OpenVPN GUI Reconnection
-
- OpenVpn Newbie
- Posts: 8
- Joined: Fri Apr 20, 2018 1:05 pm
OpenVPN GUI Reconnection
Hello,
We've recently moved from OpenVPN connect to OpenVPN GUI so we can have duplicate VPN's running at the same time. OpenVPN GUI works as expected however if I'm connected to the VPN then it disconnects due to a local network issue, it will not reconnect and I get the errors below in the log file. If I close the OpenVPN GUI window and then reconnect it works fine, is there a fix for this?
Fri Sep 14 14:59:00 2018 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1550', remote='link-mtu 1558'
Fri Sep 14 14:59:00 2018 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-GCM', remote='cipher AES-256-CBC'
Fri Sep 14 14:59:00 2018 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
Fri Sep 14 14:59:00 2018 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Fri Sep 14 14:59:00 2018 [OpenVPN Server] Peer Connection Initiated with [AF_INET]134.213.52.17:4096
Fri Sep 14 14:59:01 2018 MANAGEMENT: >STATE:1536933541,GET_CONFIG,,,,,,
Fri Sep 14 14:59:01 2018 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST' (status=1)
Fri Sep 14 14:59:01 2018 AUTH: Received control message: AUTH_FAILED
Fri Sep 14 14:59:01 2018 SIGUSR1[soft,auth-failure] received, process restarting
Fri Sep 14 14:59:01 2018 MANAGEMENT: >STATE:1536933541,RECONNECTING,auth-failure,,,,,
Fri Sep 14 14:59:01 2018 Restart pause, 5 second(s)
We've recently moved from OpenVPN connect to OpenVPN GUI so we can have duplicate VPN's running at the same time. OpenVPN GUI works as expected however if I'm connected to the VPN then it disconnects due to a local network issue, it will not reconnect and I get the errors below in the log file. If I close the OpenVPN GUI window and then reconnect it works fine, is there a fix for this?
Fri Sep 14 14:59:00 2018 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1550', remote='link-mtu 1558'
Fri Sep 14 14:59:00 2018 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-GCM', remote='cipher AES-256-CBC'
Fri Sep 14 14:59:00 2018 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
Fri Sep 14 14:59:00 2018 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Fri Sep 14 14:59:00 2018 [OpenVPN Server] Peer Connection Initiated with [AF_INET]134.213.52.17:4096
Fri Sep 14 14:59:01 2018 MANAGEMENT: >STATE:1536933541,GET_CONFIG,,,,,,
Fri Sep 14 14:59:01 2018 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST' (status=1)
Fri Sep 14 14:59:01 2018 AUTH: Received control message: AUTH_FAILED
Fri Sep 14 14:59:01 2018 SIGUSR1[soft,auth-failure] received, process restarting
Fri Sep 14 14:59:01 2018 MANAGEMENT: >STATE:1536933541,RECONNECTING,auth-failure,,,,,
Fri Sep 14 14:59:01 2018 Restart pause, 5 second(s)
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: OpenVPN GUI Reconnection
I don't think there's a fix for that in open source version at this time, but I believe it is getting some attention soon. For now go to Advanced VPN and set the TLS renew to a higher value so this problem occurs less. The OpenVPN Connect Client latest version has a fix for this issue built in.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: OpenVPN GUI Reconnection
Hm maybe I'm jumping the gun here. I thought I saw something about this come by earlier but I'm trying to reproduce this now but I'm not quite able to. I'm trying to mess up my configuration pretty badly to try and get what you're seeing, but it seems to be working okay. What software is being used exactly on the server and the client side, like version numbers and such? Do you have any configuration details?
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
-
- OpenVpn Newbie
- Posts: 8
- Joined: Fri Apr 20, 2018 1:05 pm
Re: OpenVPN GUI Reconnection
Hello,
Thanks for the response, I'm using the following;
OpenVPN 2.4.6
Access Server version: 2.5.2
What configuration details specifically do you require?
Thanks for the response, I'm using the following;
OpenVPN 2.4.6
Access Server version: 2.5.2
What configuration details specifically do you require?
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: OpenVPN GUI Reconnection
I am using that exact same configuration and cannot reproduce the problem here. For example, what TLS setting are you using, what is your security refresh set at, do you have TLS authentication enabled, and did you do anything else to the server that you can recall that could have an influence on the connection?
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
-
- OpenVpn Newbie
- Posts: 8
- Joined: Fri Apr 20, 2018 1:05 pm
Re: OpenVPN GUI Reconnection
Hmmmm that's a pain.
I'm using TLS 1.2 for both
vpn.server.tls_auth','true'
vpn.tls_refresh.interval','360'
'vpn.server.tls_version_min','1.2'
'vpn.tls_refresh.do_reauth','true'
'cs.tls_version_min','1.2'
I haven't change anything on the server that I believe might influence the connection, infact I've only changed the default GUI options. It's just a weird problem as it connects in fine the first time but the re-connection fails. You mentioned you saw something about this earlier? Was someone else having the same issue?
I'm using TLS 1.2 for both
vpn.server.tls_auth','true'
vpn.tls_refresh.interval','360'
'vpn.server.tls_version_min','1.2'
'vpn.tls_refresh.do_reauth','true'
'cs.tls_version_min','1.2'
I haven't change anything on the server that I believe might influence the connection, infact I've only changed the default GUI options. It's just a weird problem as it connects in fine the first time but the re-connection fails. You mentioned you saw something about this earlier? Was someone else having the same issue?
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: OpenVPN GUI Reconnection
There was an issue with OpenVPN Connect Client that didn't do TLS refresh properly. That was fixed. Produced a similar, but not exactly the same, error. That was fixed in code.
But open source 2.4.6 on AS 2.5.2 - that just works. Those settings you posted, those are the default. That just works here, even if I set the TLS refresh at something like 2 minutes.
Did you download the connection profile from the AS web interface and load it into the config folder on the client?
But open source 2.4.6 on AS 2.5.2 - that just works. Those settings you posted, those are the default. That just works here, even if I set the TLS refresh at something like 2 minutes.
Did you download the connection profile from the AS web interface and load it into the config folder on the client?
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: OpenVPN GUI Reconnection
I think I was just able to reproduce the problem by breaking the network connection - I'll see if I can get this to someone that knows what to do to try and fix it!
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
-
- OpenVpn Newbie
- Posts: 8
- Joined: Fri Apr 20, 2018 1:05 pm
Re: OpenVPN GUI Reconnection
Amazing, thank you!
-
- OpenVpn Newbie
- Posts: 8
- Joined: Fri Apr 20, 2018 1:05 pm
Re: OpenVPN GUI Reconnection
Any update on this?
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: OpenVPN GUI Reconnection
Yes, a patch was submitted for this bug a few days ago, so it looks like when a new version of OpenVPN open source comes out, this issue will be resolved.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
-
- OpenVpn Newbie
- Posts: 8
- Joined: Fri Apr 20, 2018 1:05 pm
Re: OpenVPN GUI Reconnection
Excellent, thanks for your help.