M
M
Michael2015-03-27 10:55:04
openvpn
Michael, 2015-03-27 10:55:04

Why does OpenVPN steadily crash once every 1-2 weeks?

Hello.
I set up an openvpn server on Windows Server 2003 to which clients from different operating systems connect. The problem is that it stably stops working somewhere once every 1-2 weeks.
The symptoms are as follows: connection to the port goes on but breaks when checking TLS by timeout.
It is treated by rebuilding the port from 1194, for example, to 443 and back. At the same time, of course, all clients must also be rebuilt
. Client logs look like this:

Mon Mar 23 15:40:38 2015 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
Mon Mar 23 15:40:38 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Mar 23 15:40:38 2015 Control Channel Authentication: using 'C:\program files\openvpn\easy-rsa\keys\ta.key' as a OpenVPN static key file
Mon Mar 23 15:40:38 2015 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Mar 23 15:40:38 2015 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Mar 23 15:40:38 2015 LZO compression initialized
Mon Mar 23 15:40:38 2015 Control Channel MTU parms [ L:1590 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mon Mar 23 15:40:38 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Mar 23 15:40:38 2015 Data Channel MTU parms [ L:1590 D:1450 EF:58 EB:135 ET:32 EL:0 AF:3/1 ]
Mon Mar 23 15:40:38 2015 Local Options hash (VER=V4): 'a7133b47'
Mon Mar 23 15:40:38 2015 Expected Remote Options hash (VER=V4): 'c5677ab3'
Mon Mar 23 15:40:38 2015 UDPv4 link local: [undef]
Mon Mar 23 15:40:38 2015 UDPv4 link remote: Х.Х.Х.Х:443
Mon Mar 23 15:41:38 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Mar 23 15:41:38 2015 TLS Error: TLS handshake failed
Mon Mar 23 15:41:38 2015 TCP/UDP: Closing socket
Mon Mar 23 15:41:38 2015 SIGUSR1[soft,tls-error] received, process restarting
Mon Mar 23 15:41:38 2015 Restart pause, 2 second(s)

The client config looks like this
remote Х.Х.Х.Х 443
client
dev tap
nobind

ca "C:\\program files\\openvpn\\easy-rsa\\keys\\ca.crt"
cert "C:\\program files\\openvpn\\easy-rsa\\keys\\...................crt"
key "C:\\program files\\openvpn\\easy-rsa\\keys\\...................key"
dh "C:\\program files\\openvpn\\easy-rsa\\keys\\dh1024.pem"

tls-auth "C:\\program files\\openvpn\\easy-rsa\\keys\\ta.key" 1
tls-client
tls-remote "................................"

keepalive 10 120
verb 3
comp-lzo
ip-win32 netsh
cipher aes-128-cbc

Please help to diagnose and possibly cure the error. Thank you.

Answer the question

In order to leave comments, you need to log in

2 answer(s)
M
Michael, 2015-05-14
@1099511627776

Switch protocol from udp to tcp for now 3rd week flight is normal

N
Niko_F, 2015-03-31
@Niko_F

https://forums.openvpn.net/topic12938.html
openvpn.net/index.php/open-source/faq/79-client/25...

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question