Strange behavior with Dynamic-IP



  • hi
    i am testing Open-VPN to connect 5 location in Pre-Shared Key Site-Site VPN using Dynamic IPs and Dynu service and 5 different UDP ports

    after configuring the 5 locations every thing worked fine . i can reach both Lans in every location .

    but once i reboot the router ( aDSL ) and after the router get new IP which is connected to the open-vpns server , all OpenVPN connections disconnected . and never connect back

    the clients can see the new Mapped IP to the Dynu domain . and can connect to it . but it never get connected .

    i reboot the 5 machines with no success. i confirm that the nslookup for each machine can get the new correct IP for the Open-VPN server .

    i already attached logs from both the server and the clients .

    the new correct IP is XX.XX.188.168

    i am using the latest Pfsense version 2.2.6

    server

    Dec 29 14:07:18 	openvpn[54478]: client_config_dir = '[UNDEF]'
    Dec 29 14:07:18 	openvpn[54478]: ccd_exclusive = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: tmp_dir = '/tmp'
    Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_defined = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_local = 0.0.0.0
    Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_remote_netmask = 0.0.0.0
    Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_defined = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_local = ::/0
    Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_remote = ::
    Dec 29 14:07:18 	openvpn[54478]: enable_c2c = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: duplicate_cn = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: cf_max = 0
    Dec 29 14:07:18 	openvpn[54478]: cf_per = 0
    Dec 29 14:07:18 	openvpn[54478]: max_clients = 1024
    Dec 29 14:07:18 	openvpn[54478]: max_routes_per_client = 256
    Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_verify_script = '[UNDEF]'
    Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_verify_script_via_file = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: port_share_host = '[UNDEF]'
    Dec 29 14:07:18 	openvpn[54478]: port_share_port = 0
    Dec 29 14:07:18 	openvpn[54478]: client = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: pull = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_file = '[UNDEF]'
    Dec 29 14:07:18 	openvpn[54478]: OpenVPN 2.3.8 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 21 2015
    Dec 29 14:07:18 	openvpn[54478]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09
    Dec 29 14:07:18 	openvpn[54587]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
    Dec 29 14:07:18 	openvpn[54587]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Dec 29 14:07:18 	openvpn[54587]: Static Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Dec 29 14:07:18 	openvpn[54587]: Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Dec 29 14:07:18 	openvpn[54587]: Static Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Dec 29 14:07:18 	openvpn[54587]: Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Dec 29 14:07:18 	openvpn[54587]: LZO compression initialized
    Dec 29 14:07:18 	openvpn[54587]: Socket Buffers: R=[42080->65536] S=[57344->65536]
    Dec 29 14:07:18 	openvpn[54587]: ROUTE_GATEWAY 172.16.16.100
    Dec 29 14:07:18 	openvpn[54587]: TUN/TAP device ovpnc1 exists previously, keep at program end
    Dec 29 14:07:18 	openvpn[54587]: TUN/TAP device /dev/tun1 opened
    Dec 29 14:07:18 	openvpn[54587]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
    Dec 29 14:07:18 	openvpn[54587]: /sbin/ifconfig ovpnc1 10.0.6.2 10.0.6.1 mtu 1500 netmask 255.255.255.255 up
    Dec 29 14:07:18 	openvpn[54587]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1561 10.0.6.2 10.0.6.1 init
    Dec 29 14:07:18 	openvpn[54587]: /sbin/route add -net 192.168.100.0 10.0.6.1 255.255.252.0
    Dec 29 14:07:18 	openvpn[54587]: /sbin/route add -net 192.168.19.0 10.0.6.1 255.255.255.0
    Dec 29 14:07:18 	openvpn[54587]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ]
    Dec 29 14:07:18 	openvpn[54587]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.1 10.0.6.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
    Dec 29 14:07:18 	openvpn[54587]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.2 10.0.6.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
    Dec 29 14:07:18 	openvpn[54587]: Local Options hash (VER=V4): '07a82d2f'
    Dec 29 14:07:18 	openvpn[54587]: Expected Remote Options hash (VER=V4): '5a902af9'
    Dec 29 14:07:18 	openvpn[54587]: UDPv4 link local (bound): [AF_INET]172.16.16.50
    Dec 29 14:07:18 	openvpn[54587]: UDPv4 link remote: [AF_INET]xx.xx.188.168:1197
    Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
    Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: CMD 'state 1'
    Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: Client xx.xx.188.168
    

    client

    Dec 29 14:07:18 	openvpn[54478]: client_config_dir = '[UNDEF]'
    Dec 29 14:07:18 	openvpn[54478]: ccd_exclusive = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: tmp_dir = '/tmp'
    Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_defined = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_local = 0.0.0.0
    Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_remote_netmask = 0.0.0.0
    Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_defined = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_local = ::/0
    Dec 29 14:07:18 	openvpn[54478]: push_ifconfig_ipv6_remote = ::
    Dec 29 14:07:18 	openvpn[54478]: enable_c2c = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: duplicate_cn = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: cf_max = 0
    Dec 29 14:07:18 	openvpn[54478]: cf_per = 0
    Dec 29 14:07:18 	openvpn[54478]: max_clients = 1024
    Dec 29 14:07:18 	openvpn[54478]: max_routes_per_client = 256
    Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_verify_script = '[UNDEF]'
    Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_verify_script_via_file = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: port_share_host = '[UNDEF]'
    Dec 29 14:07:18 	openvpn[54478]: port_share_port = 0
    Dec 29 14:07:18 	openvpn[54478]: client = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: pull = DISABLED
    Dec 29 14:07:18 	openvpn[54478]: auth_user_pass_file = '[UNDEF]'
    Dec 29 14:07:18 	openvpn[54478]: OpenVPN 2.3.8 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 21 2015
    Dec 29 14:07:18 	openvpn[54478]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09
    Dec 29 14:07:18 	openvpn[54587]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
    Dec 29 14:07:18 	openvpn[54587]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Dec 29 14:07:18 	openvpn[54587]: Static Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Dec 29 14:07:18 	openvpn[54587]: Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Dec 29 14:07:18 	openvpn[54587]: Static Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Dec 29 14:07:18 	openvpn[54587]: Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Dec 29 14:07:18 	openvpn[54587]: LZO compression initialized
    Dec 29 14:07:18 	openvpn[54587]: Socket Buffers: R=[42080->65536] S=[57344->65536]
    Dec 29 14:07:18 	openvpn[54587]: ROUTE_GATEWAY 172.16.16.100
    Dec 29 14:07:18 	openvpn[54587]: TUN/TAP device ovpnc1 exists previously, keep at program end
    Dec 29 14:07:18 	openvpn[54587]: TUN/TAP device /dev/tun1 opened
    Dec 29 14:07:18 	openvpn[54587]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
    Dec 29 14:07:18 	openvpn[54587]: /sbin/ifconfig ovpnc1 10.0.6.2 10.0.6.1 mtu 1500 netmask 255.255.255.255 up
    Dec 29 14:07:18 	openvpn[54587]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1561 10.0.6.2 10.0.6.1 init
    Dec 29 14:07:18 	openvpn[54587]: /sbin/route add -net 192.168.100.0 10.0.6.1 255.255.252.0
    Dec 29 14:07:18 	openvpn[54587]: /sbin/route add -net 192.168.19.0 10.0.6.1 255.255.255.0
    Dec 29 14:07:18 	openvpn[54587]: Data Channel MTU parms [ L:1561 D:1450 EF:61 EB:143 ET:0 EL:3 AF:3/1 ]
    Dec 29 14:07:18 	openvpn[54587]: Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.1 10.0.6.2,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
    Dec 29 14:07:18 	openvpn[54587]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,tun-ipv6,ifconfig 10.0.6.2 10.0.6.1,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,secret'
    Dec 29 14:07:18 	openvpn[54587]: Local Options hash (VER=V4): '07a82d2f'
    Dec 29 14:07:18 	openvpn[54587]: Expected Remote Options hash (VER=V4): '5a902af9'
    Dec 29 14:07:18 	openvpn[54587]: UDPv4 link local (bound): [AF_INET]172.16.16.50
    Dec 29 14:07:18 	openvpn[54587]: UDPv4 link remote: [AF_INET]xx.xx.188.168:1197
    Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
    Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: CMD 'state 1'
    Dec 29 14:07:24 	openvpn[54587]: MANAGEMENT: Client disconnected
    

Log in to reply