0 10.0.6.1 255.255.252.0 Dec 29 14:07:18 openvpn[54587]: /sbin/route add -net 192.168.19.0 10.0.6.1 255.255.255.0 Dec 29 14:07:18 openvpn[54587]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ] Dec 29 14:07:18 openvpn[54587]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.1 10.0.6.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret' Dec 29 14:07:18 openvpn[54587]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.2 10.0.6.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret' Dec 29 14:07:18 openvpn[54587]: Local Options hash (VER=V4): '07a82d2f' Dec 29 14:07:18 openvpn[54587]: Expected Remote Options hash (VER=V4): '5a902af9' Dec 29 14:07:18 openvpn[54587]: UDPv4 link local (bound): [AF_INET]172.16.16.50 Dec 29 14:07:18 openvpn[54587]: UDPv4 link remote: [AF_INET]xx.xx.188.168:1197 Dec 29 14:07:24 openvpn[54587]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock Dec 29 14:07:24 openvpn[54587]: MANAGEMENT: CMD 'state 1' Dec 29 14:07:24 openvpn[54587]: MANAGEMENT: Client disconnected