Openvpn problem with mobile router disconnection every 4 hours

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
etantonio
OpenVPN User
Posts: 27
Joined: Tue Jul 10, 2018 1:31 pm

Openvpn problem with mobile router disconnection every 4 hours

Post by etantonio » Mon May 03, 2021 3:45 pm

Hi,
I've a connection between an openVPN server on the cloud and an openVPN client installed on a mobile router using a WindTre SIM.
The problem is that the windTre SIM disconnects every for hours for some second (to change IP address) and this cause openvpn to fall and the openvpn reconnection happens after 17 minutes, this is really too much, is there some option to avoid this ugly behaviour ?

these are the configuration on both sides:

Server Config

port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "route 172.18.0.0 255.255.0.0"
client-config-dir ccd
route 172.18.0.0 255.255.0.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC
auth SHA512
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
verb 5
explicit-exit-notify 1
management localhost 7505


the client configuration instead is:
Client Config

config openvpn 'ClientRoutedPTPVPN'
option nobind '1'
option dev 'tun0'
option comp_lzo 'yes'
option persist_tun '1'
option persist_key '1'
option client '1'
option pull '1'
option Username 'admin'
option Password '____'
option remote 'XXX.YYY.ZZZ.WWW'
option remote_random '0'
option proto 'udp'
option resolv_retry 'infinite'
option auth 'SHA512'
option cipher 'AES-256-CBC'
option ca '/lib/uci/upload/cbid.openvpn.ClientRoutedPTPVPN.ca'
option cert '/lib/uci/upload/cbid.openvpn.ClientRoutedPTPVPN.cert'
option key '/lib/uci/upload/cbid.openvpn.ClientRoutedPTPVPN.key'
option tls_auth '/etc/openvpn/tlsauth.key 1'
option enable '1'
option verb '4'
option reneg_sec '0'

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 9018
Joined: Fri Jun 03, 2016 1:17 pm

Re: Openvpn problem with mobile router disconnection every 4 hours

Post by TinCanTech » Mon May 03, 2021 4:16 pm

etantonio wrote:
Mon May 03, 2021 3:45 pm
The problem is that the windTre SIM disconnects every for hours for some second (to change IP address) and this cause openvpn to fall and the openvpn reconnection happens after 17 minutes,
There is obviously some other problem because that is not how Openvpn behaves.

Please post your server and client log at --verb 4, as per these instructions:
viewtopic.php?f=30&t=22603#p68963

etantonio
OpenVPN User
Posts: 27
Joined: Tue Jul 10, 2018 1:31 pm

Re: Openvpn problem with mobile router disconnection every 4 hours

Post by etantonio » Tue May 04, 2021 1:31 pm

you're right, the problem is not on Openvpn, it restarts correctly after about 40 seconds, the problem is with the application software that remain freezed due to this lost of connection. I will check if it is possible to modify the software but otherwise is there some chance to hide the disconnection on openvpn? I know, it could be a workaround but if available it will solve imediately my problem.
Thanks
Antonio

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 9018
Joined: Fri Jun 03, 2016 1:17 pm

Re: Openvpn problem with mobile router disconnection every 4 hours

Post by TinCanTech » Tue May 04, 2021 3:03 pm

If what you are describing is correct then Openvpn will not disconnect, it will --float.

etantonio
OpenVPN User
Posts: 27
Joined: Tue Jul 10, 2018 1:31 pm

Re: Openvpn problem with mobile router disconnection every 4 hours

Post by etantonio » Tue May 04, 2021 4:15 pm

it is the IP address of the client that changes,
-float seems to be associated with the client configuration

–float
Allow remote peer to change its IP address and/or port number, such as due to DHCP (this is the default if –remote is not used). –float when specified with –remote allows an OpenVPN session to initially connect to a peer at a known address, however if packets arrive from a new address and pass all authentication tests, the new address will take control of the session. This is useful when you are connecting to a peer which holds a dynamic address such as a dial-in user or DHCP client.Essentially, –float tells OpenVPN to accept authenticated packets from any address, not only the address which was specified in the –remote option.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 9018
Joined: Fri Jun 03, 2016 1:17 pm

Re: Openvpn problem with mobile router disconnection every 4 hours

Post by TinCanTech » Tue May 04, 2021 5:23 pm

etantonio wrote:
Tue May 04, 2021 4:15 pm
it is the IP address of the client that changes
I know.

300000
OpenVPN Expert
Posts: 510
Joined: Tue May 01, 2012 9:30 pm

Re: Openvpn problem with mobile router disconnection every 4 hours

Post by 300000 » Wed May 05, 2021 10:01 pm

you need add this into client so it can reconnection for you from lose connection.

"remap-usr1 SIGHUP"

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 9018
Joined: Fri Jun 03, 2016 1:17 pm

Re: Openvpn problem with mobile router disconnection every 4 hours

Post by TinCanTech » Wed May 05, 2021 10:11 pm

That's a hopeful waste of time ..

Post Reply