IPVanish -- multiple tun devices created

This forum is for general conversation and user-user networking.
Post Reply
richard-g8jvm
OpenVpn Newbie
Posts: 3
Joined: Tue Apr 24, 2018 11:34 am

IPVanish -- multiple tun devices created

Post by richard-g8jvm » Tue Apr 24, 2018 12:11 pm

Hi
I'm new to the forum and openvpn.
Using it as a client on a Odroid C2 64bit SBC, a bit like a rasp Pi3
I'm using an ipvanish server and their startup script

Code: Select all

client
dev tun
proto udp
remote XXXXXX.ipvanish.com 443
resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip
ca ca.ipvanish.com.crt
verify-x509-name XXXXXXX.ipvanish.com name
auth-user-pass /etc/openvpn/passtore
comp-lzo
verb 3
auth SHA256

About 50% of the time it connects to the server without a hitch, and only one tun device is created.
But the rest of the time its does not connect cleanly and a second tun device is created and used.
It is reconnecting every 60 mins, and after several hours reverts back to tun0 and the routing fails.

Looking back at journalctl, I can see tun0 in use then there are 12 unsuccessful push requests

Code: Select all

Apr 23 20:02:30 odroid64 ovpn-ipvanish_Franka21[620]: No reply from server after sending 12 push requests
Apr 23 20:02:30 odroid64 ovpn-ipvanish_Franka21[620]: SIGUSR1[soft,no-push-reply] received, process restarting
Apr 23 20:02:30 odroid64 ovpn-ipvanish_Franka21[620]: Restart pause, 2 second(
At that point it restarts and creates tun1

Is there anyway I can change the client script so that on a restart from a push failure all tun devices are pulled down, so that
it always uses tun0. ?
Also I'm left with two default routes which forces ntpd to use the vpn
TIA
Richard

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4631
Joined: Fri Jun 03, 2016 1:17 pm

Re: IPVanish -- multiple tun devices created

Post by TinCanTech » Tue Apr 24, 2018 3:09 pm

Try removing the --persist-* options ..

richard-g8jvm
OpenVpn Newbie
Posts: 3
Joined: Tue Apr 24, 2018 11:34 am

Re: IPVanish -- multiple tun devices created

Post by richard-g8jvm » Tue Apr 24, 2018 3:20 pm

Hi.
I read through the manual and wondered about that.
what is the character at the start of a line in a .ovpn config file to indicate a comment ?
is it ; or #
thanks

richard-g8jvm
OpenVpn Newbie
Posts: 3
Joined: Tue Apr 24, 2018 11:34 am

Re: IPVanish -- multiple tun devices created

Post by richard-g8jvm » Tue Apr 24, 2018 7:08 pm

Hi

removing the persist-tun helped
But I have found the culprit
This little SBC does not have a HW clock, and is relies on ntp,
So when the computer is started the date is either FEB11 2016 or however long it takes to boot up on a reboot,
then it takes a few seconds for the system clock to be updated
So that explains the cert not yet in date

So ideally it needs a delay before the client script is run
it doesn't understand SLEEP commands.

Is there any way of putting a 5 sec delay at the start of the client script, ???

TIA

Post Reply