4. Strange behavior with Dynamic-IP

Strange behavior with Dynamic-IP

  • E

    hi
    i am testing Open-VPN to connect 5 location in Pre-Shared Key Site-Site VPN using Dynamic IPs and Dynu service and 5 different UDP ports

    after configuring the 5 locations every thing worked fine . i can reach both Lans in every location .

    but once i reboot the router ( aDSL ) and after the router get new IP which is connected to the open-vpns server , all OpenVPN connections disconnected . and never connect back

    the clients can see the new Mapped IP to the Dynu domain . and can connect to it . but it never get connected .

    i reboot the 5 machines with no success. i confirm that the nslookup for each machine can get the new correct IP for the Open-VPN server .

    i already attached logs from both the server and the clients .

    the new correct IP is XX.XX.188.168

    i am using the latest Pfsense version 2.2.6

    server

    Dec 29 14:07:18 	openvpn[54478]: client_config_dir = '[UNDEF]'
Dec 29 14:07:18 	openvpn[54478]: ccd_exclusive = DISABLED
Dec 29 14:07:18 	openvpn[54478]: tmp_dir = '/tmp'
Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_defined = DISABLED
Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_local = 0.0.0.0
Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_remote_netmask = 0.0.0.0
Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_defined = DISABLED
Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_local = ::/0
Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_remote = ::
Dec 29 14:07:18 	openvpn[54478]: enable_c2c = DISABLED
Dec 29 14:07:18 	openvpn[54478]: duplicate_cn = DISABLED
Dec 29 14:07:18 	openvpn[54478]: cf_max = 0
Dec 29 14:07:18 	openvpn[54478]: cf_per = 0
Dec 29 14:07:18 	openvpn[54478]: max_clients = 1024
Dec 29 14:07:18 	openvpn[54478]: max_routes_per_client = 256
Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_verify_script = '[UNDEF]'
Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_verify_script_via_file = DISABLED
Dec 29 14:07:18 	openvpn[54478]: port_share_host = '[UNDEF]'
Dec 29 14:07:18 	openvpn[54478]: port_share_port = 0
Dec 29 14:07:18 	openvpn[54478]: client = DISABLED
Dec 29 14:07:18 	openvpn[54478]: pull = DISABLED
Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_file = '[UNDEF]'
Dec 29 14:07:18 	openvpn[54478]: OpenVPN 2.3.8 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 21 2015
Dec 29 14:07:18 	openvpn[54478]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09
Dec 29 14:07:18 	openvpn[54587]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
Dec 29 14:07:18 	openvpn[54587]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 29 14:07:18 	openvpn[54587]: Static Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Dec 29 14:07:18 	openvpn[54587]: Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 29 14:07:18 	openvpn[54587]: Static Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Dec 29 14:07:18 	openvpn[54587]: Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 29 14:07:18 	openvpn[54587]: LZO compression initialized
Dec 29 14:07:18 	openvpn[54587]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Dec 29 14:07:18 	openvpn[54587]: ROUTE_GATEWAY 172.16.16.100
Dec 29 14:07:18 	openvpn[54587]: TUN/TAP device ovpnc1 exists previously, keep at program end
Dec 29 14:07:18 	openvpn[54587]: TUN/TAP device /dev/tun1 opened
Dec 29 14:07:18 	openvpn[54587]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 29 14:07:18 	openvpn[54587]: /sbin/ifconfig ovpnc1 10.0.6.2 10.0.6.1 mtu 1500 netmask 255.255.255.255 up
Dec 29 14:07:18 	openvpn[54587]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1561 10.0.6.2 10.0.6.1 init
Dec 29 14:07:18 	openvpn[54587]: /sbin/route add -net 192.168.100.0 10.0.6.1 255.255.252.0
Dec 29 14:07:18 	openvpn[54587]: /sbin/route add -net 192.168.19.0 10.0.6.1 255.255.255.0
Dec 29 14:07:18 	openvpn[54587]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ]
Dec 29 14:07:18 	openvpn[54587]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.1 10.0.6.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Dec 29 14:07:18 	openvpn[54587]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.2 10.0.6.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Dec 29 14:07:18 	openvpn[54587]: Local Options hash (VER=V4): '07a82d2f'
Dec 29 14:07:18 	openvpn[54587]: Expected Remote Options hash (VER=V4): '5a902af9'
Dec 29 14:07:18 	openvpn[54587]: UDPv4 link local (bound): [AF_INET]172.16.16.50
Dec 29 14:07:18 	openvpn[54587]: UDPv4 link remote: [AF_INET]xx.xx.188.168:1197
Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: CMD 'state 1'
Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: Client xx.xx.188.168

    client

    Dec 29 14:07:18 	openvpn[54478]: client_config_dir = '[UNDEF]'
Dec 29 14:07:18 	openvpn[54478]: ccd_exclusive = DISABLED
Dec 29 14:07:18 	openvpn[54478]: tmp_dir = '/tmp'
Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_defined = DISABLED
Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_local = 0.0.0.0
Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_remote_netmask = 0.0.0.0
Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_defined = DISABLED
Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_local = ::/0
Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_remote = ::
Dec 29 14:07:18 	openvpn[54478]: enable_c2c = DISABLED
Dec 29 14:07:18 	openvpn[54478]: duplicate_cn = DISABLED
Dec 29 14:07:18 	openvpn[54478]: cf_max = 0
Dec 29 14:07:18 	openvpn[54478]: cf_per = 0
Dec 29 14:07:18 	openvpn[54478]: max_clients = 1024
Dec 29 14:07:18 	openvpn[54478]: max_routes_per_client = 256
Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_verify_script = '[UNDEF]'
Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_verify_script_via_file = DISABLED
Dec 29 14:07:18 	openvpn[54478]: port_share_host = '[UNDEF]'
Dec 29 14:07:18 	openvpn[54478]: port_share_port = 0
Dec 29 14:07:18 	openvpn[54478]: client = DISABLED
Dec 29 14:07:18 	openvpn[54478]: pull = DISABLED
Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_file = '[UNDEF]'
Dec 29 14:07:18 	openvpn[54478]: OpenVPN 2.3.8 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 21 2015
Dec 29 14:07:18 	openvpn[54478]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09
Dec 29 14:07:18 	openvpn[54587]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
Dec 29 14:07:18 	openvpn[54587]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 29 14:07:18 	openvpn[54587]: Static Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Dec 29 14:07:18 	openvpn[54587]: Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 29 14:07:18 	openvpn[54587]: Static Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Dec 29 14:07:18 	openvpn[54587]: Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Dec 29 14:07:18 	openvpn[54587]: LZO compression initialized
Dec 29 14:07:18 	openvpn[54587]: Socket Buffers: R=[42080->65536] S=[57344->65536]
Dec 29 14:07:18 	openvpn[54587]: ROUTE_GATEWAY 172.16.16.100
Dec 29 14:07:18 	openvpn[54587]: TUN/TAP device ovpnc1 exists previously, keep at program end
Dec 29 14:07:18 	openvpn[54587]: TUN/TAP device /dev/tun1 opened
Dec 29 14:07:18 	openvpn[54587]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 29 14:07:18 	openvpn[54587]: /sbin/ifconfig ovpnc1 10.0.6.2 10.0.6.1 mtu 1500 netmask 255.255.255.255 up
Dec 29 14:07:18 	openvpn[54587]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1561 10.0.6.2 10.0.6.1 init
Dec 29 14:07:18 	openvpn[54587]: /sbin/route add -net 192.168.100.0 10.0.6.1 255.255.252.0
Dec 29 14:07:18 	openvpn[54587]: /sbin/route add -net 192.168.19.0 10.0.6.1 255.255.255.0
Dec 29 14:07:18 	openvpn[54587]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ]
Dec 29 14:07:18 	openvpn[54587]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.1 10.0.6.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Dec 29 14:07:18 	openvpn[54587]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.2 10.0.6.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
Dec 29 14:07:18 	openvpn[54587]: Local Options hash (VER=V4): '07a82d2f'
Dec 29 14:07:18 	openvpn[54587]: Expected Remote Options hash (VER=V4): '5a902af9'
Dec 29 14:07:18 	openvpn[54587]: UDPv4 link local (bound): [AF_INET]172.16.16.50
Dec 29 14:07:18 	openvpn[54587]: UDPv4 link remote: [AF_INET]xx.xx.188.168:1197
Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: CMD 'state 1'
Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: Client disconnected
    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy