OpenVPN server on windows; sometimes all routing is lost

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
maxburn
OpenVPN User
Posts: 20
Joined: Mon Dec 12, 2016 6:07 pm

OpenVPN server on windows; sometimes all routing is lost

Post by maxburn » Wed Jun 13, 2018 1:49 pm

The situation:
I have OpenVPN server running on windows 7 in our datacenter in a bunch of VMs. The clients in the field are Edgerouters and they run OpenVPN client to reach into the datacenter to connect to the server. I am allowing client-to-client routing and I have CCD files and the server config etc set up such that the different clients on a particular server can reach each other and reach the server via the VPN IP address, but they can NOT reach the LAN side of the windows VM. This all works great and it's what we want.

The problem:
BUT every once in a while something in the datacenter happens (something networking related we think) and it causes every single VM to lose connectivity to the OpenVPN clients. When this is happening I can see the clients connected in the logs but I can not ping the remote VPN addresses or anything on the LAN side of the Edgerouters from those VM's, which I normally can ping. Every time this happens the fix is to stop and restart the OpenVPN service, on every VM, and once the clients reconnect everything is fine again.

I think next time to see what's going on I will gather a route print.

Anyone know what's going on or what more data I can gather that would help me understand it? It seems to happen pretty rarely but it's a big outage for many machines when it happens.

Post Reply