OpenVPN modem hangs (die) after successful connection to server

This forum is for general conversation and user-user networking.
Post Reply
xuanvinhilb
OpenVpn Newbie
Posts: 2
Joined: Mon May 02, 2016 5:04 am

OpenVPN modem hangs (die) after successful connection to server

Post by xuanvinhilb » Mon May 02, 2016 5:45 am

Hello everybody,

I am quite a new user of OpenVPN. I would like to establish a VPN Connection between my server (a PC with OpenVPN software behind the home wireless router) and a client (an industrial 3G modem - R3000 Robustel).

Everything is ok until the connection between the client and the server establish. Then, the modem seems hanging or repeatedly reboot.

Maybe it due to the configuration file?

The configuration file on the server side:

Code: Select all

;local a.b.c.d


port 1194

proto udp

dev tun

tun-mtu 1500

fragment 1200
mssfix 1200

dev-node MyTAP

ca ca.crt
cert server.crt
key server.key  # This file should be kept secret

dh dh1024.pem

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

keepalive 10 120

cipher BF-CBC        # Blowfish (default)

comp-lzo

max-clients 100

user nobody
group nobody

persist-key
persist-tun

status openvpn-status.log

verb 3
Ethernet configuration on the modem
Image

OpenVPN configuration on the modem
Image

Status on the modem right before hanging:

Code: Select all

70-01-01 07:00:10 <4> router: rtc read failed, errno (Invalid argument)
70-01-01 07:00:10 <0> router: rtc time is larger than 2037, so sytem time use firmware time
70-01-01 07:00:10 <0> router: set RTC time: 2016-01-18 09:16:11
70-01-01 07:00:10 <4> router: rtc set failed, errno (Invalid argument)
16-01-18 09:16:11 <0> router: Firmware version: 1.3.0 Jan 18 2016 09:16:13
16-01-18 09:16:12 <0> router: start dhcpd
16-01-18 09:16:19 <0> router: open /dev/ttyUSB0 successful!
16-01-18 09:16:20 <0> router: sent:ATE0
16-01-18 09:16:20 <0> router: rcvd:ATE0

OK
16-01-18 09:16:21 <0> router: sent:AT+CPIN?
16-01-18 09:16:21 <0> router: rcvd:
+CME ERROR: SIM busy
16-01-18 09:16:21 <3> router: failed 1/5 to check SIM card
16-01-18 09:16:26 <0> router: sent:AT+CPIN?
16-01-18 09:16:26 <0> router: rcvd:
+CPIN: READY

OK
16-01-18 09:16:27 <0> router: sent:AT+CFUN=0
16-01-18 09:16:28 <0> router: rcvd:
OK
16-01-18 09:16:29 <0> router: sent:AT+CFUN=1
16-01-18 09:16:30 <0> router: rcvd:
OK
16-01-18 09:16:31 <0> router: sent:AT^CURC=0
16-01-18 09:16:31 <0> router: rcvd:
OK
16-01-18 09:16:32 <0> router: sent:AT^SYSCFG=2,2,3FFFFFFF,1,2
16-01-18 09:16:32 <0> router: rcvd:
OK
16-01-18 09:16:37 <0> router: sent:AT+CSQ
16-01-18 09:16:37 <0> router: rcvd:
+CSQ: 17,99

OK
16-01-18 09:16:37 <0> router: sent:AT+CREG=2;+CREG?
16-01-18 09:16:37 <0> router: rcvd:
+CREG: 2,1,"56A4","D6CABE",2

OK
16-01-18 09:16:38 <0> router: sent:AT^SYSINFO
16-01-18 09:16:38 <0> router: rcvd:
^SYSINFO: 2,3,0,5,1,,4

OK
16-01-18 09:16:38 <0> router: network mode->3G UMTS
16-01-18 09:16:39 <0> router: sent:AT+COPS=3,2;+COPS?
16-01-18 09:16:39 <0> router: rcvd:
+COPS: 0,2,"45201",2

OK
16-01-18 09:16:39 <0> router: oper: Mobifone
16-01-18 09:16:39 <0> router: apn: m-wap
16-01-18 09:16:39 <0> router: userName: mms
16-01-18 09:16:39 <0> router: passwd: mms
16-01-18 09:16:39 <0> router: sent:AT+CGDCONT=1,"IP","m-wap"
16-01-18 09:16:40 <0> router: rcvd:
OK
16-01-18 09:16:40 <0> router: passed checking module!
16-01-18 09:16:40 <3> router: this modem don't support auto authentication, so to use CHAP
16-01-18 09:16:40 <0> router: sent:AT^NDISDUP=1,1,"m-wap","mms","@passwd",2
16-01-18 09:16:40 <0> router: rcvd:OK
16-01-18 09:16:47 <2> router: change network (Null)->(Cellular - up)
16-01-18 09:16:47 <0> router: system service starting...
16-01-18 09:16:49 <1> router: the cmdPort and the dataPort are the same
16-05-02 12:13:19 <0> router: sent:AT^SYSINFO
16-05-02 12:13:19 <0> router: rcvd:
^SYSINFO: 2,3,0,5,1,,4

OK
16-05-02 12:13:19 <0> router: network mode->3G UMTS
16-05-02 12:13:21 <0> router: set RTC time: 2016-05-02 12:13:18
16-05-02 12:13:22 <0> router: openvpn client 0 start up.
16-05-02 12:13:22 <1> OpenVPN: OpenVPN 2.2.2 arm-linux [SSL] [LZO2] [EPOLL] [eurephia] built on Apr 27 2015
16-05-02 12:13:22 <3> OpenVPN: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
16-05-02 12:13:22 <3> OpenVPN: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
16-05-02 12:13:22 <3> OpenVPN: WARNING: file '/cfg/x509/openvpn/client_0/client.key' is group or others accessible
16-05-02 12:13:22 <1> OpenVPN: LZO compression initialized
16-05-02 12:13:22 <1> OpenVPN: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
16-05-02 12:13:22 <1> OpenVPN: UDPv4 link local: [undef]
16-05-02 12:13:22 <1> OpenVPN: UDPv4 link remote: 115.76.118.197:1194
16-05-02 12:13:28 <1> OpenVPN: [server] Peer Connection Initiated with 115.76.118.197:1194
16-05-02 12:13:30 <1> OpenVPN: TUN/TAP device tun0 opened
16-05-02 12:13:30 <1> OpenVPN: /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500
16-05-02 12:13:30 <1> OpenVPN: Send current status message[msg=module=OpenVPN_Tunnel_1;action=up;vLocal=10.8.0.6;vRemote=10.8.0.5;msgend=1].
16-05-02 12:13:30 <1> OpenVPN: GID set to root
16-05-02 12:13:30 <1> OpenVPN: UID set to root
16-05-02 12:13:30 <1> OpenVPN: Initialization Sequence Completed
16-05-02 12:13:32 <0> router: force to stop openvpn_c0
16-05-02 12:13:32 <4> OpenVPN: event_wait : Interrupted system call (code=4)
16-05-02 12:13:32 <1> OpenVPN: Send current status message[msg=module=OpenVPN_Tunnel_1;action=down;msgend=1].
16-05-02 12:13:32 <1> OpenVPN: /sbin/ifconfig tun0 0.0.0.0
16-05-02 12:13:32 <1> OpenVPN: SIGTERM[hard,] received, process exiting
16-05-02 12:13:32 <1> OpenVPN: Send current status message[msg=module=OpenVPN_Tunnel_1;action=exit;msgend=1].
16-05-02 12:13:35 <0> router: openvpn client 0 start up.
16-05-02 12:13:35 <1> OpenVPN: OpenVPN 2.2.2 arm-linux [SSL] [LZO2] [EPOLL] [eurephia] built on Apr 27 2015
16-05-02 12:13:35 <3> OpenVPN: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
16-05-02 12:13:35 <3> OpenVPN: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
16-05-02 12:13:35 <3> OpenVPN: WARNING: file '/cfg/x509/openvpn/client_0/client.key' is group or others accessible
16-05-02 12:13:35 <1> OpenVPN: LZO compression initialized
16-05-02 12:13:35 <1> OpenVPN: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
16-05-02 12:13:35 <1> OpenVPN: UDPv4 link local: [undef]
16-05-02 12:13:35 <1> OpenVPN: UDPv4 link remote: 115.76.118.197:1194
16-05-02 12:13:37 <1> OpenVPN: [server] Peer Connection Initiated with 115.76.118.197:1194
Status on the server:

Code: Select all

Mon May 02 12:13:15 2016 NOTE: --user option is not implemented on Windows
Mon May 02 12:13:15 2016 NOTE: --group option is not implemented on Windows
Mon May 02 12:13:15 2016 OpenVPN 2.3.10 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Mar 10 2016
Mon May 02 12:13:15 2016 Windows version 6.1 (Windows 7)
Mon May 02 12:13:15 2016 library versions: OpenSSL 1.0.1s  1 Mar 2016, LZO 2.09
Mon May 02 12:13:15 2016 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon May 02 12:13:15 2016 Need hold release from management interface, waiting...
Mon May 02 12:13:16 2016 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon May 02 12:13:16 2016 MANAGEMENT: CMD 'state on'
Mon May 02 12:13:16 2016 MANAGEMENT: CMD 'log all on'
Mon May 02 12:13:16 2016 MANAGEMENT: CMD 'hold off'
Mon May 02 12:13:16 2016 MANAGEMENT: CMD 'hold release'
Mon May 02 12:13:16 2016 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x.  Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Mon May 02 12:13:16 2016 Diffie-Hellman initialized with 1024 bit key
Mon May 02 12:13:16 2016 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon May 02 12:13:16 2016 ROUTE_GATEWAY 192.168.1.100/255.255.255.0 I=10 HWADDR=d0:67:e5:0a:1c:2b
Mon May 02 12:13:16 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon May 02 12:13:16 2016 MANAGEMENT: >STATE:1462165996,ASSIGN_IP,,10.8.0.1,
Mon May 02 12:13:16 2016 open_tun, tt->ipv6=0
Mon May 02 12:13:16 2016 TAP-WIN32 device [MyTAP] opened: \\.\Global\{5D2B8B6E-05EC-47AC-9599-9C74C178E3AA}.tap
Mon May 02 12:13:16 2016 TAP-Windows Driver Version 9.21 
Mon May 02 12:13:16 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {5D2B8B6E-05EC-47AC-9599-9C74C178E3AA} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
Mon May 02 12:13:16 2016 Sleeping for 10 seconds...
Mon May 02 12:13:26 2016 Successful ARP Flush on interface [15] {5D2B8B6E-05EC-47AC-9599-9C74C178E3AA}
Mon May 02 12:13:26 2016 MANAGEMENT: >STATE:1462166006,ADD_ROUTES,,,
Mon May 02 12:13:26 2016 C:\Windows\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Mon May 02 12:13:26 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Mon May 02 12:13:26 2016 Route addition via IPAPI succeeded [adaptive]
Mon May 02 12:13:26 2016 UDPv4 link local (bound): [undef]
Mon May 02 12:13:26 2016 UDPv4 link remote: [undef]
Mon May 02 12:13:26 2016 MULTI: multi_init called, r=256 v=256
Mon May 02 12:13:26 2016 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Mon May 02 12:13:26 2016 ifconfig_pool_read(), in='client01,10.8.0.4', TODO: IPv6
Mon May 02 12:13:26 2016 succeeded -> ifconfig_pool_set()
Mon May 02 12:13:26 2016 IFCONFIG POOL LIST
Mon May 02 12:13:26 2016 client01,10.8.0.4
Mon May 02 12:13:26 2016 Initialization Sequence Completed
Mon May 02 12:13:26 2016 MANAGEMENT: >STATE:1462166006,CONNECTED,SUCCESS,10.8.0.1,
Mon May 02 12:13:26 2016 113.187.16.80:20305 TLS: Initial packet from [AF_INET]113.187.16.80:20305, sid=20027cf2 cdaba7e9
Mon May 02 12:13:28 2016 113.187.16.80:20305 VERIFY OK: depth=1, C=VN, ST=HCM, L=HCM, O=OpenVPN, OU=OpenVPN, CN=OpenVPN-ITS, name=OpenVPN, emailAddress=itsserver@hcmut.edu.vn
Mon May 02 12:13:28 2016 113.187.16.80:20305 VERIFY OK: depth=0, C=VN, ST=HCM, L=HCM, O=OpenVPN, OU=OpenVPN, CN=client01, name=OpenVPN, emailAddress=itsserver@hcmut.edu.vn
Mon May 02 12:13:28 2016 113.187.16.80:20305 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon May 02 12:13:28 2016 113.187.16.80:20305 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May 02 12:13:28 2016 113.187.16.80:20305 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon May 02 12:13:28 2016 113.187.16.80:20305 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May 02 12:13:28 2016 113.187.16.80:20305 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon May 02 12:13:28 2016 113.187.16.80:20305 [client01] Peer Connection Initiated with [AF_INET]113.187.16.80:20305
Mon May 02 12:13:28 2016 client01/113.187.16.80:20305 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Mon May 02 12:13:28 2016 client01/113.187.16.80:20305 MULTI: Learn: 10.8.0.6 -> client01/113.187.16.80:20305
Mon May 02 12:13:28 2016 client01/113.187.16.80:20305 MULTI: primary virtual IP for client01/113.187.16.80:20305: 10.8.0.6
Mon May 02 12:13:30 2016 client01/113.187.16.80:20305 PUSH: Received control message: 'PUSH_REQUEST'
Mon May 02 12:13:30 2016 client01/113.187.16.80:20305 send_push_reply(): safe_cap=940
Mon May 02 12:13:30 2016 client01/113.187.16.80:20305 SENT CONTROL [client01]: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Mon May 02 12:13:36 2016 113.187.16.80:10983 TLS: Initial packet from [AF_INET]113.187.16.80:10983, sid=608babcf 4e118cc0
Mon May 02 12:13:37 2016 113.187.16.80:10983 VERIFY OK: depth=1, C=VN, ST=HCM, L=HCM, O=OpenVPN, OU=OpenVPN, CN=OpenVPN-ITS, name=OpenVPN, emailAddress=itsserver@hcmut.edu.vn
Mon May 02 12:13:37 2016 113.187.16.80:10983 VERIFY OK: depth=0, C=VN, ST=HCM, L=HCM, O=OpenVPN, OU=OpenVPN, CN=client01, name=OpenVPN, emailAddress=itsserver@hcmut.edu.vn
Mon May 02 12:13:37 2016 113.187.16.80:10983 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon May 02 12:13:37 2016 113.187.16.80:10983 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May 02 12:13:37 2016 113.187.16.80:10983 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon May 02 12:13:37 2016 113.187.16.80:10983 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May 02 12:13:37 2016 113.187.16.80:10983 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon May 02 12:13:37 2016 113.187.16.80:10983 [client01] Peer Connection Initiated with [AF_INET]113.187.16.80:10983
Mon May 02 12:13:37 2016 MULTI: new connection by client 'client01' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Mon May 02 12:13:37 2016 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Mon May 02 12:13:37 2016 MULTI: Learn: 10.8.0.6 -> client01/113.187.16.80:10983
Mon May 02 12:13:37 2016 MULTI: primary virtual IP for client01/113.187.16.80:10983: 10.8.0.6
Mon May 02 12:13:40 2016 client01/113.187.16.80:10983 PUSH: Received control message: 'PUSH_REQUEST'
Mon May 02 12:13:40 2016 client01/113.187.16.80:10983 send_push_reply(): safe_cap=940
Mon May 02 12:13:40 2016 client01/113.187.16.80:10983 SENT CONTROL [client01]: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: OpenVPN modem hangs (die) after successful connection to server

Post by Traffic » Mon May 02, 2016 12:08 pm

xuanvinhilb wrote:Everything is ok until the connection between the client and the server establish. Then, the modem seems hanging or repeatedly reboot
Try using --proto tcp and let us know if the same problem occurs.

xuanvinhilb
OpenVpn Newbie
Posts: 2
Joined: Mon May 02, 2016 5:04 am

Re: OpenVPN modem hangs (die) after successful connection to server

Post by xuanvinhilb » Tue May 03, 2016 1:23 am

I did tried using proto tcp before. It was the same result.

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: OpenVPN modem hangs (die) after successful connection to server

Post by Traffic » Tue May 03, 2016 11:25 am

Sounds like the modem is faulty ..

justbit
OpenVpn Newbie
Posts: 1
Joined: Tue Oct 02, 2018 11:08 am

Re: OpenVPN modem hangs (die) after successful connection to server

Post by justbit » Tue Oct 16, 2018 7:05 am

Did you manage to resolve this issue ?

Post Reply