OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

Server error every 5 minutes

https://forums.openvpn.net/viewtopic.php?t=14262

Page 1 of 1

Server error every 5 minutes

Posted: Fri Nov 08, 2013 1:11 pm
by Outpox
Hello,
Here I come again with a new "problem" !

I'm getting an error in /var/log/openvpn.log every 5 (exactly) minutes which looks like :

Code: Select all

Fri Nov  8 13:51:21 2013 MULTI: multi_create_instance called
Fri Nov  8 13:51:21 2013 Re-using SSL/TLS context
Fri Nov  8 13:51:21 2013 LZO compression initialized
Fri Nov  8 13:51:21 2013 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Fri Nov  8 13:51:21 2013 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Nov  8 13:51:21 2013 Local Options hash (VER=V4): '9915e4a2'
Fri Nov  8 13:51:21 2013 Expected Remote Options hash (VER=V4): '2f2c6498'
Fri Nov  8 13:51:21 2013 TCP connection established with [AF_INET]XX.XXX.XX.XXX:46605
Fri Nov  8 13:51:21 2013 TCPv4_SERVER link local: [undef]
Fri Nov  8 13:51:21 2013 TCPv4_SERVER link remote: [AF_INET]XX.XXX.XX.XXX:46605
Fri Nov  8 13:51:21 2013 XX.XXX.XX.XXX:46605 Connection reset, restarting [-1]
Fri Nov  8 13:51:21 2013 XX.XXX.XX.XXX:46605 SIGUSR1[soft,connection-reset] received, client-instance restarting
Fri Nov  8 13:51:21 2013 TCP/UDP: Closing socket
So I don't know what it means, I've been googling a lot and did not find anything relevant yet.
My users have sometime to try reconnecting twice to get connected to the VPN (tough it still works), maybe because of this ?
Anyway it's still spamming the log file which is quite a problem.
Do you have any hint of what might be the problem ?

Server.conf

Code: Select all

# Terveur TCP/443
mode server
proto tcp-server
port 443
dev tun

# Cles et certificats
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
tls-auth ta.key 0
cipher AES-256-CBC

; duplicate-cn

# Reseau
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120

# Securite
user nobody
group nogroup
persist-key
persist-tun
comp-lzo
#crl-verify /etc/openvpn/easy-rsa/keys/crl.pem

# Log
verb 3
mute 20
status openvpn-status.log
log-append /var/log/openvpn.log
script-security 3 system
client-config-dir clientaccess
ccd-exclusive
client.conf

Code: Select all

# Client
client
dev tun
proto tcp-client
remote 5.135.148.242 443
resolv-retry infinite
cipher AES-256-CBC
; client-config-dir ccd
# Cles
ca ca.crt
ligne1
ligne2
tls-auth ta.key 1
# Securite
nobind
persist-key
persist-tun
comp-lzo
verb 3
Thanks in advance !

Re: Server error every 5 minutes

Posted: Wed Nov 13, 2013 8:52 am
by Outpox
I added

Code: Select all

push "ping 20"
But I still have the same output in my openvpn.log (in /var/etc/openvpn.log)
:|

Re: Server error every 5 minutes

Posted: Wed Nov 13, 2013 8:34 pm
by Outpox
My log size is 8 Mo because of this "spam". Should I paste it on pastebin or upload the file ?

Re: Server error every 5 minutes

Posted: Fri Nov 15, 2013 10:59 pm
by Outpox
I changed it, I'm waiting for the users to be disconnected (actually there's not connection problem, users can connect and access internet) to restard the server.

Re: Server error every 5 minutes

Posted: Sat Nov 16, 2013 3:34 pm
by Outpox
I think I didn't explained myself correctly (or you may have misunderstood :p ).
The initial problem is this spam in my logfile. And I don't understand the error which is thrown.
The connection for my users have always been working from the beginning of this topic, my request was not about it (since it works).

I hope we understand each others now :p

Re: Server error every 5 minutes

Posted: Tue Nov 19, 2013 9:01 am
by Outpox
Log from server :

Code: Select all


Tue Nov 19 08:32:54 2013 TCP/UDP: Closing socket
Tue Nov 19 08:32:54 2013 /sbin/route del -net 10.8.0.0 netmask 255.255.255.0
SIOCDELRT: Operation not permitted
Tue Nov 19 08:32:54 2013 ERROR: Linux route delete command failed: external program exited with error status: 7
Tue Nov 19 08:32:54 2013 Closing TUN/TAP interface
Tue Nov 19 08:32:54 2013 /sbin/ifconfig tun0 0.0.0.0
SIOCSIFADDR: Operation not permitted
SIOCSIFFLAGS: Operation not permitted
Tue Nov 19 08:32:54 2013 Linux ip addr del failed: external program exited with error status: 255
Tue Nov 19 08:32:54 2013 SIGTERM[hard,] received, process exiting
Tue Nov 19 08:32:56 2013 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Jun 18 2013
Tue Nov 19 08:32:56 2013 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Nov 19 08:32:56 2013 NOTE: --script-security method='system' is deprecated due to the fact that passed parameters will be subject to shell expansion
Tue Nov 19 08:32:56 2013 Diffie-Hellman initialized with 1024 bit key
Tue Nov 19 08:32:56 2013 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Tue Nov 19 08:32:56 2013 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 19 08:32:56 2013 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 19 08:32:56 2013 TLS-Auth MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Tue Nov 19 08:32:56 2013 Socket Buffers: R=[87380->131072] S=[16384->131072]
Tue Nov 19 08:32:56 2013 ROUTE default_gateway=5.135.151.254
Tue Nov 19 08:32:56 2013 TUN/TAP device tun0 opened
Tue Nov 19 08:32:56 2013 TUN/TAP TX queue length set to 100
Tue Nov 19 08:32:56 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Nov 19 08:32:56 2013 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Tue Nov 19 08:32:56 2013 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Tue Nov 19 08:32:56 2013 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Nov 19 08:32:56 2013 GID set to nogroup
Tue Nov 19 08:32:56 2013 UID set to nobody
Tue Nov 19 08:32:56 2013 Listening for incoming TCP connection on [undef]
Tue Nov 19 08:32:56 2013 TCPv4_SERVER link local (bound): [undef]
Tue Nov 19 08:32:56 2013 TCPv4_SERVER link remote: [undef]
Tue Nov 19 08:32:56 2013 MULTI: multi_init called, r=256 v=256
Tue Nov 19 08:32:56 2013 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Tue Nov 19 08:32:56 2013 MULTI: TCP INIT maxclients=1024 maxevents=1028
Tue Nov 19 08:32:56 2013 Initialization Sequence Completed
Tue Nov 19 08:33:05 2013 MULTI: multi_create_instance called
Tue Nov 19 08:33:05 2013 Re-using SSL/TLS context
Tue Nov 19 08:33:05 2013 LZO compression initialized
Tue Nov 19 08:33:05 2013 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Tue Nov 19 08:33:05 2013 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Nov 19 08:33:05 2013 Local Options hash (VER=V4): '9915e4a2'
Tue Nov 19 08:33:05 2013 Expected Remote Options hash (VER=V4): '2f2c6498'
Tue Nov 19 08:33:05 2013 TCP connection established with [AF_INET]194.214.122.73:65520
Tue Nov 19 08:33:05 2013 TCPv4_SERVER link local: [undef]
Tue Nov 19 08:33:05 2013 TCPv4_SERVER link remote: [AF_INET]194.214.122.73:65520
Tue Nov 19 08:33:06 2013 194.214.122.73:65520 TLS: Initial packet from [AF_INET]194.214.122.73:65520, sid=37b2873b b659a8ff
Tue Nov 19 08:33:06 2013 194.214.122.73:65520 VERIFY OK: depth=1, /C=FR/ST=06/L=Nancy
Tue Nov 19 08:33:06 2013 194.214.122.73:65520 VERIFY OK: depth=0, /C=FR/ST=06/L=Nancy/CN=outpox
Tue Nov 19 08:33:07 2013 194.214.122.73:65520 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Nov 19 08:33:07 2013 194.214.122.73:65520 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 19 08:33:07 2013 194.214.122.73:65520 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Nov 19 08:33:07 2013 194.214.122.73:65520 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 19 08:33:07 2013 194.214.122.73:65520 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Nov 19 08:33:07 2013 194.214.122.73:65520 [outpox] Peer Connection Initiated with [AF_INET]194.214.122.73:65520
Tue Nov 19 08:33:07 2013 outpox/194.214.122.73:65520 OPTIONS IMPORT: reading client specific options from: clientaccess/outpox
Tue Nov 19 08:33:07 2013 outpox/194.214.122.73:65520 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=b092:9508:137f:0:cd1c:4c07:137f:0
Tue Nov 19 08:33:07 2013 outpox/194.214.122.73:65520 MULTI: Learn: 10.8.0.6 -> outpox/194.214.122.73:65520
Tue Nov 19 08:33:07 2013 outpox/194.214.122.73:65520 MULTI: primary virtual IP for outpox/194.214.122.73:65520: 10.8.0.6
Tue Nov 19 08:33:09 2013 outpox/194.214.122.73:65520 PUSH: Received control message: 'PUSH_REQUEST'
Tue Nov 19 08:33:09 2013 outpox/194.214.122.73:65520 send_push_reply(): safe_cap=960
Tue Nov 19 08:33:09 2013 outpox/194.214.122.73:65520 SENT CONTROL [outpox]: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,ping 20,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Tue Nov 19 08:37:05 2013 MULTI: multi_create_instance called
Tue Nov 19 08:37:05 2013 Re-using SSL/TLS context
Tue Nov 19 08:37:05 2013 LZO compression initialized
Tue Nov 19 08:37:05 2013 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Tue Nov 19 08:37:05 2013 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Nov 19 08:37:05 2013 Local Options hash (VER=V4): '9915e4a2'
Tue Nov 19 08:37:05 2013 Expected Remote Options hash (VER=V4): '2f2c6498'
Tue Nov 19 08:37:05 2013 TCP connection established with [AF_INET]37.187.35.250:60849
Tue Nov 19 08:37:05 2013 TCPv4_SERVER link local: [undef]
Tue Nov 19 08:37:05 2013 TCPv4_SERVER link remote: [AF_INET]37.187.35.250:60849
Tue Nov 19 08:37:05 2013 37.187.35.250:60849 Connection reset, restarting [-1]
Tue Nov 19 08:37:05 2013 37.187.35.250:60849 SIGUSR1[soft,connection-reset] received, client-instance restarting
Tue Nov 19 08:37:05 2013 TCP/UDP: Closing socket
Tue Nov 19 08:42:05 2013 MULTI: multi_create_instance called
Tue Nov 19 08:42:05 2013 Re-using SSL/TLS context
Tue Nov 19 08:42:05 2013 LZO compression initialized
Tue Nov 19 08:42:05 2013 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Tue Nov 19 08:42:05 2013 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Nov 19 08:42:05 2013 Local Options hash (VER=V4): '9915e4a2'
Tue Nov 19 08:42:05 2013 Expected Remote Options hash (VER=V4): '2f2c6498'
Tue Nov 19 08:42:05 2013 TCP connection established with [AF_INET]37.187.35.250:39939
Tue Nov 19 08:42:05 2013 TCPv4_SERVER link local: [undef]
Tue Nov 19 08:42:05 2013 TCPv4_SERVER link remote: [AF_INET]37.187.35.250:39939
Tue Nov 19 08:42:05 2013 37.187.35.250:39939 Connection reset, restarting [-1]
Tue Nov 19 08:42:05 2013 37.187.35.250:39939 SIGUSR1[soft,connection-reset] received, client-instance restarting
Tue Nov 19 08:42:05 2013 TCP/UDP: Closing socket
Tue Nov 19 08:47:13 2013 MULTI: multi_create_instance called
Tue Nov 19 08:47:13 2013 Re-using SSL/TLS context
Tue Nov 19 08:47:13 2013 LZO compression initialized
Tue Nov 19 08:47:13 2013 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Tue Nov 19 08:47:13 2013 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Nov 19 08:47:13 2013 Local Options hash (VER=V4): '9915e4a2'
Tue Nov 19 08:47:13 2013 Expected Remote Options hash (VER=V4): '2f2c6498'
Tue Nov 19 08:47:13 2013 TCP connection established with [AF_INET]37.187.35.250:48059
Tue Nov 19 08:47:13 2013 TCPv4_SERVER link local: [undef]
Tue Nov 19 08:47:13 2013 TCPv4_SERVER link remote: [AF_INET]37.187.35.250:48059
Tue Nov 19 08:47:13 2013 37.187.35.250:48059 Connection reset, restarting [-1]
Tue Nov 19 08:47:13 2013 37.187.35.250:48059 SIGUSR1[soft,connection-reset] received, client-instance restarting
Tue Nov 19 08:47:13 2013 TCP/UDP: Closing socket
Tue Nov 19 08:48:03 2013 outpox/194.214.122.73:65520 [outpox] Inactivity timeout (--ping-restart), restarting
Tue Nov 19 08:48:03 2013 outpox/194.214.122.73:65520 SIGUSR1[soft,ping-restart] received, client-instance restarting
Tue Nov 19 08:48:03 2013 TCP/UDP: Closing socket
Tue Nov 19 08:52:06 2013 MULTI: multi_create_instance called
Tue Nov 19 08:52:06 2013 Re-using SSL/TLS context
Tue Nov 19 08:52:06 2013 LZO compression initialized
Tue Nov 19 08:52:06 2013 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Tue Nov 19 08:52:06 2013 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Nov 19 08:52:06 2013 Local Options hash (VER=V4): '9915e4a2'
Tue Nov 19 08:52:06 2013 Expected Remote Options hash (VER=V4): '2f2c6498'
Tue Nov 19 08:52:06 2013 TCP connection established with [AF_INET]37.187.35.250:55620
Tue Nov 19 08:52:06 2013 TCPv4_SERVER link local: [undef]
Tue Nov 19 08:52:06 2013 TCPv4_SERVER link remote: [AF_INET]37.187.35.250:55620
Tue Nov 19 08:52:06 2013 37.187.35.250:55620 Connection reset, restarting [-1]
Tue Nov 19 08:52:06 2013 37.187.35.250:55620 SIGUSR1[soft,connection-reset] received, client-instance restarting
Tue Nov 19 08:52:06 2013 TCP/UDP: Closing socket
Tue Nov 19 08:57:04 2013 MULTI: multi_create_instance called
Tue Nov 19 08:57:04 2013 Re-using SSL/TLS context
Tue Nov 19 08:57:04 2013 LZO compression initialized
Tue Nov 19 08:57:04 2013 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Tue Nov 19 08:57:04 2013 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Nov 19 08:57:04 2013 Local Options hash (VER=V4): '9915e4a2'
Tue Nov 19 08:57:04 2013 Expected Remote Options hash (VER=V4): '2f2c6498'
Tue Nov 19 08:57:04 2013 TCP connection established with [AF_INET]37.187.35.250:34663
Tue Nov 19 08:57:04 2013 TCPv4_SERVER link local: [undef]
Tue Nov 19 08:57:04 2013 TCPv4_SERVER link remote: [AF_INET]37.187.35.250:34663
Tue Nov 19 08:57:04 2013 37.187.35.250:34663 Connection reset, restarting [-1]
Tue Nov 19 08:57:04 2013 37.187.35.250:34663 SIGUSR1[soft,connection-reset] received, client-instance restarting
Tue Nov 19 08:57:04 2013 TCP/UDP: Closing socket
Client log (yes this log is not at the same time, but it's the exact same log i had at 08:42)
This log last 15mn, but it doesn't appear to be any problem client side.

Code: Select all

Tue Nov 19 10:00:29 2013 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Feb 27 2013
Tue Nov 19 10:00:29 2013 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 19 10:00:29 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Nov 19 10:00:29 2013 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Tue Nov 19 10:00:29 2013 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 19 10:00:29 2013 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 19 10:00:29 2013 LZO compression initialized
Tue Nov 19 10:00:29 2013 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Tue Nov 19 10:00:29 2013 Socket Buffers: R=[87380->131072] S=[16384->131072]
Tue Nov 19 10:00:29 2013 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Nov 19 10:00:29 2013 Local Options hash (VER=V4): '2f2c6498'
Tue Nov 19 10:00:29 2013 Expected Remote Options hash (VER=V4): '9915e4a2'
Tue Nov 19 10:00:29 2013 Attempting to establish TCP connection with [AF_INET]5.135.148.242:443 [nonblock]
Tue Nov 19 10:00:30 2013 TCP connection established with [AF_INET]5.135.148.242:443
Tue Nov 19 10:00:30 2013 TCPv4_CLIENT link local: [undef]
Tue Nov 19 10:00:30 2013 TCPv4_CLIENT link remote: [AF_INET]5.135.148.242:443
Tue Nov 19 10:00:30 2013 TLS: Initial packet from [AF_INET]5.135.148.242:443, sid=2cb13e94 b1658e99
Tue Nov 19 10:00:30 2013 VERIFY OK: depth=1, /C=FR/ST=06/L=Nancy
Tue Nov 19 10:00:30 2013 VERIFY OK: depth=0, /C=FR/ST=06/L=Nancy/CN=server
Tue Nov 19 10:00:30 2013 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Nov 19 10:00:30 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 19 10:00:30 2013 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Nov 19 10:00:30 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 19 10:00:30 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Nov 19 10:00:30 2013 [server] Peer Connection Initiated with [AF_INET]5.135.148.242:443
Tue Nov 19 10:00:33 2013 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Tue Nov 19 10:00:33 2013 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,ping 20,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Tue Nov 19 10:00:33 2013 OPTIONS IMPORT: timers and/or timeouts modified
Tue Nov 19 10:00:33 2013 OPTIONS IMPORT: --ifconfig/up options modified
Tue Nov 19 10:00:33 2013 OPTIONS IMPORT: route options modified
Tue Nov 19 10:00:33 2013 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Nov 19 10:00:33 2013 ROUTE default_gateway=192.168.231.254
Tue Nov 19 10:00:33 2013 TUN/TAP device tun0 opened
Tue Nov 19 10:00:33 2013 TUN/TAP TX queue length set to 100
Tue Nov 19 10:00:33 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Nov 19 10:00:33 2013 /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500
Tue Nov 19 10:00:33 2013 /sbin/route add -net 5.135.148.242 netmask 255.255.255.255 gw 192.168.231.254
Tue Nov 19 10:00:33 2013 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.8.0.5
Tue Nov 19 10:00:33 2013 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.8.0.5
Tue Nov 19 10:00:33 2013 /sbin/route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.0.5
Tue Nov 19 10:00:33 2013 Initialization Sequence Completed

Re: Server error every 5 minutes

Posted: Mon Nov 25, 2013 5:32 pm
by Outpox
debbie10t wrote:
Outpox wrote:

Code: Select all

Tue Nov 19 10:00:29 2013 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Let's fix this issue to start with. Add "ns-cert-type server" to your client config.
Thanks for this tip :)
debbie10t wrote: While this continues to puzzle, according to the manual using proto tcp client/server "Both TCP client and server will simulate a SIGUSR1 restart signal if either side resets the connection."

However, according to your client log this is not taking place ?
It's not (according to the log posted above), there's absolutly no drop client side, some users are using the vpn to play and aren't issuing any problem.
debbie10t wrote: I am at a loss ... both your server & client should throw a SIGUSR1 at more or less the same time ... can you double check your logs ?
Well, the server is throwing it yes, but it's invisible on the client.
Like it's only a wall of text without reason.
debbie10t wrote: Are you using any kind of proxy ?
Nope, none.
debbie10t wrote: Currently .. Stumped ! :?
Heh sorry :?

Re: Server error every 5 minutes

Posted: Mon Nov 25, 2013 9:37 pm
by Outpox
debbie10t wrote:
Outpox wrote:Client config:

Code: Select all

ligne1
ligne2
I do not understand what this means .. could you explain please.
Are you using all unique certificates for all your clients or are some duplicated ?
I think I copied my source file instead of a user file.

Code: Select all

ligne1
ligne2
means in english

Code: Select all

line1
line2
It's a source file I use along the script I made which creates the certificate for the user. I used "sed" to rename those 2 lines with the username of the user and it appends .key and .crt at the end of the line.
So each clients have their own certificate.

Re: Server error every 5 minutes

Posted: Wed Jan 15, 2014 9:14 pm
by Outpox
debbie10t wrote:Some further thoughts:

Do you --ifconfig-push all unique IPs to clients using CCD Files.
Do you --push "route {server LAN IP}" to clients using CCD files.
CCD files are empty
debbie10t wrote: Are you expecting regular DHCP refresh and use this: push "redirect-gateway def1 bypass-dhcp"
Perhaps your clients are getting DHCP refresh every 5 minutes.
You could use --float if this is the case.
It still happen even when no one is connected.
debbie10t wrote: The bypass-dhcp option "may not be available on non-windows clients . . ."
What OS are the clients in question.
I'd say mostly Windows but a very few on linux (me).
debbie10t wrote: Use --verb 4 server & client - There may be something useful.
Will try :-)


Sorry for taking so much time to answer !

Re: Server error every 5 minutes

Posted: Wed Jan 29, 2014 8:44 am
by Outpox
debbie10t wrote:
Outpox wrote:CCD files are empty
Why define it if you do not use it ?
I'm using it to allow or disallow the access to the server. I followed the wiki (if I remember correctly) and some tutorials to do it. File present (even empty) -> access granted / File missing -> access refused
debbie10t wrote:
Outpox wrote:It still happen even when no one is connected.
Try using this on the server.conf:

Code: Select all

ping-timer-rem
Yep I'm trying this, I'll let you know :)

Re: Server error every 5 minutes

Posted: Wed Jan 29, 2014 9:14 am
by Outpox
Still happening :(

Code: Select all

Wed Jan 29 10:17:17 2014 MULTI: multi_create_instance called
Wed Jan 29 10:17:17 2014 Re-using SSL/TLS context
Wed Jan 29 10:17:17 2014 LZO compression initialized
Wed Jan 29 10:17:17 2014 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Jan 29 10:17:17 2014 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Jan 29 10:17:17 2014 Local Options hash (VER=V4): '9915e4a2'
Wed Jan 29 10:17:17 2014 Expected Remote Options hash (VER=V4): '2f2c6498'
Wed Jan 29 10:17:17 2014 TCP connection established with [AF_INET]37.187.35.250:37670
Wed Jan 29 10:17:17 2014 TCPv4_SERVER link local: [undef]
Wed Jan 29 10:17:17 2014 TCPv4_SERVER link remote: [AF_INET]37.187.35.250:37670
Wed Jan 29 10:17:17 2014 37.187.35.250:37670 Connection reset, restarting [-1]
Wed Jan 29 10:17:17 2014 37.187.35.250:37670 SIGUSR1[soft,connection-reset] received, client-instance restarting
Wed Jan 29 10:17:17 2014 TCP/UDP: Closing socket

Re: Server error every 5 minutes

Posted: Sun Feb 02, 2014 10:43 am
by rainbow6
Another possible reason is that the client is using the same credential from another PC/device which will automatically kick each other out every 5 minutes.

Re: Server error every 5 minutes

Posted: Mon Feb 10, 2014 10:06 am
by Outpox
I think I didn't explained clearly enough ^^
The message I get is only displayed in the server log. Clients do not have any problem, it works great for them.
So yeah my "only" problem is that my openvpn.log is getting spammed from this.

I followed a tutorial to setup openvpn. I had to do it several time because I changed my server by the time and I never had such an issue. (Even on this server). I tried restarting openvpn (obviously) but not the server (and I wouldn't like to do it except I'm 100% sure it solves the problem). Reeinstalling would be a pain in the *** because it would represent a lot of work and to many changes for my users.

Re: Server error every 5 minutes

Posted: Wed Feb 12, 2014 10:32 am
by Outpox

Code: Select all

Wed Feb 12 11:38:23 2014 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Feb 12 11:38:23 2014 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Feb 12 11:38:23 2014 Local Options hash (VER=V4): '9915e4a2'
Wed Feb 12 11:38:23 2014 Expected Remote Options hash (VER=V4): '2f2c6498'
Wed Feb 12 11:38:23 2014 TCP connection established with [AF_INET]37.187.35.250:50237
Wed Feb 12 11:38:23 2014 TCPv4_SERVER link local: [undef]
Wed Feb 12 11:38:23 2014 TCPv4_SERVER link remote: [AF_INET]37.187.35.250:50237
Wed Feb 12 11:38:23 2014 37.187.35.250:50237 Connection reset, restarting [-1]
Wed Feb 12 11:38:23 2014 37.187.35.250:50237 SIGUSR1[soft,connection-reset] received, client-instance restarting
Wed Feb 12 11:38:23 2014 TCP/UDP: Closing socket
^ I can confirm indeed.
According to http://www.localiser-ip.com/?ip=37.187.35.250 this ip comes from my server provider.

Re: Server error every 5 minutes

Posted: Tue Feb 25, 2014 7:46 am
by Outpox
Image

AS you can see files are quite big...
I'm making another backup and will post today's log later today
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/