OpenVPN Server suddenly stopped working after some weeks.

This forum is for all inquiries relating to the installation of OpenVPN from source and with binaries.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Post Reply
keranoz
OpenVpn Newbie
Posts: 1
Joined: Thu Oct 29, 2015 9:49 am

OpenVPN Server suddenly stopped working after some weeks.

Post by keranoz » Thu Oct 29, 2015 10:02 am

Hi,

I'm currently experiencing a very annoying problem with my OpenVPN server.

Since two days clients get cannot connect anymore.

I have set the verbosity to 6 to try and find out more. Here is (part of) the log file:

Code: Select all

Thu Oct 29 10:54:38 2015 TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:1723
Thu Oct 29 10:54:38 2015 TCPv4_CLIENT link local: [undef]
Thu Oct 29 10:54:38 2015 TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.xxx:1723
Thu Oct 29 10:54:38 2015 MANAGEMENT: >STATE:1446112478,WAIT,,,
Thu Oct 29 10:54:38 2015 TCPv4_CLIENT WRITE [14] to [AF_INET]xxx.xxx.xxx.xx:1723: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Thu Oct 29 10:54:40 2015 TCPv4_CLIENT WRITE [14] to [AF_INET]xxx.xxx.xxx.xxx:1723: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Thu Oct 29 10:54:44 2015 TCPv4_CLIENT WRITE [14] to [AF_INET]xxx.xxx.xxx.xxx:1723: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Thu Oct 29 10:54:52 2015 TCPv4_CLIENT WRITE [14] to [AF_INET]xxx.xxx.xxx.xxx:1723: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Thu Oct 29 10:54:59 2015 read TCPv4_CLIENT: Connection timed out (WSAETIMEDOUT) (code=10060)
Thu Oct 29 10:54:59 2015 TCPv4_CLIENT READ [0] from [AF_INET]xxx.xxx.xxx.xxx:1723: DATA UNDEF len=-1
Thu Oct 29 10:54:59 2015 Connection reset, restarting [-1]
Thu Oct 29 10:54:59 2015 TCP/UDP: Closing socket
Thu Oct 29 10:54:59 2015 SIGUSR1[soft,connection-reset] received, process restarting
Thu Oct 29 10:54:59 2015 MANAGEMENT: >STATE:1446112499,RECONNECTING,connection-reset,,
Thu Oct 29 10:54:59 2015 Restart pause, 5 second(s)
And here part of the server log: (Also verb 6)

Code: Select all

Thu Oct 29 10:32:25 2015 us=927154 TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:62533
Thu Oct 29 10:32:25 2015 us=927179 TCPv4_SERVER link local: [undef]
Thu Oct 29 10:32:25 2015 us=927207 TCPv4_SERVER link remote: [AF_INET]xxx.xxx.xxx.xxx:62533
Thu Oct 29 10:32:31 2015 us=31500 xxx.xxx.xxx.xxx:62528 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Oct 29 10:32:31 2015 us=31610 xxx.xxx.xxx.xxx:62528 TLS Error: TLS handshake failed
Thu Oct 29 10:32:31 2015 us=31792 xxx.xxx.xxx.xxx:62528 Fatal TLS error (check_tls_errors_co), restarting
Thu Oct 29 10:32:31 2015 us=31822 xxx.xxx.xxx.xxx:62528 SIGUSR1[soft,tls-error] received, client-instance restarting
Thu Oct 29 10:32:31 2015 us=31887 TCP/UDP: Closing socket
Thu Oct 29 10:32:58 2015 us=45110 xxx.xxx.xxx.xxx:62531 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Oct 29 10:32:58 2015 us=45216 xxx.xxx.xxx.xxx:62531 TLS Error: TLS handshake failed
Thu Oct 29 10:32:58 2015 us=45319 xxx.xxx.xxx.xxx:62531 Fatal TLS error (check_tls_errors_co), restarting
Thu Oct 29 10:32:58 2015 us=45336 xxx.xxx.xxx.xxx:62531 SIGUSR1[soft,tls-error] received, client-instance restarting
Thu Oct 29 10:32:58 2015 us=45382 TCP/UDP: Closing socket
Thu Oct 29 10:33:25 2015 us=240516 xxx.xxx.xxx.xxx:62533 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Oct 29 10:33:25 2015 us=240628 xxx.xxx.xxx.xxx:62533 TLS Error: TLS handshake failed
Thu Oct 29 10:33:25 2015 us=240730 xxx.xxx.xxx.xxx:62533 Fatal TLS error (check_tls_errors_co), restarting
Thu Oct 29 10:33:25 2015 us=240755 xxx.xxx.xxx.xxx:62533 SIGUSR1[soft,tls-error] received, client-instance restarting
Thu Oct 29 10:33:25 2015 us=240811 TCP/UDP: Closing socket
I have tried Googling this problem. All I can find is either a firewall problem or there is something wrong the client configuration. Since this OpenVPN server suddenly stopped working out of the blue I do not think it is a client config problem. I have also doublechecked and re-entered the iptables rules in the server.

The server is running Debian 8, clients are Windows.

Any help would be greatly appreciated!

User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: OpenVPN Server suddenly stopped working after some weeks

Post by Traffic » Mon Nov 09, 2015 11:51 pm

Please post your server route table and ifconfig.

Did you try rebooting your server yet ? :D

tsa_akis
OpenVpn Newbie
Posts: 5
Joined: Mon Apr 04, 2016 3:05 pm

Re: OpenVPN Server suddenly stopped working after some weeks.

Post by tsa_akis » Fri Apr 07, 2017 1:59 pm

Hi keranoz,

how did you finally solve your problem? I'm having a similar issue. Thanks!

jtalbert123
OpenVpn Newbie
Posts: 1
Joined: Sun Nov 29, 2020 5:21 pm

Re: OpenVPN Server suddenly stopped working after some weeks.

Post by jtalbert123 » Sun Nov 29, 2020 5:23 pm

I'm getting what looks like the same issue. Restarting the server resolves it, but I don't really like having a cron entry to restart the server regularly. Also, since restarting the server fixes it, it seems like it's not a client issue.

300000
OpenVPN Expert
Posts: 685
Joined: Tue May 01, 2012 9:30 pm

Re: OpenVPN Server suddenly stopped working after some weeks.

Post by 300000 » Mon Nov 30, 2020 4:09 pm

your server config should have this line to keep it

Code: Select all

keepalive 90 190
if you use windows or smart phone when the client come from sleep more to active you should have this one so it could create new connection for you

Code: Select all

remap-usr1 SIGHUP
if you change all this and working just come back to tell so other people if they got that problem can use it

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN Server suddenly stopped working after some weeks.

Post by TinCanTech » Mon Nov 30, 2020 4:37 pm

The problem exhibited in this thread has nothing what-so-ever to do with --keepalive or signals.

Post Reply