OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

Constant disconnects

https://forums.openvpn.net/viewtopic.php?t=18918

Page 1 of 1

Constant disconnects

Posted: Thu May 28, 2015 3:56 am
by redsandvb
I have a Moto G (2013) w/ KitKat 4.4.4 that I am using as a wifi only device. I've installed the OpenVPN connect app and am trying to use it to connect to my home router's OpenVPN server. I also have an iPhone 3GS, also used as a wifi only device. With the iPhone and iOS OpenVPN connect app I can connect to my router's VPN server, no problems etc. With the MotoG I can connect to the router's server, but there are constant disconnects/re-connects making the connection unusable.

I don't have the device at the moment, but the logs showed this every few moments:
Session invalidated: KEEPALIVE_TIMEOUT
...something, restarting in 2...
.
.
.

My MotoG and iPhone .ovpn profile's are identical except for the client cert/key info

Code: Select all

client
dev tun
proto udp
remote (my server address) 1194
resolv-retry infinite
nobind
persist-key
persist-tun
<ca>
.
.
.
</ca>

<cert>
.
.
.
</cert>

<key>
.
.
.
</key>


remote-cert-tls server

key-direction 1
<tls-auth>
.
.
.
</tls-auth>


cipher AES-128-CBC
verb 3

Any idea what I need to do? BTW, I am a novice in this area...

Thank you :)

Re: Constant disconnects

Posted: Thu May 28, 2015 12:01 pm
by Traffic
redsandvb wrote:the logs showed this every few moments:
Session invalidated: KEEPALIVE_TIMEOUT
for some reason your connection is timing out.

Please post your server config and log while you attempt a connection from your clients.

Re: Constant disconnects

Posted: Thu May 28, 2015 6:26 pm
by redsandvb
Traffic wrote:
redsandvb wrote:the logs showed this every few moments:
Session invalidated: KEEPALIVE_TIMEOUT
for some reason your connection is timing out.

Please post your server config and log while you attempt a connection from your clients.
Not at home at the moment...
What's strange is that while the Android device keeps disconnecting, the iPhone seems to have no problems at all.
:?:

Re: Constant disconnects

Posted: Thu Jun 04, 2015 2:44 am
by redsandvb
Traffic wrote:
redsandvb wrote:the logs showed this every few moments:
Session invalidated: KEEPALIVE_TIMEOUT
for some reason your connection is timing out.

Please post your server config and log while you attempt a connection from your clients.
My router has Tomato firmware on it, this is the log I could find...
1st I setup another cell phone as a wifi hotspot, connected the MotoG to that hotspot then connected with OpenVPN connect. Tried browsing web, etc for a couple minutes...nothing really works. Disconnected the MotoG from VPN and hotspot. Connected iPhone to same hotspot then with OpenVPN connect. Started playing music off my music server and browsing the web for a couple minutes...no problems with connection. Disconnected iPhone.

Code: Select all

Jun  2 20:51:34 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 TLS: Initial packet from [AF_INET]70.212.129.246:7804, sid=ff52cbdf fe211268
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 VERIFY OK: depth=1, CN=wong-vpn
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 VERIFY OK: depth=0, CN=wong-vpn-nosw
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 [wong-vpn-nosw] Peer Connection Initiated with [AF_INET]70.212.129.246:7804
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:7804 MULTI_sva: pool returned IPv4=10.8.0.10, IPv6=(Not enabled)
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:7804 MULTI: Learn: 10.8.0.10 -> wong-vpn-nosw/70.212.129.246:7804
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:7804 MULTI: primary virtual IP for wong-vpn-nosw/70.212.129.246:7804: 10.8.0.10
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:7804 PUSH: Received control message: 'PUSH_REQUEST'
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:7804 send_push_reply(): safe_cap=940
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:7804 SENT CONTROL [wong-vpn-nosw]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.10 10.8.0.9' (status=1)
Jun  2 20:52:47 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 TLS: Initial packet from [AF_INET]70.212.129.246:2375, sid=8f911252 be58c682
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 VERIFY OK: depth=1, CN=wong-vpn
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 VERIFY OK: depth=0, CN=wong-vpn-nosw
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 [wong-vpn-nosw] Peer Connection Initiated with [AF_INET]70.212.129.246:2375
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: MULTI: new connection by client 'wong-vpn-nosw' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: MULTI_sva: pool returned IPv4=10.8.0.10, IPv6=(Not enabled)
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: MULTI: Learn: 10.8.0.10 -> wong-vpn-nosw/70.212.129.246:2375
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: MULTI: primary virtual IP for wong-vpn-nosw/70.212.129.246:2375: 10.8.0.10
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:2375 PUSH: Received control message: 'PUSH_REQUEST'
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:2375 send_push_reply(): safe_cap=940
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:2375 SENT CONTROL [wong-vpn-nosw]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.10 10.8.0.9' (status=1)
Jun  2 20:54:05 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 TLS: Initial packet from [AF_INET]70.212.129.246:5130, sid=1ea7bb5e 12211a22
Jun  2 20:54:08 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 VERIFY OK: depth=1, CN=wong-vpn
Jun  2 20:54:08 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 VERIFY OK: depth=0, CN=wong-vpn-nosw
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 [wong-vpn-nosw] Peer Connection Initiated with [AF_INET]70.212.129.246:5130
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: MULTI: new connection by client 'wong-vpn-nosw' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: MULTI_sva: pool returned IPv4=10.8.0.10, IPv6=(Not enabled)
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: MULTI: Learn: 10.8.0.10 -> wong-vpn-nosw/70.212.129.246:5130
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: MULTI: primary virtual IP for wong-vpn-nosw/70.212.129.246:5130: 10.8.0.10
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:5130 PUSH: Received control message: 'PUSH_REQUEST'
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:5130 send_push_reply(): safe_cap=940
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:5130 SENT CONTROL [wong-vpn-nosw]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.10 10.8.0.9' (status=1)
Jun  2 20:55:28 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 TLS: Initial packet from [AF_INET]70.212.129.246:8861, sid=3df4ffa9 dba780e2
Jun  2 20:55:31 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 VERIFY OK: depth=1, CN=wong-vpn
Jun  2 20:55:31 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 VERIFY OK: depth=0, CN=wong-vpn-nosw
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 [wong-vpn-nosw] Peer Connection Initiated with [AF_INET]70.212.129.246:8861
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: MULTI: new connection by client 'wong-vpn-nosw' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: MULTI_sva: pool returned IPv4=10.8.0.10, IPv6=(Not enabled)
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: MULTI: Learn: 10.8.0.10 -> wong-vpn-nosw/70.212.129.246:8861
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: MULTI: primary virtual IP for wong-vpn-nosw/70.212.129.246:8861: 10.8.0.10
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:8861 PUSH: Received control message: 'PUSH_REQUEST'
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:8861 send_push_reply(): safe_cap=940
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:8861 SENT CONTROL [wong-vpn-nosw]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.10 10.8.0.9' (status=1)
Jun  2 20:57:13 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 TLS: Initial packet from [AF_INET]70.212.129.246:7914, sid=b9197c45 d431e536
Jun  2 20:57:14 unknown daemon.err openvpn[1082]: 70.212.129.246:7914 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1433314633) Tue Jun  2 20:57:13 2015 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Jun  2 20:57:14 unknown daemon.err openvpn[1082]: 70.212.129.246:7914 TLS Error: incoming packet authentication failed from [AF_INET]70.212.129.246:7914
Jun  2 20:57:21 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 VERIFY OK: depth=1, CN=wong-vpn
Jun  2 20:57:21 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 VERIFY OK: depth=0, CN=wong-vpn-3gs
Jun  2 20:57:21 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:57:21 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:57:21 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:57:21 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 [wong-vpn-3gs] Peer Connection Initiated with [AF_INET]70.212.129.246:7914
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 MULTI: Learn: 10.8.0.6 -> wong-vpn-3gs/70.212.129.246:7914
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 MULTI: primary virtual IP for wong-vpn-3gs/70.212.129.246:7914: 10.8.0.6
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 PUSH: Received control message: 'PUSH_REQUEST'
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 send_push_reply(): safe_cap=940
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 SENT CONTROL [wong-vpn-3gs]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Jun  2 20:57:23 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 PUSH: Received control message: 'PUSH_REQUEST'
Jun  2 20:57:35 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:8861 [wong-vpn-nosw] Inactivity timeout (--ping-restart), restarting
Jun  2 20:57:35 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:8861 SIGUSR1[soft,ping-restart] received, client-instance restarting
Jun  2 21:09:20 unknown daemon.warn openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 IP packet with unknown IP version=2 seen
Jun  2 21:11:20 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 [wong-vpn-3gs] Inactivity timeout (--ping-restart), restarting
Jun  2 21:11:20 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 SIGUSR1[soft,ping-restart] received, client-instance restarting
I don't know how to export a config file, but these are my settings from the GUI:

VPN server Configuration>Basic >

Start with WAN : Yes
Interface Type : TUN
Protocol : UDP
Port : 1194
Firewall : Automatic
Authorization Mode : TLS
Extra HMAC-authorization (tls-auth) : Incoming (0)
VPN subnet/netmask : 10.8.0.0/255.255.255.0

VPN Server Configuration>Advanced :

Poll Interval (in minutes, 0 to disable) : 0
Push LAN to Clients : Yes
Direct clients to redirect internet traffic : Yes
Respond to DNS : Yes
Advertise DNS to clients : Yes
Encryption cipher : AES-128-CBC
Compression : Disabled
TLS Renegotiation Time (in seconds, -1 for default) : -1
Manage client-specific options : Yes
Allow Client<->Client : Yes

Certs and Keys info also done in GUI


Any Help greatly appreciated

Thanks!

Re: Constant disconnects

Posted: Wed Jun 10, 2015 4:09 am
by redsandvb
Traffic wrote:
redsandvb wrote:the logs showed this every few moments:
Session invalidated: KEEPALIVE_TIMEOUT
for some reason your connection is timing out.

Please post your server config and log while you attempt a connection from your clients.
I tried posting this about a week ago, it said it was submitted but needed approval. I'm now trying to re-post this.


This log (is what I could find) is from my router running the server. My router has Tomato firmware, I'm not sure how to extract ovpn logs or configs.
This log is from when I connected the MotoG to another cell phone acting as a wifi hotspot, then to my ovpn server in my router. I tried surfing web for a few minutes but couldn't do much of anything. Maybe one or two pages loaded. After I disconnected my MotoG I connected the iPhone to the other cell's wifispot, then to my ovpn server. With the iPhone I could then browse webpages and also access my home's music server and play music at the same time.

Code: Select all

Jun  2 20:51:34 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 TLS: Initial packet from [AF_INET]70.212.129.246:7804, sid=ff52cbdf fe211268
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 VERIFY OK: depth=1, CN=wong-vpn
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 VERIFY OK: depth=0, CN=wong-vpn-nosw
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: 70.212.129.246:7804 [wong-vpn-nosw] Peer Connection Initiated with [AF_INET]70.212.129.246:7804
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:7804 MULTI_sva: pool returned IPv4=10.8.0.10, IPv6=(Not enabled)
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:7804 MULTI: Learn: 10.8.0.10 -> wong-vpn-nosw/70.212.129.246:7804
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:7804 MULTI: primary virtual IP for wong-vpn-nosw/70.212.129.246:7804: 10.8.0.10
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:7804 PUSH: Received control message: 'PUSH_REQUEST'
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:7804 send_push_reply(): safe_cap=940
Jun  2 20:51:37 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:7804 SENT CONTROL [wong-vpn-nosw]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.10 10.8.0.9' (status=1)
Jun  2 20:52:47 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 TLS: Initial packet from [AF_INET]70.212.129.246:2375, sid=8f911252 be58c682
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 VERIFY OK: depth=1, CN=wong-vpn
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 VERIFY OK: depth=0, CN=wong-vpn-nosw
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: 70.212.129.246:2375 [wong-vpn-nosw] Peer Connection Initiated with [AF_INET]70.212.129.246:2375
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: MULTI: new connection by client 'wong-vpn-nosw' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: MULTI_sva: pool returned IPv4=10.8.0.10, IPv6=(Not enabled)
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: MULTI: Learn: 10.8.0.10 -> wong-vpn-nosw/70.212.129.246:2375
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: MULTI: primary virtual IP for wong-vpn-nosw/70.212.129.246:2375: 10.8.0.10
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:2375 PUSH: Received control message: 'PUSH_REQUEST'
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:2375 send_push_reply(): safe_cap=940
Jun  2 20:52:50 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:2375 SENT CONTROL [wong-vpn-nosw]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.10 10.8.0.9' (status=1)
Jun  2 20:54:05 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 TLS: Initial packet from [AF_INET]70.212.129.246:5130, sid=1ea7bb5e 12211a22
Jun  2 20:54:08 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 VERIFY OK: depth=1, CN=wong-vpn
Jun  2 20:54:08 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 VERIFY OK: depth=0, CN=wong-vpn-nosw
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: 70.212.129.246:5130 [wong-vpn-nosw] Peer Connection Initiated with [AF_INET]70.212.129.246:5130
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: MULTI: new connection by client 'wong-vpn-nosw' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: MULTI_sva: pool returned IPv4=10.8.0.10, IPv6=(Not enabled)
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: MULTI: Learn: 10.8.0.10 -> wong-vpn-nosw/70.212.129.246:5130
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: MULTI: primary virtual IP for wong-vpn-nosw/70.212.129.246:5130: 10.8.0.10
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:5130 PUSH: Received control message: 'PUSH_REQUEST'
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:5130 send_push_reply(): safe_cap=940
Jun  2 20:54:09 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:5130 SENT CONTROL [wong-vpn-nosw]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.10 10.8.0.9' (status=1)
Jun  2 20:55:28 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 TLS: Initial packet from [AF_INET]70.212.129.246:8861, sid=3df4ffa9 dba780e2
Jun  2 20:55:31 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 VERIFY OK: depth=1, CN=wong-vpn
Jun  2 20:55:31 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 VERIFY OK: depth=0, CN=wong-vpn-nosw
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: 70.212.129.246:8861 [wong-vpn-nosw] Peer Connection Initiated with [AF_INET]70.212.129.246:8861
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: MULTI: new connection by client 'wong-vpn-nosw' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: MULTI_sva: pool returned IPv4=10.8.0.10, IPv6=(Not enabled)
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: MULTI: Learn: 10.8.0.10 -> wong-vpn-nosw/70.212.129.246:8861
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: MULTI: primary virtual IP for wong-vpn-nosw/70.212.129.246:8861: 10.8.0.10
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:8861 PUSH: Received control message: 'PUSH_REQUEST'
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:8861 send_push_reply(): safe_cap=940
Jun  2 20:55:32 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:8861 SENT CONTROL [wong-vpn-nosw]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.10 10.8.0.9' (status=1)
Jun  2 20:57:13 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 TLS: Initial packet from [AF_INET]70.212.129.246:7914, sid=b9197c45 d431e536
Jun  2 20:57:14 unknown daemon.err openvpn[1082]: 70.212.129.246:7914 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1433314633) Tue Jun  2 20:57:13 2015 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Jun  2 20:57:14 unknown daemon.err openvpn[1082]: 70.212.129.246:7914 TLS Error: incoming packet authentication failed from [AF_INET]70.212.129.246:7914
Jun  2 20:57:21 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 VERIFY OK: depth=1, CN=wong-vpn
Jun  2 20:57:21 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 VERIFY OK: depth=0, CN=wong-vpn-3gs
Jun  2 20:57:21 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:57:21 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:57:21 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jun  2 20:57:21 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: 70.212.129.246:7914 [wong-vpn-3gs] Peer Connection Initiated with [AF_INET]70.212.129.246:7914
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 MULTI: Learn: 10.8.0.6 -> wong-vpn-3gs/70.212.129.246:7914
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 MULTI: primary virtual IP for wong-vpn-3gs/70.212.129.246:7914: 10.8.0.6
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 PUSH: Received control message: 'PUSH_REQUEST'
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 send_push_reply(): safe_cap=940
Jun  2 20:57:22 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 SENT CONTROL [wong-vpn-3gs]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Jun  2 20:57:23 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 PUSH: Received control message: 'PUSH_REQUEST'
Jun  2 20:57:35 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:8861 [wong-vpn-nosw] Inactivity timeout (--ping-restart), restarting
Jun  2 20:57:35 unknown daemon.notice openvpn[1082]: wong-vpn-nosw/70.212.129.246:8861 SIGUSR1[soft,ping-restart] received, client-instance restarting
Jun  2 21:09:20 unknown daemon.warn openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 IP packet with unknown IP version=2 seen
Jun  2 21:11:20 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 [wong-vpn-3gs] Inactivity timeout (--ping-restart), restarting
Jun  2 21:11:20 unknown daemon.notice openvpn[1082]: wong-vpn-3gs/70.212.129.246:7914 SIGUSR1[soft,ping-restart] received, client-instance restarting

I'm not sure how to export the config, but here is how I setup my ovpn server in my router's GUI:

VPN server Configuration>Basic >

Start with WAN : Yes
Interface Type : TUN
Protocol : UDP
Port : 1194
Firewall : Automatic
Authorization Mode : TLS
Extra HMAC-authorization (tls-autth) : Incoming (0)
VPN subnet/netmask : 10.8.0.0/255.255.255.0

VPN Server Configuration>Advanced :

Poll Interval (in minutes, 0 to disable) : 0
Push LAN to Clients : Yes
Direct clients to redirect internet traffic : Yes
Respond to DNS : Yes
Advertise DNS to clients : Yes
Encryption cipher : AES-128-CBC
Compression : Disabled
TLS Renegotiation Time (in seconds, -1 for default) : -1
Manage client-specific options : Yes
Allow Client<->Client : Yes

Re: Constant disconnects

Posted: Sun Jun 14, 2015 1:13 am
by redsandvb
Traffic wrote:
redsandvb wrote:the logs showed this every few moments:
Session invalidated: KEEPALIVE_TIMEOUT
for some reason your connection is timing out.

Please post your server config and log while you attempt a connection from your clients.
I've tried to reply w/ logs and config twice, once last week and once a few days ago, but I'm a new member and it says my posts need moderator approval. I'm trying to post this message to see if it goes through...

Re: Constant disconnects

Posted: Sun Aug 23, 2015 12:04 pm
by Traffic
  • NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
  • You are advised to change your server LAN to a more unique RFC1918 compliant subnet. f.e 192.168.143.0/24
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/