No Automatic Reconnect after Disconnect

This forum is for general conversation and user-user networking.
Post Reply
Klaus F
OpenVpn Newbie
Posts: 6
Joined: Fri Nov 25, 2011 10:08 pm

No Automatic Reconnect after Disconnect

Post by Klaus F » Wed Apr 04, 2012 4:25 pm

Hi,

Sorry for posting that many details but I've been looking for a solution for some month and my frustration level is rather high. I hope to get some help here.

I'm using the OpenVPN client on my WHS 2003 to setup a VPN connection to the anonymisation service TUVPN.com. The WHS is the only connection to the internet for my entire private network, thus working as a 24/7 router.

My problem is that every 1 to 4 days the VPN connection drops and doesn't reconnect automatically. Of course as a result the internet connection in my private network is lost. I understand that such connection is not stayable for ever but at least I would expect an automatic reconnection after such disconnect.

Typically the failure log starts with

Code: Select all

TLS: soft reset sec=0 bytes=1580961486/0 pkts=6378702/0
and ends with

Code: Select all

Cannot resolve host address: amsterdam1.tuvpn.com: [NO_DATA] The requested name is valid but does not have an IP address
my Amsterdam1.log:

Code: Select all

Sat Mar 31 10:04:00 2012 OpenVPN 2.1.4 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Dec  2 2010
Sat Mar 31 10:04:00 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Mar 31 10:04:00 2012 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Sat Mar 31 10:04:00 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Mar 31 10:04:00 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Mar 31 10:04:00 2012 LZO compression initialized
Sat Mar 31 10:04:00 2012 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Sat Mar 31 10:04:00 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Mar 31 10:04:00 2012 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Mar 31 10:04:00 2012 Local Options hash (VER=V4): '9e7066d2'
Sat Mar 31 10:04:00 2012 Expected Remote Options hash (VER=V4): '162b04de'
Sat Mar 31 10:04:00 2012 UDPv4 link local: [undef]
Sat Mar 31 10:04:00 2012 UDPv4 link remote: 85.17.122.3:1194
Sat Mar 31 10:04:00 2012 TLS: Initial packet from 85.17.122.3:1194, sid=30f8c516 1a97b0ca
Sat Mar 31 10:04:00 2012 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Mar 31 10:04:00 2012 VERIFY OK: depth=1, /C=TU/ST=TUVPN/L=TUVPN/O=TUVPN/CN=TUVPN_CA/emailAddress=contacto@tuvpn.com
Sat Mar 31 10:04:00 2012 VERIFY OK: nsCertType=SERVER
Sat Mar 31 10:04:00 2012 VERIFY OK: depth=0, /C=TU/ST=TUVPN/L=TUVPN/O=TUVPN/CN=server/emailAddress=contacto@tuvpn.com
Sat Mar 31 10:04:01 2012 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Mar 31 10:04:01 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Mar 31 10:04:01 2012 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Mar 31 10:04:01 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Mar 31 10:04:01 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Mar 31 10:04:01 2012 [server] Peer Connection Initiated with 85.17.122.3:1194
Sat Mar 31 10:04:03 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sat Mar 31 10:04:03 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.10.10.21,route 10.71.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.71.0.14 10.71.0.13'
Sat Mar 31 10:04:03 2012 OPTIONS IMPORT: timers and/or timeouts modified
Sat Mar 31 10:04:03 2012 OPTIONS IMPORT: --ifconfig/up options modified
Sat Mar 31 10:04:03 2012 OPTIONS IMPORT: route options modified
Sat Mar 31 10:04:03 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Mar 31 10:04:03 2012 ROUTE default_gateway=192.168.2.1
Sat Mar 31 10:04:03 2012 TAP-WIN32 device [OpenVPN] opened: \\.\Global\{E584BC35-671E-4A69-AA82-195C7BA2FDA6}.tap
Sat Mar 31 10:04:03 2012 TAP-Win32 Driver Version 9.6 
Sat Mar 31 10:04:03 2012 TAP-Win32 MTU=1500
Sat Mar 31 10:04:03 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.71.0.14/255.255.255.252 on interface {E584BC35-671E-4A69-AA82-195C7BA2FDA6} [DHCP-serv: 10.71.0.13, lease-time: 31536000]
Sat Mar 31 10:04:03 2012 Successful ARP Flush on interface [2] {E584BC35-671E-4A69-AA82-195C7BA2FDA6}
Sat Mar 31 10:04:05 2012 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Sat Mar 31 10:04:05 2012 Route: Waiting for TUN/TAP interface to come up...
Sat Mar 31 10:04:08 2012 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Sat Mar 31 10:04:08 2012 Route: Waiting for TUN/TAP interface to come up...
Sat Mar 31 10:04:09 2012 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Sat Mar 31 10:04:09 2012 C:\WINDOWS\system32\route.exe ADD 85.17.122.3 MASK 255.255.255.255 192.168.2.1
Sat Mar 31 10:04:09 2012 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.71.0.13
Sat Mar 31 10:04:09 2012 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.71.0.13
Sat Mar 31 10:04:09 2012 C:\WINDOWS\system32\route.exe ADD 10.71.0.1 MASK 255.255.255.255 10.71.0.13
Sat Mar 31 10:04:09 2012 Initialization Sequence Completed
Sat Mar 31 21:51:49 2012 Authenticate/Decrypt packet error: packet HMAC authentication failed
Sun Apr 01 16:27:08 2012 Replay-window backtrack occurred [1]
Sun Apr 01 16:30:24 2012 Authenticate/Decrypt packet error: packet HMAC authentication failed
Sun Apr 01 17:53:36 2012 Replay-window backtrack occurred [2]

--- Problem starts here --------------

Mon Apr 02 10:04:01 2012 TLS: soft reset sec=0 bytes=1580961486/0 pkts=6378702/0
Mon Apr 02 10:04:01 2012 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Apr 02 10:04:01 2012 VERIFY OK: depth=1, /C=TU/ST=TUVPN/L=TUVPN/O=TUVPN/CN=TUVPN_CA/emailAddress=contacto@tuvpn.com
Mon Apr 02 10:04:01 2012 VERIFY OK: nsCertType=SERVER
Mon Apr 02 10:04:01 2012 VERIFY OK: depth=0, /C=TU/ST=TUVPN/L=TUVPN/O=TUVPN/CN=server/emailAddress=contacto@tuvpn.com
Mon Apr 02 10:04:02 2012 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Apr 02 10:04:02 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr 02 10:04:02 2012 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Apr 02 10:04:02 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr 02 10:04:02 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Apr 02 10:10:47 2012 [server] Inactivity timeout (--ping-restart), restarting
Mon Apr 02 10:10:47 2012 TCP/UDP: Closing socket
Mon Apr 02 10:10:47 2012 SIGUSR1[soft,ping-restart] received, process restarting
Mon Apr 02 10:10:47 2012 Restart pause, 2 second(s)
Mon Apr 02 10:10:49 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 02 10:10:49 2012 Re-using SSL/TLS context
Mon Apr 02 10:10:49 2012 LZO compression initialized
Mon Apr 02 10:10:49 2012 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mon Apr 02 10:10:49 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Apr 02 10:11:01 2012 RESOLVE: Cannot resolve host address: amsterdam1.tuvpn.com: [NO_DATA] The requested name is valid but does not have an IP address.
Mon Apr 02 10:11:01 2012 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Apr 02 10:11:01 2012 Local Options hash (VER=V4): '9e7066d2'
Mon Apr 02 10:11:01 2012 Expected Remote Options hash (VER=V4): '162b04de'
Mon Apr 02 10:11:13 2012 RESOLVE: Cannot resolve host address: amsterdam1.tuvpn.com: [NO_DATA] The requested name is valid but does not have an IP address.
Mon Apr 02 10:11:30 2012 RESOLVE: Cannot resolve host address: amsterdam1.tuvpn.com: [NO_DATA] The requested name is valid but does not have an IP address.
Mon Apr 02 10:11:47 2012 RESOLVE: Cannot resolve host address: amsterdam1.tuvpn.com: [NO_DATA] The requested name is valid but does not have an IP address.
Mon Apr 02 10:12:04 2012 RESOLVE: Cannot resolve host address: amsterdam1.tuvpn.com: [NO_DATA] The requested name is valid but does not have an IP address.
Mon Apr 02 10:12:21 2012 RESOLVE: Cannot resolve host address: amsterdam1.tuvpn.com: [NO_DATA] The requested name is valid but does not have an IP address.
...
my Amsterdam1.ovpn:

Code: Select all

client
dev tun
proto udp
remote amsterdam1.tuvpn.com 1194
reneg-sec 172800
resolv-retry infinite
nobind
persist-key
persist-tun
route-method exe
route-delay 2
ca ca.crt
cert usuario.crt
key usuario.key
ns-cert-type server
tls-auth ta.key 1
cipher AES-256-CBC
comp-lzo
explicit-exit-notify 2
verb 3
auth-user-pass pass.txt
inactive 86400
my network configuration: http://img687.imageshack.us/img687/3865 ... tion28.jpg

my ipconfig /all:

Code: Select all

Windows-IP-Konfiguration
   Hostname  . . . . . . . . . . . . : whs
   Primäres DNS-Suffix . . . . . . . : 
   Knotentyp . . . . . . . . . . . . : Unbekannt
   IP-Routing aktiviert  . . . . . . : Ja
   WINS-Proxy aktiviert  . . . . . . : Nein

Ethernet-Adapter OpenVPN:

   Verbindungsspezifisches DNS-Suffix: 
   Beschreibung  . . . . . . . . . . : TAP-Win32 Adapter V9
   Physikalische Adresse . . . . . . : 00-GF-E5-85-BD-35
   DHCP aktiviert  . . . . . . . . . : Ja
   Autokonfiguration aktiviert . . . : Ja
   IP-Adresse. . . . . . . . . . . . : 10.71.0.38
   Subnetzmaske  . . . . . . . . . . : 255.255.255.252
   Standardgateway . . . . . . . . . : 10.71.0.37
   DHCP-Server . . . . . . . . . . . : 10.71.0.37
   DNS-Server  . . . . . . . . . . . : 10.10.10.21
   Lease erhalten  . . . . . . . . . : Montag, 2. April 2012 22:30:40
   Lease läuft ab  . . . . . . . . . : Dienstag, 2. April 2013 22:30:40

Ethernet-Adapter Intel (LAN):

   Verbindungsspezifisches DNS-Suffix: 
   Beschreibung  . . . . . . . . . . : Intel(R) Gigabit CT Desktop Adapter
   Physikalische Adresse . . . . . . : 68-0G-CA-06-46-BD
   DHCP aktiviert  . . . . . . . . . : Nein
   IP-Adresse. . . . . . . . . . . . : 192.168.1.1
   Subnetzmaske  . . . . . . . . . . : 255.255.255.0
   Standardgateway . . . . . . . . . : 

Ethernet-Adapter Realtek (WAN):

   Verbindungsspezifisches DNS-Suffix: 
   Beschreibung  . . . . . . . . . . : Realtek RTL8169/8110 Family Gigabit Ethernet NIC
   Physikalische Adresse . . . . . . : 00-1E-2A-DB-83-FA
   DHCP aktiviert  . . . . . . . . . : Nein
   IP-Adresse. . . . . . . . . . . . : 192.168.2.2
   Subnetzmaske  . . . . . . . . . . : 255.255.255.0
   Standardgateway . . . . . . . . . : 192.168.2.1
   DNS-Server  . . . . . . . . . . . : 208.67.222.222
I setup the VPN connection on my WHS as follows:

1.) Start OpenVPN GUI 1.0.3 with administrator rights.
2.) Right mouse click on OpenVPN icon in task menue to select server to connect to.
3.) Once connected I setup NAT via RRAS Setup Wizard to connect OpenVPN adapter to private network.

I contacted TUVPN.com already for a solution but I'm neither sure that their response is correct nor such manual workaround is want I'm looking for. They wrote:

> This is most likely happening due to the network routes getting
> corrupted pushed by OpenVPN at the client machine.
> This can be resolve by disabling and re-enabling the TAP adapter, this
> can be found control panel -> network and configuration -> change
> adapter settings -> and look for device name read as TAP-win32
> adapter (if it doesn't show please choose 'change your view' and
> select details)

The cable modem keeps connection to my ISP and does not show any failure or disconnects from my ISP. I tried WHS 2011 already with the same behaviour.

Any advise ?

Regards

Klaus F

Klaus F
OpenVpn Newbie
Posts: 6
Joined: Fri Nov 25, 2011 10:08 pm

Re: No Automatic Reconnect after Disconnect

Post by Klaus F » Thu Apr 19, 2012 7:44 pm

Hi,

I still have disconnects every couple of days. Isn't there anyone who could help why the VPN connection disconnects or why it doesn't reconnect automatically ?

Regards,

Klaus F

User avatar
Mimiko
Forum Team
Posts: 1568
Joined: Wed Sep 22, 2010 3:18 am

Re: No Automatic Reconnect after Disconnect

Post by Mimiko » Fri May 18, 2012 6:41 am

Cannot resolve host address: amsterdam1.tuvpn.com: [NO_DATA] The requested name is valid but does not have an IP address
This is a DNS issue. Use IP insteed. Also contact the TUVPN.com, as this is theirs problem.

Klaus F
OpenVpn Newbie
Posts: 6
Joined: Fri Nov 25, 2011 10:08 pm

Re: No Automatic Reconnect after Disconnect

Post by Klaus F » Fri May 18, 2012 2:33 pm

Hi,

I used IP already but no improvement. Anyway in the meanwhile I found a perfect piece of software, pfSense which I can run on a low power Atom hardware and still have the full VPN throughput. Since then no longer disconnects.

Thanks,

Klaus F

Post Reply