[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] connection works intermittently

  • Subject: [Openvpn-users] connection works intermittently
  • From: "Bruno Cruvelier" <bcruvelier@xxxxxxxxxxxx>
  • Date: Mon, 3 Apr 2006 16:43:12 +0200
Hi
 
I've got a little problem with my VPN connection
 
The VPN connection works intermittently. I'm not sure but I think I have to wait 24h to reconnect after a connection.
When the connection doesn't work
 
 
The problem can be fixed by restarting the DSL connection on the server (which is stranger because it's a fixed IP) but it's tiresome and I can't do it everyday.
 
 
Have I forgot an option in one of my configs ?
Have you ever heard of a problem like this ?
 
 
Here are all the details :
- DSL connexion with fixed IP on server side
- DSL connexion with dynamic IP on client side
 
- SERVER : Linux Debian
config :

dev tun1
local 213.X.X.X
port 8147
proto udp
server 10.4.0.0 255.255.255.0
client-to-client
dh /etc/ssl/dh1024.pem
ca /etc/ssl/certs/autorite-ca.crt
cert /etc/ssl/server.crt
key /etc/ssl/private/serverPrivate.key
tun-mtu 1500
mssfix
auth-user-pass-verify /etc/openvpn/validateUser.sh via-file
comp-lzo
verb 5
log-append /var/log/openvpn.log
keepalive 10 120
push "route 192.168.1.0 255.255.255.0"
persist-key
persist-tun
persist-local-ip
 
log :
The server doesn't log anything when the connection doesn't work (it logs when it's working)
- CLIENT : Windows XP
config :

remote 213.X.X.X
client
port 8147
dev tun
ca C:\\OpenVPN\\easy-rsa\\keys\\autorite-ca.crt
cert C:\\OpenVPN\\easy-rsa\\keys\\xxxxx.crt
key C:\\OpenVPN\\easy-rsa\\keys\\xxxxx.key
auth-user-pass
reneg-sec 3600
ping 10
comp-lzo
verb 5
ip-win32 dynamic
dhcp-option DNS 192.1.2.3
 
log :
Here is a part of the log of the client when the connection doesn't work
 
Mon Apr 03 16:33:03 2006 us=834667 OpenVPN 2.0.5 Win32-MinGW [SSL] [LZO] built on Nov  2 2005
Mon Apr 03 16:33:08 2006 us=371465 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Apr 03 16:33:08 2006 us=404158 LZO compression initialized
Mon Apr 03 16:33:08 2006 us=404370 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Apr 03 16:33:08 2006 us=409642 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Apr 03 16:33:08 2006 us=409710 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Mon Apr 03 16:33:08 2006 us=409727 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Mon Apr 03 16:33:08 2006 us=409943 Local Options hash (VER=V4): '41690919'
Mon Apr 03 16:33:08 2006 us=409983 Expected Remote Options hash (VER=V4): '530fdded'
Mon Apr 03 16:33:08 2006 us=410056 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Apr 03 16:33:08 2006 us=410096 UDPv4 link local (bound): [undef]:8147
Mon Apr 03 16:33:08 2006 us=410117 UDPv4 link remote: 213.41.176.174:8147
Mon Apr 03 16:34:08 2006 us=747482 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Apr 03 16:34:08 2006 us=747531 TLS Error: TLS handshake failed
Mon Apr 03 16:34:08 2006 us=747966 TCP/UDP: Closing socket
Mon Apr 03 16:34:08 2006 us=748108 SIGUSR1[soft,tls-error] received, process restarting
Mon Apr 03 16:34:08 2006 us=748130 Restart pause, 2 second(s)

...