|
|
Hi, I've been using OpenVPN for some time now, but I get hourly disconnects in my current setup. This is quite annoying as I tend to use the tunnel for longer periods of time. My configuration is as follows: Server neptune is directly connected to the internet, gets an IP via DHCP (which is not hourly refreshed, but rather every 40-50 minutes). This server runs debian and has openvpn installed as server (config and log follow). Client macbook is connected to the internet via wifi to a modem/ router, has a LAN ip (10.0.0.x) from DHCP and runs OS X 10.4.10. I have openvpn installed as client with the GUI tunnelblick to easily start/stop the tunnel (config and log follow). Openvpn is configured to route all traffic through the tunnel and gives out IP's in the 10.10.x range. Everything works fine except the disconnects. The only thing that appears to happen hourly is key renegotiation, but I've changed this to 10 hours, so I reckon this is not the cause of the problem. Another possible issue is DHCP leasetime, but the server logs show this is not done hourly, and at the time of the disconnect the client also had ±20 minutes of leastime left (I checked this with netstat -rn on my macbook, since DHCP is not logged (or I can't find it)) The last thing I can imagine happening is the dhcp lease of OpenVPN itself, but I cannot find anything about this mechanism or possible leastimes involved, let alone change it. Does anyone know what is going on and how I could solve or at least debug this? I've searched the internet and fora extensively for this problem, but I cannot find anything similar. Thanks in advance! Tim P.S. First time posting to a mailing list, hopefully I honored all (un)written rules. Server log at the time of disconnect: =========== Jul 27 09:30:56 neptune ovpn-openvpn[404]: macbook.address.com/ 82.xxx.xxx.xxx:65391 NOTE: --mute triggered... Jul 27 10:30:41 neptune ovpn-openvpn[404]: 66 variation(s) on previous 20 message(s) suppressed by --mute Jul 27 10:30:41 neptune ovpn-openvpn[404]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111) Jul 27 10:30:41 neptune last message repeated 19 times Jul 27 10:30:41 neptune ovpn-openvpn[404]: NOTE: --mute triggered... Jul 27 10:30:42 neptune ovpn-openvpn[404]: 26 variation(s) on previous 20 message(s) suppressed by --mute Jul 27 10:30:42 neptune ovpn-openvpn[404]: MULTI: multi_create_instance called Jul 27 10:30:42 neptune ovpn-openvpn[404]: 82.xxx.xxx.xxx:65409 Re- using SSL/TLS context Jul 27 10:30:42 neptune ovpn-openvpn[404]: 82.xxx.xxx.xxx:65409 LZO compression initialized ...<restart of connection> =========== Client log at the time of disconnect: =========== Jul 27 10:30:32 Tims-Computer configd[38]: posting notification com.apple.system.config.network_change Jul 27 10:30:32 Tims-Computer openvpn[12916]: MANAGEMENT: TCP send error: Broken pipe Jul 27 10:30:32 Tims-Computer openvpn[12916]: MANAGEMENT: Client disconnected Jul 27 10:30:32 Tims-Computer openvpn[12916]: TCP/UDP: Closing socket ...<routes deleted> Jul 27 10:30:32 Tims-Computer openvpn[301]: Closing TUN/TAP interface Jul 27 10:30:32 Tims-Computer openvpn[301]: /Applications/ Tunnelblick.app/Conten ts/Resources/client.down.osx.sh tun0 1500 1542 10.10.0.6 10.10.0.5 init Jul 27 10:30:32 Tims-Computer openvpn[301]: SIGTERM[hard,] received, process exi ting Jul 27 10:30:32 Tims-Computer openvpn[619]: Current Parameter Settings: ...<config follows> ...<restart of connection> =========== neptune dhcp renewal (syslog): =========== Aug 1 11:46:38 neptune dhclient: bound to neptuneIP -- renewal in 3064 seconds. Aug 1 12:37:42 neptune dhclient: bound to neptuneIP -- renewal in 3250 seconds. Aug 1 13:31:52 neptune dhclient: bound to neptuneIP -- renewal in 3184 seconds. Server config: =========== port 1194 proto udp dev tun ca keys/ca.crt cert keys/neptune.crt key keys/neptune.key # This file should be kept secret askpass keys/password dh keys/dh2048.pem server 10.10.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1" push "dhcp-option DNS <NS1>" #IP's hidden push "dhcp-option DNS <NS2>" push "dhcp-option DNS <NS3>" push "dhcp-option DOMAIN domain.com" client-to-client keepalive 10 120 tls-auth keys/ta.key 0 # This file is secret comp-lzo max-clients 10 user nobody group nogroup daemon persist-key persist-tun status openvpn-status.log verb 6 mute 20 reneg-sec 36000 =========== client config: =========== client dev tun proto udp remote neptune.address.com 1194 resolv-retry infinite nobind user nobody group nogroup daemon persist-key persist-tun mute-replay-warnings ca keys/ca.crt cert keys/macbook.crt key keys/macbook.key askpass ns-cert-type server tls-auth keys/ta.key 1 comp-lzo verb 5 mute 20 reneg-sec 36000 ===========____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |