Server disconnects itself

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
louisli
OpenVpn Newbie
Posts: 9
Joined: Fri Jul 12, 2013 4:44 am

Server disconnects itself

Post by louisli » Fri Jul 12, 2013 6:04 am

I had OpenVPN (32 bit) installed on a Windows 2008 server (64 bit) while on 2009. Last week I upgraded to 2.3.2 (64 bit) by removing the old installation and install the new version, the only thing I kept was the config file. I compared the old and new config files and they look the same, so I just copy the old config file and made some changes to the path, etc so everything should be the same with the old installation.

The setup was successful, My client computers can connect to the VPN server and open the shared folders on the server. But I noticed the server will disconnect itself when no client was connected, which is a PITA because servers are supposed to wait for client connections, and they cannot disconnect themselves.

When the client is connected, the server stays connected. When clients disconnected, the server disconnects itself within an hour

Here's the log when the server first connects, and then disconnect itself after 40 seconds.

Code: Select all

Fri Jul 12 12:51:51 2013 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Jun  3 2013
Enter Management Password:
Fri Jul 12 12:51:51 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Fri Jul 12 12:51:51 2013 Need hold release from management interface, waiting...
Fri Jul 12 12:51:51 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Fri Jul 12 12:51:51 2013 MANAGEMENT: CMD 'state on'
Fri Jul 12 12:51:51 2013 MANAGEMENT: CMD 'log all on'
Fri Jul 12 12:51:51 2013 MANAGEMENT: CMD 'hold off'
Fri Jul 12 12:51:51 2013 MANAGEMENT: CMD 'hold release'
Fri Jul 12 12:51:51 2013 WARNING: --ifconfig-pool-persist will not work with --duplicate-cn
Fri Jul 12 12:51:51 2013 Diffie-Hellman initialized with 2048 bit key
Fri Jul 12 12:51:54 2013 MANAGEMENT: CMD 'password [...]'
Fri Jul 12 12:51:54 2013 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Jul 12 12:51:55 2013 Control Channel Authentication: using 'jla.key' as a OpenVPN static key file
Fri Jul 12 12:51:55 2013 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul 12 12:51:55 2013 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul 12 12:51:55 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Fri Jul 12 12:51:55 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Jul 12 12:51:55 2013 MANAGEMENT: >STATE:1373604715,ASSIGN_IP,,10.8.0.1,
Fri Jul 12 12:51:55 2013 open_tun, tt->ipv6=0
Fri Jul 12 12:51:55 2013 TAP-WIN32 device [Local Area Connection 3] opened: \\.\Global\{EB31E9D4-A25E-44F7-BC53-88192434A3AC}.tap
Fri Jul 12 12:51:55 2013 TAP-Windows Driver Version 9.9 
Fri Jul 12 12:51:55 2013 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {EB31E9D4-A25E-44F7-BC53-88192434A3AC} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
Fri Jul 12 12:51:55 2013 Sleeping for 10 seconds...
Fri Jul 12 12:52:05 2013 Successful ARP Flush on interface [13] {EB31E9D4-A25E-44F7-BC53-88192434A3AC}
Fri Jul 12 12:52:05 2013 MANAGEMENT: >STATE:1373604725,ADD_ROUTES,,,
Fri Jul 12 12:52:05 2013 C:\Windows\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Fri Jul 12 12:52:05 2013 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Fri Jul 12 12:52:05 2013 Route addition via IPAPI succeeded [adaptive]
Fri Jul 12 12:52:05 2013 UDPv4 link local (bound): [AF_INET](my_ip_address):(my_port)
Fri Jul 12 12:52:05 2013 UDPv4 link remote: [undef]
Fri Jul 12 12:52:05 2013 MULTI: multi_init called, r=256 v=256
Fri Jul 12 12:52:05 2013 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Fri Jul 12 12:52:05 2013 ifconfig_pool_read(), in='Louis Li,10.8.0.4', TODO: IPv6
Fri Jul 12 12:52:05 2013 succeeded -> ifconfig_pool_set()
Fri Jul 12 12:52:05 2013 IFCONFIG POOL LIST
Fri Jul 12 12:52:05 2013 Louis Li,10.8.0.4
Fri Jul 12 12:52:05 2013 Initialization Sequence Completed
Fri Jul 12 12:52:05 2013 MANAGEMENT: >STATE:1373604725,CONNECTED,SUCCESS,10.8.0.1,
Fri Jul 12 12:52:46 2013 C:\Windows\system32\route.exe DELETE 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Fri Jul 12 12:52:46 2013 Route deletion via IPAPI succeeded [adaptive]
Fri Jul 12 12:52:46 2013 Closing TUN/TAP interface
Fri Jul 12 12:52:46 2013 SIGTERM[hard,] received, process exiting
Fri Jul 12 12:52:46 2013 MANAGEMENT: >STATE:1373604766,EXITING,SIGTERM,,
And here's the log when a client connects and then disconnected at client side, the server disconnects itself after 11 minutes.

Code: Select all

Fri Jul 12 11:45:36 2013 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Jun  3 2013
Enter Management Password:
Fri Jul 12 11:45:37 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Fri Jul 12 11:45:37 2013 Need hold release from management interface, waiting...
Fri Jul 12 11:45:37 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Fri Jul 12 11:45:37 2013 MANAGEMENT: CMD 'state on'
Fri Jul 12 11:45:37 2013 MANAGEMENT: CMD 'log all on'
Fri Jul 12 11:45:37 2013 MANAGEMENT: CMD 'hold off'
Fri Jul 12 11:45:37 2013 MANAGEMENT: CMD 'hold release'
Fri Jul 12 11:45:37 2013 Diffie-Hellman initialized with 2048 bit key
Fri Jul 12 11:45:37 2013 Control Channel Authentication: using 'jla.key' as a OpenVPN static key file
Fri Jul 12 11:45:37 2013 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul 12 11:45:37 2013 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul 12 11:45:37 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Fri Jul 12 11:45:37 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Jul 12 11:45:37 2013 MANAGEMENT: >STATE:1373600737,ASSIGN_IP,,10.8.0.1,
Fri Jul 12 11:45:37 2013 open_tun, tt->ipv6=0
Fri Jul 12 11:45:37 2013 TAP-WIN32 device [Local Area Connection 3] opened: \\.\Global\{EB31E9D4-A25E-44F7-BC53-88192434A3AC}.tap
Fri Jul 12 11:45:37 2013 TAP-Windows Driver Version 9.9 
Fri Jul 12 11:45:37 2013 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {EB31E9D4-A25E-44F7-BC53-88192434A3AC} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
Fri Jul 12 11:45:37 2013 Sleeping for 10 seconds...
Fri Jul 12 11:45:47 2013 Successful ARP Flush on interface [13] {EB31E9D4-A25E-44F7-BC53-88192434A3AC}
Fri Jul 12 11:45:47 2013 MANAGEMENT: >STATE:1373600747,ADD_ROUTES,,,
Fri Jul 12 11:45:47 2013 C:\Windows\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Fri Jul 12 11:45:47 2013 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Fri Jul 12 11:45:47 2013 Route addition via IPAPI succeeded [adaptive]
Fri Jul 12 11:45:47 2013 UDPv4 link local (bound): [AF_INET](my_ip_address):(my_port)
Fri Jul 12 11:45:47 2013 UDPv4 link remote: [undef]
Fri Jul 12 11:45:47 2013 MULTI: multi_init called, r=256 v=256
Fri Jul 12 11:45:47 2013 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Fri Jul 12 11:45:47 2013 ifconfig_pool_read(), in='Louis Li,10.8.0.4', TODO: IPv6
Fri Jul 12 11:45:47 2013 succeeded -> ifconfig_pool_set()
Fri Jul 12 11:45:47 2013 IFCONFIG POOL LIST
Fri Jul 12 11:45:47 2013 Louis Li,10.8.0.4
Fri Jul 12 11:45:47 2013 Initialization Sequence Completed
Fri Jul 12 11:45:47 2013 MANAGEMENT: >STATE:1373600747,CONNECTED,SUCCESS,10.8.0.1,
Fri Jul 12 11:50:15 2013 192.168.1.108:52582 TLS: Initial packet from [AF_INET]192.168.1.108:52582, sid=0b55ede2 3388e4ac
Fri Jul 12 11:50:29 2013 192.168.1.108:52582 VERIFY OK: (my_cert_info)
Fri Jul 12 11:50:29 2013 192.168.1.108:52582 VERIFY OK: (my_cert_info)
Fri Jul 12 11:50:32 2013 192.168.1.108:52582 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Fri Jul 12 11:50:32 2013 192.168.1.108:52582 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul 12 11:50:32 2013 192.168.1.108:52582 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Fri Jul 12 11:50:32 2013 192.168.1.108:52582 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul 12 11:50:32 2013 192.168.1.108:52582 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Fri Jul 12 11:50:32 2013 192.168.1.108:52582 [Louis Li] Peer Connection Initiated with [AF_INET]192.168.1.108:52582
Fri Jul 12 11:50:32 2013 Louis Li/192.168.1.108:52582 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Fri Jul 12 11:50:32 2013 Louis Li/192.168.1.108:52582 MULTI: Learn: 10.8.0.6 -> Louis Li/192.168.1.108:52582
Fri Jul 12 11:50:32 2013 Louis Li/192.168.1.108:52582 MULTI: primary virtual IP for Louis Li/192.168.1.108:52582: 10.8.0.6
Fri Jul 12 11:50:34 2013 Louis Li/192.168.1.108:52582 PUSH: Received control message: 'PUSH_REQUEST'
Fri Jul 12 11:50:34 2013 Louis Li/192.168.1.108:52582 send_push_reply(): safe_cap=940
Fri Jul 12 11:50:34 2013 Louis Li/192.168.1.108:52582 SENT CONTROL [Louis Li]: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Fri Jul 12 11:57:57 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 11:58:07 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 11:58:18 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 11:58:28 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 11:58:38 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:01:47 2013 Louis Li/192.168.1.108:52582 [Louis Li] Inactivity timeout (--ping-restart), restarting
Fri Jul 12 12:01:47 2013 Louis Li/192.168.1.108:52582 SIGUSR1[soft,ping-restart] received, client-instance restarting
Fri Jul 12 12:05:54 2013 192.168.1.106:49474 TLS: Initial packet from [AF_INET]192.168.1.106:49474, sid=fa03948a 76e45e03
Fri Jul 12 12:05:54 2013 192.168.1.106:49474 VERIFY OK: (my_cert_info)
Fri Jul 12 12:05:54 2013 192.168.1.106:49474 VERIFY OK: (my_cert_info)
Fri Jul 12 12:05:54 2013 192.168.1.106:49474 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Fri Jul 12 12:05:54 2013 192.168.1.106:49474 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul 12 12:05:54 2013 192.168.1.106:49474 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Fri Jul 12 12:05:54 2013 192.168.1.106:49474 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul 12 12:05:54 2013 192.168.1.106:49474 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Fri Jul 12 12:05:54 2013 192.168.1.106:49474 [Louis Li] Peer Connection Initiated with [AF_INET]192.168.1.106:49474
Fri Jul 12 12:05:54 2013 Louis Li/192.168.1.106:49474 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Fri Jul 12 12:05:54 2013 Louis Li/192.168.1.106:49474 MULTI: Learn: 10.8.0.6 -> Louis Li/192.168.1.106:49474
Fri Jul 12 12:05:54 2013 Louis Li/192.168.1.106:49474 MULTI: primary virtual IP for Louis Li/192.168.1.106:49474: 10.8.0.6
Fri Jul 12 12:05:56 2013 Louis Li/192.168.1.106:49474 PUSH: Received control message: 'PUSH_REQUEST'
Fri Jul 12 12:05:56 2013 Louis Li/192.168.1.106:49474 send_push_reply(): safe_cap=940
Fri Jul 12 12:05:56 2013 Louis Li/192.168.1.106:49474 SENT CONTROL [Louis Li]: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Fri Jul 12 12:37:11 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:37:21 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:37:31 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:37:41 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:37:51 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:38:01 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:38:11 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:38:22 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:38:32 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:38:42 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:38:52 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:39:02 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:39:12 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:39:22 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:39:33 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:39:43 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:39:53 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:40:03 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:40:14 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:40:24 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Jul 12 12:40:25 2013 Louis Li/192.168.1.106:49474 [Louis Li] Inactivity timeout (--ping-restart), restarting
Fri Jul 12 12:40:25 2013 Louis Li/192.168.1.106:49474 SIGUSR1[soft,ping-restart] received, client-instance restarting
Fri Jul 12 12:51:46 2013 C:\Windows\system32\route.exe DELETE 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Fri Jul 12 12:51:46 2013 Route deletion via IPAPI succeeded [adaptive]
Fri Jul 12 12:51:46 2013 Closing TUN/TAP interface
Fri Jul 12 12:51:46 2013 SIGTERM[hard,] received, process exiting
Fri Jul 12 12:51:46 2013 MANAGEMENT: >STATE:1373604706,EXITING,SIGTERM,,
I did not have this problem while on 2009

Here's my server config:

Code: Select all

local (my_ip_address)
port (my_port)
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
duplicate-cn
keepalive 10 120
inactive 30
tls-auth jla.key 0 # This file is secret
cipher AES-128-CBC   # AES
comp-lzo
persist-key
persist-tun
status openvpn-status.log
log-append  openvpn.log
verb 3
The server has Windows firewall disabled. Is there anything I could do to solve this problem?
Thank you very much.
Top
louisli
OpenVpn Newbie
Posts: 9
Joined: Fri Jul 12, 2013 4:44 am

Re: Server disconnects itself

Post by louisli » Fri Jul 12, 2013 8:43 am

Problem seems solved by restarting the server computer.
Top
louisli
OpenVpn Newbie
Posts: 9
Joined: Fri Jul 12, 2013 4:44 am

Re: Server disconnects itself

Post by louisli » Fri Jul 12, 2013 10:33 am

Hmm, seems not.
The server online for an hour or two then the same problem happens again. The route deletes itself and the TUN/TAP interface goes down.

any clues?
Top
louisli
OpenVpn Newbie
Posts: 9
Joined: Fri Jul 12, 2013 4:44 am

Re: Server disconnects itself

Post by louisli » Tue Jul 16, 2013 4:57 am

I tried different settings these days including:
- shutting down an FTP server listening on the same port
- changing the TAP/TUN network adapter properties from "application controlled" to "always connected"
But none of these seems to help, so I reverted the changes.

Finally I changed the server from UDP to TCP, it worked for an overnight. I'm happy to check the server is still connected this morning, so I try my connecting with my notebook again. It worked...

... well for 15 minutes after the user disconnected, the server disconnects again. Same behavior by deleting the route first, then shutdown the TAP/TUN interface just like the above posts.

Code: Select all

Tue Jul 16 05:12:18 2013 Debbie Lau/217.210.172.28:34338 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 16 05:12:18 2013 Debbie Lau/217.210.172.28:34338 TLS Error: incoming packet authentication failed from [AF_INET]217.210.172.28:34338
Tue Jul 16 05:12:18 2013 Debbie Lau/217.210.172.28:34338 Fatal TLS error (check_tls_errors_co), restarting
Tue Jul 16 05:12:18 2013 Debbie Lau/217.210.172.28:34338 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul 16 05:12:20 2013 TCP connection established with [AF_INET]217.210.172.28:37198
Tue Jul 16 05:12:21 2013 217.210.172.28:37198 TLS: Initial packet from [AF_INET]217.210.172.28:37198, sid=efa20f53 b02d4565
Tue Jul 16 05:12:43 2013 217.210.172.28:37198 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 16 05:12:43 2013 217.210.172.28:37198 TLS Error: incoming packet authentication failed from [AF_INET]217.210.172.28:37198
Tue Jul 16 05:12:43 2013 217.210.172.28:37198 Fatal TLS error (check_tls_errors_co), restarting
Tue Jul 16 05:12:43 2013 217.210.172.28:37198 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul 16 05:12:45 2013 TCP connection established with [AF_INET]217.210.172.28:47450
Tue Jul 16 05:12:46 2013 217.210.172.28:47450 TLS: Initial packet from [AF_INET]217.210.172.28:47450, sid=37608e8c cdb3306c
Tue Jul 16 05:13:13 2013 217.210.172.28:47450 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 16 05:13:13 2013 217.210.172.28:47450 TLS Error: incoming packet authentication failed from [AF_INET]217.210.172.28:47450
Tue Jul 16 05:13:13 2013 217.210.172.28:47450 Fatal TLS error (check_tls_errors_co), restarting
Tue Jul 16 05:13:13 2013 217.210.172.28:47450 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul 16 05:13:15 2013 TCP connection established with [AF_INET]217.210.172.28:39498
Tue Jul 16 05:13:16 2013 217.210.172.28:39498 TLS: Initial packet from [AF_INET]217.210.172.28:39498, sid=001a6c76 f217543e
Tue Jul 16 05:13:44 2013 217.210.172.28:39498 VERIFY OK: (my_cert_info)
Tue Jul 16 05:13:44 2013 217.210.172.28:39498 VERIFY OK: (my_cert_info)
Tue Jul 16 05:13:55 2013 217.210.172.28:39498 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Jul 16 05:13:55 2013 217.210.172.28:39498 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jul 16 05:13:55 2013 217.210.172.28:39498 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Jul 16 05:13:55 2013 217.210.172.28:39498 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jul 16 05:13:57 2013 217.210.172.28:39498 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Tue Jul 16 05:13:57 2013 217.210.172.28:39498 [Debbie Lau] Peer Connection Initiated with [AF_INET]217.210.172.28:39498
Tue Jul 16 05:13:57 2013 Debbie Lau/217.210.172.28:39498 MULTI_sva: pool returned IPv4=10.8.0.10, IPv6=(Not enabled)
Tue Jul 16 05:13:57 2013 Debbie Lau/217.210.172.28:39498 MULTI: Learn: 10.8.0.10 -> Debbie Lau/217.210.172.28:39498
Tue Jul 16 05:13:57 2013 Debbie Lau/217.210.172.28:39498 MULTI: primary virtual IP for Debbie Lau/217.210.172.28:39498: 10.8.0.10
Tue Jul 16 05:13:58 2013 Debbie Lau/217.210.172.28:39498 PUSH: Received control message: 'PUSH_REQUEST'
Tue Jul 16 05:13:58 2013 Debbie Lau/217.210.172.28:39498 send_push_reply(): safe_cap=940
Tue Jul 16 05:13:58 2013 Debbie Lau/217.210.172.28:39498 SENT CONTROL [Debbie Lau]: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.10 10.8.0.9' (status=1)
Tue Jul 16 06:14:25 2013 Debbie Lau/217.210.172.28:39498 VERIFY OK: (my_cert_info)
Tue Jul 16 06:14:25 2013 Debbie Lau/217.210.172.28:39498 VERIFY OK: (my_cert_info)
Tue Jul 16 06:14:37 2013 Debbie Lau/217.210.172.28:39498 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Jul 16 06:14:37 2013 Debbie Lau/217.210.172.28:39498 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jul 16 06:14:37 2013 Debbie Lau/217.210.172.28:39498 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Jul 16 06:14:37 2013 Debbie Lau/217.210.172.28:39498 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jul 16 06:14:39 2013 Debbie Lau/217.210.172.28:39498 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Tue Jul 16 06:48:15 2013 Debbie Lau/217.210.172.28:39498 Connection reset, restarting [0]
Tue Jul 16 06:48:15 2013 Debbie Lau/217.210.172.28:39498 SIGUSR1[soft,connection-reset] received, client-instance restarting
Tue Jul 16 11:03:55 2013 TCP connection established with [AF_INET]192.168.1.107:49179
Tue Jul 16 11:03:55 2013 192.168.1.107:49179 TLS: Initial packet from [AF_INET]192.168.1.107:49179, sid=187576d2 42722e35
Tue Jul 16 11:03:56 2013 192.168.1.107:49179 VERIFY OK: (my_cert_info)
Tue Jul 16 11:03:56 2013 192.168.1.107:49179 VERIFY OK: (my_cert_info)
Tue Jul 16 11:03:56 2013 192.168.1.107:49179 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Jul 16 11:03:56 2013 192.168.1.107:49179 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jul 16 11:03:56 2013 192.168.1.107:49179 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Jul 16 11:03:56 2013 192.168.1.107:49179 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jul 16 11:03:56 2013 192.168.1.107:49179 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Tue Jul 16 11:03:56 2013 192.168.1.107:49179 [Louis Li] Peer Connection Initiated with [AF_INET]192.168.1.107:49179
Tue Jul 16 11:03:56 2013 Louis Li/192.168.1.107:49179 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Tue Jul 16 11:03:56 2013 Louis Li/192.168.1.107:49179 MULTI: Learn: 10.8.0.6 -> Louis Li/192.168.1.107:49179
Tue Jul 16 11:03:56 2013 Louis Li/192.168.1.107:49179 MULTI: primary virtual IP for Louis Li/192.168.1.107:49179: 10.8.0.6
Tue Jul 16 11:03:58 2013 Louis Li/192.168.1.107:49179 PUSH: Received control message: 'PUSH_REQUEST'
Tue Jul 16 11:03:58 2013 Louis Li/192.168.1.107:49179 send_push_reply(): safe_cap=940
Tue Jul 16 11:03:58 2013 Louis Li/192.168.1.107:49179 SENT CONTROL [Louis Li]: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Tue Jul 16 11:05:21 2013 Louis Li/192.168.1.107:49179 Connection reset, restarting [-1]
Tue Jul 16 11:05:21 2013 Louis Li/192.168.1.107:49179 SIGUSR1[soft,connection-reset] received, client-instance restarting
Tue Jul 16 11:19:14 2013 C:\Windows\system32\route.exe DELETE 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Tue Jul 16 11:19:14 2013 Route deletion via IPAPI succeeded [adaptive]
Tue Jul 16 11:19:14 2013 Closing TUN/TAP interface
Tue Jul 16 11:19:14 2013 SIGTERM[hard,] received, process exiting
Tue Jul 16 11:19:14 2013 MANAGEMENT: >STATE:1373944754,EXITING,SIGTERM,,
My client config is as follows:

Code: Select all

client
dev tun
proto tcp
remote (my_ip_address) (my_port)
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
tls-auth jla.key 1
cipher AES-128-CBC
comp-lzo
verb 3
Top
louisli
OpenVpn Newbie
Posts: 9
Joined: Fri Jul 12, 2013 4:44 am

Re: Server disconnects itself

Post by louisli » Tue Jul 16, 2013 5:34 am

The OpenVPN status changed to "suspended" after disconnection. Closing OpenVPN GUI will prompt for "Active connection will be disconnected.... blah blah", continue closing the GUI, status will change to "waiting for OpenVPN to terminate" and then the wait keeps forever... :cry:
Top
louisli
OpenVpn Newbie
Posts: 9
Joined: Fri Jul 12, 2013 4:44 am

Re: Server disconnects itself

Post by louisli » Wed Jul 17, 2013 8:46 am

The problem is found to be related with remote desktop. As with other users in this forum, I tried to change the group policy settings but the exact setting could not be found. I tried starting OpenVPN as service, but clients could not connect to the server. So I think I would stop using Remote desktop until there is solution to this problem.

Thanks all for attempting to help. :D
Top
Post Reply

Return to “Server Administration”