openvpn openwrt keeps disconnecting

d00lar · Post by **d00lar** » Mon May 30, 2022 11:40 am

hello
im tryying set up openvpn server on my openwrt on xiaomi ac2350
i was folowing this tutorial
https://eko.one.pl/?p=openwrt-openvpntun

so i have

Server Config

config openvpn 'home'
option enabled '1'
option dev 'tun0'
option port '1194'
option proto 'udp'
option log '/tmp/openvpn.log'
option verb '3'
option ca '/etc/openvpn/ca.crt'
option cert '/etc/openvpn/serwer.crt'
option key '/etc/openvpn/serwer.key'
option server '192.168.8.0 255.255.255.0'
option topology 'subnet'
option dh '/etc/openvpn/dh.pem'

my .ovpn file

Code: Select all

user nobody
group nogroup
dev tun
nobind
client
remote xxxxxxx.freeddns.org 1194 udp
auth-nocache
remote-cert-tls server

<key>
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDlJexyhr7N1eme
.....
-----END PRIVATE KEY-----
</key>
<cert>
-----BEGIN CERTIFICATE-----
MIIDSDCCAjCgAwIBAgIQJEl8vgckTldoitn4LXXqNzANBgkqhkiG9w0BAQsFADAQ
......
-----END CERTIFICATE-----
</cert>
<ca>
-----BEGIN CERTIFICATE-----
MIIDOTCCAiGgAwIBAgIURgnablGk8y64/z/p7fPVvmIBZc0wDQYJKoZIhvcNAQEL
.....
-----END CERTIFICATE-----
</ca>

outcome is that android client is connecting and reconnecting after while (on whatismyip i see my phone operator ip even when it 'looks' connected before next reconnect)

here are logs from z /tmp/openvpn.log

Code: Select all

2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:8944, sid=e3a79a82 21d9cabd
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 VERIFY OK: depth=1, CN=domek
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 VERIFY OK: depth=0, CN=client
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 peer info: IV_VER=3.git::d3f8b18b:Release
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 peer info: IV_PLAT=android
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 peer info: IV_NCP=2
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 peer info: IV_TCPNL=1
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 peer info: IV_PROTO=30
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:BF-CBC
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 peer info: IV_AUTO_SESS=1
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 peer info: IV_SSO=webauth,openurl
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 peer info: IV_BS64DL=1
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2022-05-30 09:07:09 xxx.xxx.xxx.xxx:8944 [client] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:8944
2022-05-30 09:07:09 MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
2022-05-30 09:07:09 MULTI_sva: pool returned IPv4=192.168.8.2, IPv6=(Not enabled)
2022-05-30 09:07:09 MULTI: Learn: 192.168.8.2 -> client/xxx.xxx.xxx.xxx:8944
2022-05-30 09:07:09 MULTI: primary virtual IP for client/xxx.xxx.xxx.xxx:8944: 192.168.8.2
2022-05-30 09:07:09 Data Channel: using negotiated cipher 'AES-256-GCM'
2022-05-30 09:07:09 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-05-30 09:07:09 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-05-30 09:07:09 SENT CONTROL [client]: 'PUSH_REPLY,route-gateway 192.168.8.1,topology subnet,ifconfig 192.168.8.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
2022-05-30 09:07:09 client/xxx.xxx.xxx.xxx:8944 PUSH: Received control message: 'PUSH_REQUEST'
2022-05-30 09:07:53 xxx.xxx.xxx.xxx:19959 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:19959, sid=8e335229 957cd3d0
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 VERIFY OK: depth=1, CN=domek
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 VERIFY OK: depth=0, CN=client
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 peer info: IV_VER=3.git::d3f8b18b:Release
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 peer info: IV_PLAT=android
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 peer info: IV_NCP=2
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 peer info: IV_TCPNL=1
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 peer info: IV_PROTO=30
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:BF-CBC
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 peer info: IV_AUTO_SESS=1
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 peer info: IV_SSO=webauth,openurl
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 peer info: IV_BS64DL=1
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2022-05-30 09:07:54 xxx.xxx.xxx.xxx:19959 [client] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:19959
2022-05-30 09:07:54 MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
2022-05-30 09:07:54 MULTI_sva: pool returned IPv4=192.168.8.2, IPv6=(Not enabled)
2022-05-30 09:07:54 MULTI: Learn: 192.168.8.2 -> client/xxx.xxx.xxx.xxx:19959
2022-05-30 09:07:54 MULTI: primary virtual IP for client/xxx.xxx.xxx.xxx:19959: 192.168.8.2
2022-05-30 09:07:54 Data Channel: using negotiated cipher 'AES-256-GCM'
2022-05-30 09:07:54 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-05-30 09:07:54 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-05-30 09:07:54 SENT CONTROL [client]: 'PUSH_REPLY,route-gateway 192.168.8.1,topology subnet,ifconfig 192.168.8.2 255.255.255.0,peer-id 1,cipher AES-256-GCM' (status=1)
2022-05-30 09:07:54 client/xxx.xxx.xxx.xxx:19959 PUSH: Received control message: 'PUSH_REQUEST'
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:21076, sid=0486b049 3a696dd1
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 VERIFY OK: depth=1, CN=domek
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 VERIFY OK: depth=0, CN=client
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 peer info: IV_VER=3.git::d3f8b18b:Release
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 peer info: IV_PLAT=android
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 peer info: IV_NCP=2
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 peer info: IV_TCPNL=1
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 peer info: IV_PROTO=30
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:BF-CBC
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 peer info: IV_AUTO_SESS=1
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 peer info: IV_SSO=webauth,openurl
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 peer info: IV_BS64DL=1
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2022-05-30 09:10:01 xxx.xxx.xxx.xxx:21076 [client] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:21076
2022-05-30 09:10:01 MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
2022-05-30 09:10:01 MULTI_sva: pool returned IPv4=192.168.8.2, IPv6=(Not enabled)
2022-05-30 09:10:01 MULTI: Learn: 192.168.8.2 -> client/xxx.xxx.xxx.xxx:21076
2022-05-30 09:10:01 MULTI: primary virtual IP for client/xxx.xxx.xxx.xxx:21076: 192.168.8.2
2022-05-30 09:10:01 Data Channel: using negotiated cipher 'AES-256-GCM'
2022-05-30 09:10:01 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-05-30 09:10:01 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-05-30 09:10:01 SENT CONTROL [client]: 'PUSH_REPLY,route-gateway 192.168.8.1,topology subnet,ifconfig 192.168.8.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
2022-05-30 09:10:01 client/xxx.xxx.xxx.xxx:21076 PUSH: Received control message: 'PUSH_REQUEST'
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:12448, sid=eedd6cb1 db18ca5f
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 VERIFY OK: depth=1, CN=domek
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 VERIFY OK: depth=0, CN=client
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 peer info: IV_VER=3.git::d3f8b18b:Release
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 peer info: IV_PLAT=android
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 peer info: IV_NCP=2
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 peer info: IV_TCPNL=1
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 peer info: IV_PROTO=30
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:BF-CBC
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 peer info: IV_AUTO_SESS=1
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 peer info: IV_SSO=webauth,openurl
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 peer info: IV_BS64DL=1
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2022-05-30 09:10:44 xxx.xxx.xxx.xxx:12448 [client] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:12448
2022-05-30 09:10:44 MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
2022-05-30 09:10:44 MULTI_sva: pool returned IPv4=192.168.8.2, IPv6=(Not enabled)
2022-05-30 09:10:44 MULTI: Learn: 192.168.8.2 -> client/xxx.xxx.xxx.xxx:12448
2022-05-30 09:10:44 MULTI: primary virtual IP for client/xxx.xxx.xxx.xxx:12448: 192.168.8.2
2022-05-30 09:10:44 Data Channel: using negotiated cipher 'AES-256-GCM'
2022-05-30 09:10:44 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-05-30 09:10:44 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-05-30 09:10:44 SENT CONTROL [client]: 'PUSH_REPLY,route-gateway 192.168.8.1,topology subnet,ifconfig 192.168.8.2 255.255.255.0,peer-id 1,cipher AES-256-GCM' (status=1)
2022-05-30 09:10:44 client/xxx.xxx.xxx.xxx:12448 PUSH: Received control message: 'PUSH_REQUEST'
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:11703, sid=2a8cfca3 bb14a7d7
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 VERIFY OK: depth=1, CN=domek
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 VERIFY OK: depth=0, CN=client
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 peer info: IV_VER=3.git::d3f8b18b:Release
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 peer info: IV_PLAT=android
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 peer info: IV_NCP=2
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 peer info: IV_TCPNL=1
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 peer info: IV_PROTO=30
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:BF-CBC
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 peer info: IV_AUTO_SESS=1
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 peer info: IV_SSO=webauth,openurl
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 peer info: IV_BS64DL=1
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2022-05-30 09:11:26 xxx.xxx.xxx.xxx:11703 [client] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:11703
2022-05-30 09:11:26 MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
2022-05-30 09:11:26 MULTI_sva: pool returned IPv4=192.168.8.2, IPv6=(Not enabled)
2022-05-30 09:11:26 MULTI: Learn: 192.168.8.2 -> client/xxx.xxx.xxx.xxx:11703
2022-05-30 09:11:26 MULTI: primary virtual IP for client/xxx.xxx.xxx.xxx:11703: 192.168.8.2
2022-05-30 09:11:26 Data Channel: using negotiated cipher 'AES-256-GCM'
2022-05-30 09:11:26 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-05-30 09:11:26 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-05-30 09:11:26 SENT CONTROL [client]: 'PUSH_REPLY,route-gateway 192.168.8.1,topology subnet,ifconfig 192.168.8.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
2022-05-30 09:11:26 client/xxx.xxx.xxx.xxx:11703 PUSH: Received control message: 'PUSH_REQUEST'
2022-05-30 09:11:35 client/xxx.xxx.xxx.xxx:11703 SIGTERM[soft,remote-exit] received, client-instance exiting

windows client is the same- reconnecting after while and whatsmyip - also my carier operators ip - not my home ip (while connected / before next reconnect).
windows logs:

Code: Select all


[May 30, 2022, 10:08:47] OpenVPN core 3.git::d3f8b18b win x86_64 64-bit built on Mar 17 2022 11:42:02
[May 30, 2022, 10:08:48] Frame=512/2048/512 mssfix-ctrl=1250
[May 30, 2022, 10:08:48] UNUSED OPTIONS
0 [user] [nobody]
1 [group] [nogroup]
3 [nobind]
6 [auth-nocache]
[May 30, 2022, 10:08:48] EVENT: RESOLVE ⏎[May 30, 2022, 10:08:48] Contacting xxx.xxx.xxx.xxx:1194 via UDP
[May 30, 2022, 10:08:48] EVENT: WAIT ⏎[May 30, 2022, 10:08:48] WinCommandAgent: transmitting bypass route to xxx.xxx.xxx.xxx
{
    "host" : "xxx.xxx.xxx.xxx",
    "ipv6" : false
}

[May 30, 2022, 10:08:48] Connecting to [xxxxxx.freeddns.org]:1194 (xxx.xxx.xxx.xxx) via UDPv4
[May 30, 2022, 10:08:57] Server poll timeout, trying next remote entry...
[May 30, 2022, 10:08:57] EVENT: RECONNECTING ⏎[May 30, 2022, 10:08:57] EVENT: RESOLVE ⏎[May 30, 2022, 10:08:58] Contacting xxx.xxx.xxx.xxx:1194 via UDP
[May 30, 2022, 10:08:58] EVENT: WAIT ⏎[May 30, 2022, 10:08:58] WinCommandAgent: transmitting bypass route to xxx.xxx.xxx.xxx
{
    "host" : "xxx.xxx.xxx.xxx",
    "ipv6" : false
}

[May 30, 2022, 10:08:58] Connecting to [xxxxxx.freeddns.org]:1194 (xxx.xxx.xxx.xxx) via UDPv4
[May 30, 2022, 10:09:07] Server poll timeout, trying next remote entry...
[May 30, 2022, 10:09:07] EVENT: RECONNECTING ⏎[May 30, 2022, 10:09:07] EVENT: RESOLVE ⏎[May 30, 2022, 10:09:07] Contacting xxx.xxx.xxx.xxx:1194 via UDP
[May 30, 2022, 10:09:07] EVENT: WAIT ⏎[May 30, 2022, 10:09:08] WinCommandAgent: transmitting bypass route to xxx.xxx.xxx.xxx
{
    "host" : "xxx.xxx.xxx.xxx",
    "ipv6" : false
}

[May 30, 2022, 10:09:08] Connecting to [xxxxxx.freeddns.org]:1194 (xxx.xxx.xxx.xxx) via UDPv4
[May 30, 2022, 10:09:18] Server poll timeout, trying next remote entry...
[May 30, 2022, 10:09:18] EVENT: RECONNECTING ⏎[May 30, 2022, 10:09:18] EVENT: RESOLVE ⏎[May 30, 2022, 10:09:18] Contacting xxx.xxx.xxx.xxx:1194 via UDP
[May 30, 2022, 10:09:18] EVENT: WAIT ⏎[May 30, 2022, 10:09:18] WinCommandAgent: transmitting bypass route to xxx.xxx.xxx.xxx
{
    "host" : "xxx.xxx.xxx.xxx",
    "ipv6" : false
}

[May 30, 2022, 10:09:18] Connecting to [xxxxxx.freeddns.org]:1194 (xxx.xxx.xxx.xxx) via UDPv4
[May 30, 2022, 10:09:28] Server poll timeout, trying next remote entry...
[May 30, 2022, 10:09:28] EVENT: RECONNECTING ⏎[May 30, 2022, 10:09:28] EVENT: RESOLVE ⏎[May 30, 2022, 10:09:28] Contacting xxx.xxx.xxx.xxx:1194 via UDP
[May 30, 2022, 10:09:28] EVENT: WAIT ⏎[May 30, 2022, 10:09:28] WinCommandAgent: transmitting bypass route to xxx.xxx.xxx.xxx
{
    "host" : "xxx.xxx.xxx.xxx",
    "ipv6" : false
}

[May 30, 2022, 10:09:28] Connecting to [xxxxxx.freeddns.org]:1194 (xxx.xxx.xxx.xxx) via UDPv4
[May 30, 2022, 10:09:36] EVENT: DISCONNECTED ⏎[May 30, 2022, 10:10:41] OpenVPN core 3.git::d3f8b18b win x86_64 64-bit built on Mar 17 2022 11:42:02
[May 30, 2022, 10:10:41] Frame=512/2048/512 mssfix-ctrl=1250
[May 30, 2022, 10:10:41] UNUSED OPTIONS
0 [user] [nobody]
1 [group] [nogroup]
3 [nobind]
6 [auth-nocache]
[May 30, 2022, 10:10:41] EVENT: RESOLVE ⏎[May 30, 2022, 10:10:41] Contacting xxx.xxx.xxx.xxx:1194 via UDP
[May 30, 2022, 10:10:41] EVENT: WAIT ⏎[May 30, 2022, 10:10:41] WinCommandAgent: transmitting bypass route to xxx.xxx.xxx.xxx
{
    "host" : "xxx.xxx.xxx.xxx",
    "ipv6" : false
}

[May 30, 2022, 10:10:41] Connecting to [xxxxxx.freeddns.org]:1194 (xxx.xxx.xxx.xxx) via UDPv4
[May 30, 2022, 10:10:41] EVENT: CONNECTING ⏎[May 30, 2022, 10:10:41] Tunnel Options:V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
[May 30, 2022, 10:10:41] Creds: UsernameEmpty/PasswordEmpty
[May 30, 2022, 10:10:41] Peer Info:
IV_VER=3.git::d3f8b18b
IV_PLAT=win
IV_NCP=2
IV_TCPNL=1
IV_PROTO=30
IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:BF-CBC
IV_AUTO_SESS=1
IV_GUI_VER=OCWindows_3.3.6-2752
IV_SSO=webauth,openurl,crtext
IV_BS64DL=1

[May 30, 2022, 10:10:42] SSL Handshake: peer certificate: CN=serwer, 2048 bit RSA, cipher: TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD

[May 30, 2022, 10:10:42] Session is ACTIVE
[May 30, 2022, 10:10:42] EVENT: GET_CONFIG ⏎[May 30, 2022, 10:10:42] Sending PUSH_REQUEST to server...
[May 30, 2022, 10:10:42] OPTIONS:
0 [route-gateway] [192.168.8.1]
1 [topology] [subnet]
2 [ifconfig] [192.168.8.2] [255.255.255.0]
3 [peer-id] [0]
4 [cipher] [AES-256-GCM]

[May 30, 2022, 10:10:42] PROTOCOL OPTIONS:
  cipher: AES-256-GCM
  digest: NONE
  key-derivation: OpenVPN PRF
  compress: NONE
  peer ID: 0
[May 30, 2022, 10:10:42] EVENT: ASSIGN_IP ⏎[May 30, 2022, 10:10:42] CAPTURED OPTIONS:
Session Name: xxxxxx.freeddns.org
Layer: OSI_LAYER_3
Remote Address: xxx.xxx.xxx.xxx
Tunnel Addresses:
  192.168.8.2/24 -> 192.168.8.1
Reroute Gateway: IPv4=0 IPv6=0 flags=[ IPv4 ]
Block IPv6: no
Add Routes:
Exclude Routes:
DNS Servers:
Search Domains:

[May 30, 2022, 10:10:43] SetupClient: transmitting tun setup list to \\.\pipe\agent_ovpnconnect
{
    "allow_local_dns_resolvers" : false,
    "confirm_event" : "a80b000000000000",
    "destroy_event" : "5c0e000000000000",
    "tun" : 
    {
        "adapter_domain_suffix" : "",
        "block_ipv6" : false,
        "layer" : 3,
        "mtu" : 0,
        "remote_address" : 
        {
            "address" : "xxx.xxx.xxx.xxx",
            "ipv6" : false
        },
        "reroute_gw" : 
        {
            "flags" : 256,
            "ipv4" : false,
            "ipv6" : false
        },
        "route_metric_default" : -1,
        "session_name" : "xxxxxx.freeddns.org",
        "tunnel_address_index_ipv4" : 0,
        "tunnel_address_index_ipv6" : -1,
        "tunnel_addresses" : 
        [
            {
                "address" : "192.168.8.2",
                "gateway" : "192.168.8.1",
                "ipv6" : false,
                "metric" : -1,
                "net30" : false,
                "prefix_length" : 24
            }
        ]
    },
    "wintun" : false
}
POST np://[\\.\pipe\agent_ovpnconnect]/tun-setup : 200 OK
TAP ADAPTERS:
guid='{C7CB4C4B-1A71-461A-9AC4-ED08CF92BDAD}' index=40 name='Połączenie lokalne'
Open TAP device "Połączenie lokalne" PATH="\\.\Global\{C7CB4C4B-1A71-461A-9AC4-ED08CF92BDAD}.tap" SUCCEEDED
TAP-Windows Driver Version 9.24
ActionDeleteAllRoutesOnInterface iface_index=40
netsh interface ip set interface 40 metric=1
Ok.
netsh interface ip set address 40 static 192.168.8.2 255.255.255.0 gateway=192.168.8.1 store=active
ipconfig /flushdns
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
TAP: ARP flush succeeded
TAP handle: 7806000000000000
[May 30, 2022, 10:10:43] Connected via TUN_WIN
[May 30, 2022, 10:10:43] EVENT: CONNECTED xxxxxx.freeddns.org:1194 (xxx.xxx.xxx.xxx) via /UDPv4 on TUN_WIN/192.168.8.2/ gw=[192.168.8.1/]⏎[May 30, 2022, 10:11:30] Session invalidated: KEEPALIVE_TIMEOUT
[May 30, 2022, 10:11:30] Client terminated, restarting in 2000 ms...
[May 30, 2022, 10:11:30] SetupClient: signaling tun destroy event
[May 30, 2022, 10:11:32] EVENT: RECONNECTING ⏎[May 30, 2022, 10:11:32] EVENT: RESOLVE ⏎[May 30, 2022, 10:11:33] Contacting xxx.xxx.xxx.xxx:1194 via UDP
[May 30, 2022, 10:11:33] EVENT: WAIT ⏎[May 30, 2022, 10:11:33] WinCommandAgent: transmitting bypass route to xxx.xxx.xxx.xxx
{
    "host" : "xxx.xxx.xxx.xxx",
    "ipv6" : false
}

[May 30, 2022, 10:11:33] Connecting to [xxxxxx.freeddns.org]:1194 (xxx.xxx.xxx.xxx) via UDPv4
[May 30, 2022, 10:11:33] EVENT: CONNECTING ⏎[May 30, 2022, 10:11:33] Tunnel Options:V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
[May 30, 2022, 10:11:33] Creds: UsernameEmpty/PasswordEmpty
[May 30, 2022, 10:11:33] Peer Info:
IV_VER=3.git::d3f8b18b
IV_PLAT=win
IV_NCP=2
IV_TCPNL=1
IV_PROTO=30
IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:BF-CBC
IV_AUTO_SESS=1
IV_GUI_VER=OCWindows_3.3.6-2752
IV_SSO=webauth,openurl,crtext
IV_BS64DL=1

[May 30, 2022, 10:11:33] SSL Handshake: peer certificate: CN=serwer, 2048 bit RSA, cipher: TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD

[May 30, 2022, 10:11:33] Session is ACTIVE
[May 30, 2022, 10:11:33] EVENT: GET_CONFIG ⏎[May 30, 2022, 10:11:33] Sending PUSH_REQUEST to server...
[May 30, 2022, 10:11:33] OPTIONS:
0 [route-gateway] [192.168.8.1]
1 [topology] [subnet]
2 [ifconfig] [192.168.8.2] [255.255.255.0]
3 [peer-id] [1]
4 [cipher] [AES-256-GCM]

[May 30, 2022, 10:11:33] PROTOCOL OPTIONS:
  cipher: AES-256-GCM
  digest: NONE
  key-derivation: OpenVPN PRF
  compress: NONE
  peer ID: 1
[May 30, 2022, 10:11:33] EVENT: ASSIGN_IP ⏎[May 30, 2022, 10:11:33] CAPTURED OPTIONS:
Session Name: xxxxxx.freeddns.org
Layer: OSI_LAYER_3
Remote Address: xxx.xxx.xxx.xxx
Tunnel Addresses:
  192.168.8.2/24 -> 192.168.8.1
Reroute Gateway: IPv4=0 IPv6=0 flags=[ IPv4 ]
Block IPv6: no
Add Routes:
Exclude Routes:
DNS Servers:
Search Domains:

[May 30, 2022, 10:11:34] SetupClient: transmitting tun setup list to \\.\pipe\agent_ovpnconnect
{
    "allow_local_dns_resolvers" : false,
    "confirm_event" : "3012000000000000",
    "destroy_event" : "d811000000000000",
    "tun" : 
    {
        "adapter_domain_suffix" : "",
        "block_ipv6" : false,
        "layer" : 3,
        "mtu" : 0,
        "remote_address" : 
        {
            "address" : "xxx.xxx.xxx.xxx",
            "ipv6" : false
        },
        "reroute_gw" : 
        {
            "flags" : 256,
            "ipv4" : false,
            "ipv6" : false
        },
        "route_metric_default" : -1,
        "session_name" : "xxxxxx.freeddns.org",
        "tunnel_address_index_ipv4" : 0,
        "tunnel_address_index_ipv6" : -1,
        "tunnel_addresses" : 
        [
            {
                "address" : "192.168.8.2",
                "gateway" : "192.168.8.1",
                "ipv6" : false,
                "metric" : -1,
                "net30" : false,
                "prefix_length" : 24
            }
        ]
    },
    "wintun" : false
}
POST np://[\\.\pipe\agent_ovpnconnect]/tun-setup : 200 OK
TAP ADAPTERS:
guid='{C7CB4C4B-1A71-461A-9AC4-ED08CF92BDAD}' index=40 name='Połączenie lokalne'
Open TAP device "Połączenie lokalne" PATH="\\.\Global\{C7CB4C4B-1A71-461A-9AC4-ED08CF92BDAD}.tap" SUCCEEDED
TAP-Windows Driver Version 9.24
ActionDeleteAllRoutesOnInterface iface_index=40
netsh interface ip set interface 40 metric=1
Ok.
netsh interface ip set address 40 static 192.168.8.2 255.255.255.0 gateway=192.168.8.1 store=active
ipconfig /flushdns
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
TAP: ARP flush succeeded
TAP handle: 0c12000000000000
[May 30, 2022, 10:11:34] Connected via TUN_WIN
[May 30, 2022, 10:11:34] EVENT: CONNECTED xxxxxx.freeddns.org:1194 (xxx.xxx.xxx.xxx) via /UDPv4 on TUN_WIN/192.168.8.2/ gw=[192.168.8.1/]⏎

please advise
best reards !

TinCanTech · Post by **TinCanTech** » Mon May 30, 2022 3:12 pm

You need --keepalive in your server config.

d00lar · Post by **d00lar** » Wed Jun 01, 2022 5:22 am

that was it thanks

please close
regards

OpenVPN Support Forum

openvpn openwrt keeps disconnecting

openvpn openwrt keeps disconnecting

Re: openvpn openwrt keeps disconnecting

Re: openvpn openwrt keeps disconnecting