OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

OpenVPN connect PAUSE when Android is locked

https://forums.openvpn.net/viewtopic.php?t=30246

Page 1 of 1

OpenVPN connect PAUSE when Android is locked

Posted: Tue May 05, 2020 9:05 am
by Taomo
Hi,

my problem is that OpenVPN connect sometimes (NOT allways) disconnected when the phone is locked (WiFi or 4G/4G+). As soon as I unlock the phone, OpenVPN reconnect.
My system is:

Client:
OpenVPN Version: 3.1.1 (4581)
Phone: Samsung Galaxy S7Edge (Android v6.0.1)

Server:
Router Asus RT-AC87U (firmware Asuswrt-Merlin v384.13_8 with openvpn v2.4.9).

Server config:
Image

In client config, I changed "continuously Retry" & "Seamless Tunnel" options but continues disconnecting.

Server log:
23:20:33.356 -- EVENT: WAIT
23:20:33.391 -- EVENT: PAUSE
23:24:18.162 -- EVENT: RESUME <--- 4 minutes paused untill I unlocked the phone (until unloke, no Whatsapps or emails arrive)
23:24:18.188 -- EVENT: RECONNECTING

Code: Select all

21:21:30.646 -- ----- OpenVPN Start -----

21:21:30.650 -- EVENT: CORE_THREAD_ACTIVE

21:21:30.757 -- OpenVPN core 3.git::f225fcd0:Release android arm64 64-bit PT_PROXY built on Mar  3 2020 21:07:24

21:21:30.766 -- Frame=512/2048/512 mssfix-ctrl=1250

21:21:30.780 -- UNUSED OPTIONS
5 [ncp-ciphers] [AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC]
16 [resolv-retry] [infinite]
17 [nobind]

21:21:30.794 -- EVENT: RESOLVE

21:21:32.301 -- Contacting X.X.X.X:443 via TCPv4

21:21:32.306 -- EVENT: WAIT

21:21:32.442 -- Connecting to [XXXXXX.asuscomm.com]:443 (X.X.X.X) via TCPv4

21:21:32.452 -- EVENT: CONNECTING

21:21:32.569 -- Tunnel Options:V4,dev-type tun,link-mtu 1524,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-GCM,auth SHA1,keysize 128,key-method 2,tls-client

21:21:32.577 -- Creds: Username/Password

21:21:32.582 -- Peer Info:
IV_GUI_VER=OC30Android
IV_VER=3.git::f225fcd0:Release
IV_PLAT=android
IV_LZO_STUB=1
IV_COMP_STUB=1


21:21:32.586 -- VERIFY OK : depth=0
cert. version     : 3
serial number     : 01
issuer name       : C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
subject name      : C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
issued  on        : 2020-04-20 09:57:55
expires on        : 2030-04-18 09:57:55
signed using      : RSA with SHA1
RSA key size      : 2048 bits
basic constraints : CA=false
cert. type        : SSL Server
key usage         : Digital Signature, Key Encipherment
ext key usage     : TLS Web Server Authentication


21:21:32.781 -- SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-CBC-SHA

21:21:32.782 -- Session is ACTIVE

21:21:32.783 -- EVENT: GET_CONFIG

21:21:32.858 -- Sending PUSH_REQUEST to server...

21:21:32.864 -- OPTIONS:
0 [route] [192.168.1.0] [255.255.255.0] [vpn_gateway] [500]
1 [dhcp-option] [DNS] [192.168.1.1]
2 [redirect-gateway] [def1]
3 [route-gateway] [10.8.0.1]
4 [topology] [subnet]
5 [ping] [15]
6 [ping-restart] [60]
7 [ifconfig] [10.8.0.2] [255.255.255.0]


21:21:32.866 -- PROTOCOL OPTIONS:
  cipher: AES-128-GCM
  digest: SHA1
  compress: LZO_STUB
  peer ID: -1

21:21:32.872 -- EVENT: ASSIGN_IP

21:21:33.202 -- TunPersist: saving tun context:
Session Name: XXXXXX.asuscomm.com
Layer: OSI_LAYER_3
Remote Address: X.X.X.X
Tunnel Addresses:
  10.8.0.2/24 -> 10.8.0.1
Reroute Gateway: IPv4=1 IPv6=0 flags=[ ENABLE REROUTE_GW DEF1 IPv4 ]
Block IPv6: no
Add Routes:
  192.168.1.0/24 [METRIC=500]
Exclude Routes:
DNS Servers:
  192.168.1.1
Search Domains:


21:21:33.207 -- Connected via tun

21:21:33.219 -- LZO-ASYM init swap=0 asym=1

21:21:33.238 -- Comp-stub init swap=0

21:21:33.278 -- EVENT: CONNECTED info='USER@XXXXXX.asuscomm.com:443 (X.X.X.X) via /TCPv4 on tun/10.8.0.2/ gw=[10.8.0.1/]'

21:22:53.097 -- Session invalidated: KEEPALIVE_TIMEOUT

21:22:53.101 -- Client terminated, restarting in 2000 ms...

21:22:55.101 -- EVENT: RECONNECTING trans=TO_DISCONNECTED

21:22:55.125 -- Contacting X.X.X.X:443 via TCPv4

21:22:55.129 -- EVENT: WAIT

21:22:55.169 -- Connecting to [XXXXXX.asuscomm.com]:443 (X.X.X.X) via TCPv4

21:22:55.174 -- EVENT: CONNECTING

21:22:55.211 -- Tunnel Options:V4,dev-type tun,link-mtu 1524,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-GCM,auth SHA1,keysize 128,key-method 2,tls-client

21:22:55.213 -- Creds: Username/Password

21:22:55.214 -- Peer Info:
IV_GUI_VER=OC30Android
IV_VER=3.git::f225fcd0:Release
IV_PLAT=android
IV_LZO_STUB=1
IV_COMP_STUB=1


21:22:55.216 -- VERIFY OK : depth=0
cert. version     : 3
serial number     : 01
issuer name       : C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
subject name      : C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
issued  on        : 2020-04-20 09:57:55
expires on        : 2030-04-18 09:57:55
signed using      : RSA with SHA1
RSA key size      : 2048 bits
basic constraints : CA=false
cert. type        : SSL Server
key usage         : Digital Signature, Key Encipherment
ext key usage     : TLS Web Server Authentication


21:22:55.429 -- SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-CBC-SHA

21:22:55.430 -- Session is ACTIVE

21:22:55.430 -- EVENT: GET_CONFIG

21:22:55.443 -- Sending PUSH_REQUEST to server...

21:22:55.478 -- OPTIONS:
0 [route] [192.168.1.0] [255.255.255.0] [vpn_gateway] [500]
1 [dhcp-option] [DNS] [192.168.1.1]
2 [redirect-gateway] [def1]
3 [route-gateway] [10.8.0.1]
4 [topology] [subnet]
5 [ping] [15]
6 [ping-restart] [60]
7 [ifconfig] [10.8.0.2] [255.255.255.0]


21:22:55.479 -- PROTOCOL OPTIONS:
  cipher: AES-128-GCM
  digest: SHA1
  compress: LZO_STUB
  peer ID: -1

21:22:55.479 -- TunPersist: reused tun context

21:22:55.480 -- Connected via tun

21:22:55.480 -- LZO-ASYM init swap=0 asym=1

21:22:55.482 -- Comp-stub init swap=0

21:22:55.487 -- EVENT: CONNECTED info='USER@XXXXXX.asuscomm.com:443 (X.X.X.X) via /TCPv4 on tun/10.8.0.2/ gw=[10.8.0.1/]'

21:24:03.469 -- TCP recv error: Connection reset by peer

21:24:03.474 -- Transport Error: Transport error on 'XXXXXX.asuscomm.com: NETWORK_RECV_ERROR

21:24:03.475 -- EVENT: TRANSPORT_ERROR info='Transport error on 'XXXXXX.asuscomm.com: NETWORK_RECV_ERROR'

21:24:03.492 -- Client terminated, restarting in 5000 ms...

21:24:08.478 -- EVENT: RECONNECTING

21:24:08.503 -- Contacting X.X.X.X:443 via TCPv4

21:24:08.505 -- EVENT: WAIT

21:24:08.539 -- Connecting to [XXXXXX.asuscomm.com]:443 (X.X.X.X) via TCPv4

21:24:08.544 -- EVENT: CONNECTING

21:24:08.597 -- Tunnel Options:V4,dev-type tun,link-mtu 1524,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-GCM,auth SHA1,keysize 128,key-method 2,tls-client

21:24:08.598 -- Creds: Username/Password

21:24:08.599 -- Peer Info:
IV_GUI_VER=OC30Android
IV_VER=3.git::f225fcd0:Release
IV_PLAT=android
IV_LZO_STUB=1
IV_COMP_STUB=1


21:24:08.625 -- VERIFY OK : depth=0
cert. version     : 3
serial number     : 01
issuer name       : C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
subject name      : C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
issued  on        : 2020-04-20 09:57:55
expires on        : 2030-04-18 09:57:55
signed using      : RSA with SHA1
RSA key size      : 2048 bits
basic constraints : CA=false
cert. type        : SSL Server
key usage         : Digital Signature, Key Encipherment
ext key usage     : TLS Web Server Authentication


21:24:08.858 -- SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-CBC-SHA

21:24:08.859 -- Session is ACTIVE

21:24:08.860 -- EVENT: GET_CONFIG

21:24:08.880 -- Sending PUSH_REQUEST to server...

21:24:08.911 -- OPTIONS:
0 [route] [192.168.1.0] [255.255.255.0] [vpn_gateway] [500]
1 [dhcp-option] [DNS] [192.168.1.1]
2 [redirect-gateway] [def1]
3 [route-gateway] [10.8.0.1]
4 [topology] [subnet]
5 [ping] [15]
6 [ping-restart] [60]
7 [ifconfig] [10.8.0.2] [255.255.255.0]


21:24:08.915 -- PROTOCOL OPTIONS:
  cipher: AES-128-GCM
  digest: SHA1
  compress: LZO_STUB
  peer ID: -1

21:24:08.920 -- TunPersist: reused tun context

21:24:08.923 -- Connected via tun

21:24:08.925 -- LZO-ASYM init swap=0 asym=1

21:24:08.926 -- Comp-stub init swap=0

21:24:08.928 -- EVENT: CONNECTED info='USER@XXXXXX.asuscomm.com:443 (X.X.X.X) via /TCPv4 on tun/10.8.0.2/ gw=[10.8.0.1/]'

22:24:13.255 -- Tunnel Options:V4,dev-type tun,link-mtu 1524,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-GCM,auth SHA1,keysize 128,key-method 2,tls-client

22:24:13.260 -- Creds: Username/Password

22:24:13.274 -- Peer Info:
IV_GUI_VER=OC30Android
IV_VER=3.git::f225fcd0:Release
IV_PLAT=android
IV_LZO_STUB=1
IV_COMP_STUB=1


22:24:13.322 -- VERIFY OK : depth=0
cert. version     : 3
serial number     : 01
issuer name       : C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
subject name      : C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
issued  on        : 2020-04-20 09:57:55
expires on        : 2030-04-18 09:57:55
signed using      : RSA with SHA1
RSA key size      : 2048 bits
basic constraints : CA=false
cert. type        : SSL Server
key usage         : Digital Signature, Key Encipherment
ext key usage     : TLS Web Server Authentication


22:24:13.617 -- SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-CBC-SHA

22:24:13.620 -- LZO-ASYM init swap=0 asym=1

22:24:13.622 -- Comp-stub init swap=0

23:13:42.375 -- Session invalidated: KEEPALIVE_TIMEOUT

23:13:42.376 -- Client terminated, restarting in 2000 ms...

23:15:41.982 -- EVENT: RECONNECTING trans=TO_DISCONNECTED

23:15:42.012 -- Contacting X.X.X.X:443 via TCPv4

23:15:42.015 -- EVENT: WAIT

23:20:33.336 -- Server poll timeout, trying next remote entry...

23:20:33.338 -- EVENT: RECONNECTING

23:20:33.354 -- Contacting X.X.X.X:443 via TCPv4

23:20:33.356 -- EVENT: WAIT

23:20:33.391 -- EVENT: PAUSE

23:24:18.162 -- EVENT: RESUME

23:24:18.188 -- EVENT: RECONNECTING

23:24:18.296 -- Contacting X.X.X.X:443 via TCPv4

23:24:18.297 -- EVENT: WAIT

23:24:18.329 -- Connecting to [XXXXXX.asuscomm.com]:443 (X.X.X.X) via TCPv4

23:24:18.336 -- EVENT: CONNECTING

23:24:18.384 -- Tunnel Options:V4,dev-type tun,link-mtu 1524,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-GCM,auth SHA1,keysize 128,key-method 2,tls-client

23:24:18.393 -- Creds: Username/Password

23:24:18.396 -- Peer Info:
IV_GUI_VER=OC30Android
IV_VER=3.git::f225fcd0:Release
IV_PLAT=android
IV_LZO_STUB=1
IV_COMP_STUB=1


23:24:18.403 -- VERIFY OK : depth=0
cert. version     : 3
serial number     : 01
issuer name       : C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
subject name      : C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
issued  on        : 2020-04-20 09:57:55
expires on        : 2030-04-18 09:57:55
signed using      : RSA with SHA1
RSA key size      : 2048 bits
basic constraints : CA=false
cert. type        : SSL Server
key usage         : Digital Signature, Key Encipherment
ext key usage     : TLS Web Server Authentication


23:24:18.572 -- SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-CBC-SHA

23:24:18.574 -- Session is ACTIVE

23:24:18.576 -- EVENT: GET_CONFIG

23:24:18.594 -- Sending PUSH_REQUEST to server...

23:24:18.617 -- OPTIONS:
0 [route] [192.168.1.0] [255.255.255.0] [vpn_gateway] [500]
1 [dhcp-option] [DNS] [192.168.1.1]
2 [redirect-gateway] [def1]
3 [route-gateway] [10.8.0.1]
4 [topology] [subnet]
5 [ping] [15]
6 [ping-restart] [60]
7 [ifconfig] [10.8.0.2] [255.255.255.0]


23:24:18.618 -- PROTOCOL OPTIONS:
  cipher: AES-128-GCM
  digest: SHA1
  compress: LZO_STUB
  peer ID: -1

23:24:18.620 -- TunPersist: reused tun context

23:24:18.623 -- Connected via tun

23:24:18.624 -- LZO-ASYM init swap=0 asym=1

23:24:18.625 -- Comp-stub init swap=0

23:24:18.627 -- EVENT: CONNECTED info='USER@XXXXXX.asuscomm.com:443 (X.X.X.X) via /TCPv4 on tun/10.8.0.2/ gw=[10.8.0.1/]'
Server log:
May 4 21:19:19 ovpn-server1[20073]: client/192.168.1.120:51976 Connection reset, restarting [0]
May 4 21:19:19 ovpn-server1[20073]: client/192.168.1.120:51976 SIGUSR1[soft,connection-reset] received, client-instance restarting
...
May 4 21:22:25 ovpn-server1[20073]: client/192.168.1.120:56978 read TCPv6_SERVER: Connection timed out (code=110)
May 4 21:22:25 ovpn-server1[20073]: client/192.168.1.120:56978 Connection reset, restarting [0]
...

Code: Select all

May  4 21:19:19 ovpn-server1[20073]: client/192.168.1.120:51976 Connection reset, restarting [0]
May  4 21:19:19 ovpn-server1[20073]: client/192.168.1.120:51976 SIGUSR1[soft,connection-reset] received, client-instance restarting
May  4 21:21:33 ovpn-server1[20073]: TCP connection established with [AF_INET6]::ffff:192.168.1.120:56978
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 TLS: Initial packet from [AF_INET6]::ffff:192.168.1.120:56978, sid=4747faee 4496af19
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=client, emailAddress=me@myhost.mydomain
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 peer info: IV_GUI_VER=OC30Android
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 peer info: IV_VER=3.git::f225fcd0:Release
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 peer info: IV_PLAT=android
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 peer info: IV_LZO_STUB=1
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 peer info: IV_COMP_STUB=1
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 PLUGIN_CALL: POST /usr/lib/openvpn-plugin-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 TLS: Username/Password authentication succeeded for username 'USER' 
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1552', remote='link-mtu 1524'
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
May  4 21:21:33 ovpn-server1[20073]: 192.168.1.120:56978 [client] Peer Connection Initiated with [AF_INET6]::ffff:192.168.1.120:56978
May  4 21:21:33 ovpn-server1[20073]: client/192.168.1.120:56978 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
May  4 21:21:33 ovpn-server1[20073]: client/192.168.1.120:56978 MULTI: Learn: 10.8.0.2 -> client/192.168.1.120:56978
May  4 21:21:33 ovpn-server1[20073]: client/192.168.1.120:56978 MULTI: primary virtual IP for client/192.168.1.120:56978: 10.8.0.2
May  4 21:21:33 ovpn-server1[20073]: client/192.168.1.120:56978 PUSH: Received control message: 'PUSH_REQUEST'
May  4 21:21:33 ovpn-server1[20073]: client/192.168.1.120:56978 SENT CONTROL [client]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0 vpn_gateway 500,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route-gateway 10.8.0.1,topology subnet,ping 15,ping-restart 60,ifconfig 10.8.0.2 255.255.255.0' (status=1)
May  4 21:22:25 ovpn-server1[20073]: client/192.168.1.120:56978 read TCPv6_SERVER: Connection timed out (code=110)
May  4 21:22:25 ovpn-server1[20073]: client/192.168.1.120:56978 Connection reset, restarting [0]
May  4 21:22:25 ovpn-server1[20073]: client/192.168.1.120:56978 SIGUSR1[soft,connection-reset] received, client-instance restarting
May  4 21:22:56 ovpn-server1[20073]: TCP connection established with [AF_INET6]::ffff:192.168.1.120:56983
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 TLS: Initial packet from [AF_INET6]::ffff:192.168.1.120:56983, sid=8c9af268 57c64091
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=client, emailAddress=me@myhost.mydomain
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 peer info: IV_GUI_VER=OC30Android
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 peer info: IV_VER=3.git::f225fcd0:Release
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 peer info: IV_PLAT=android
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 peer info: IV_LZO_STUB=1
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 peer info: IV_COMP_STUB=1
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 PLUGIN_CALL: POST /usr/lib/openvpn-plugin-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 TLS: Username/Password authentication succeeded for username 'USER' 
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1552', remote='link-mtu 1524'
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
May  4 21:22:56 ovpn-server1[20073]: 192.168.1.120:56983 [client] Peer Connection Initiated with [AF_INET6]::ffff:192.168.1.120:56983
May  4 21:22:56 ovpn-server1[20073]: client/192.168.1.120:56983 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
May  4 21:22:56 ovpn-server1[20073]: client/192.168.1.120:56983 MULTI: Learn: 10.8.0.2 -> client/192.168.1.120:56983
May  4 21:22:56 ovpn-server1[20073]: client/192.168.1.120:56983 MULTI: primary virtual IP for client/192.168.1.120:56983: 10.8.0.2
May  4 21:22:56 ovpn-server1[20073]: client/192.168.1.120:56983 PUSH: Received control message: 'PUSH_REQUEST'
May  4 21:22:56 ovpn-server1[20073]: client/192.168.1.120:56983 SENT CONTROL [client]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0 vpn_gateway 500,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route-gateway 10.8.0.1,topology subnet,ping 15,ping-restart 60,ifconfig 10.8.0.2 255.255.255.0' (status=1)
May  4 21:23:57 ovpn-server1[20073]: client/192.168.1.120:56983 read TCPv6_SERVER: Connection timed out (code=110)
May  4 21:23:57 ovpn-server1[20073]: client/192.168.1.120:56983 Connection reset, restarting [0]
May  4 21:23:57 ovpn-server1[20073]: client/192.168.1.120:56983 SIGUSR1[soft,connection-reset] received, client-instance restarting
May  4 21:24:09 ovpn-server1[20073]: TCP connection established with [AF_INET6]::ffff:192.168.1.120:56994
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 TLS: Initial packet from [AF_INET6]::ffff:192.168.1.120:56994, sid=31e3f762 9da300a2
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=client, emailAddress=me@myhost.mydomain
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 peer info: IV_GUI_VER=OC30Android
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 peer info: IV_VER=3.git::f225fcd0:Release
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 peer info: IV_PLAT=android
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 peer info: IV_LZO_STUB=1
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 peer info: IV_COMP_STUB=1
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 PLUGIN_CALL: POST /usr/lib/openvpn-plugin-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 TLS: Username/Password authentication succeeded for username 'USER' 
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1552', remote='link-mtu 1524'
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
May  4 21:24:09 ovpn-server1[20073]: 192.168.1.120:56994 [client] Peer Connection Initiated with [AF_INET6]::ffff:192.168.1.120:56994
May  4 21:24:09 ovpn-server1[20073]: client/192.168.1.120:56994 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
May  4 21:24:09 ovpn-server1[20073]: client/192.168.1.120:56994 MULTI: Learn: 10.8.0.2 -> client/192.168.1.120:56994
May  4 21:24:09 ovpn-server1[20073]: client/192.168.1.120:56994 MULTI: primary virtual IP for client/192.168.1.120:56994: 10.8.0.2
May  4 21:24:09 ovpn-server1[20073]: client/192.168.1.120:56994 PUSH: Received control message: 'PUSH_REQUEST'
May  4 21:24:09 ovpn-server1[20073]: client/192.168.1.120:56994 SENT CONTROL [client]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0 vpn_gateway 500,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route-gateway 10.8.0.1,topology subnet,ping 15,ping-restart 60,ifconfig 10.8.0.2 255.255.255.0' (status=1)
May  4 22:07:40 ovpn-server1[20073]: TCP connection established with [AF_INET6]::ffff:162.243.144.63:41498
May  4 22:07:40 ovpn-server1[20073]: 162.243.144.63:41498 WARNING: Bad encapsulated packet length from peer (18245), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
May  4 22:07:40 ovpn-server1[20073]: 162.243.144.63:41498 Connection reset, restarting [0]
May  4 22:07:40 ovpn-server1[20073]: 162.243.144.63:41498 SIGUSR1[soft,connection-reset] received, client-instance restarting
May  4 22:24:10 ovpn-server1[20073]: client/192.168.1.120:56994 TLS: soft reset sec=-1 bytes=166930542/-1 pkts=192753/0
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=client, emailAddress=me@myhost.mydomain
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 peer info: IV_GUI_VER=OC30Android
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 peer info: IV_VER=3.git::f225fcd0:Release
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 peer info: IV_PLAT=android
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 peer info: IV_LZO_STUB=1
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 peer info: IV_COMP_STUB=1
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 PLUGIN_CALL: POST /usr/lib/openvpn-plugin-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 TLS: Username/Password authentication succeeded for username 'USER' 
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1552', remote='link-mtu 1524'
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
May  4 22:24:14 ovpn-server1[20073]: client/192.168.1.120:56994 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
May  4 22:41:48 ovpn-server1[20073]: TCP connection established with [AF_INET6]::ffff:138.99.216.112:61000
May  4 22:41:50 ovpn-server1[20073]: 138.99.216.112:61000 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
May  4 22:41:50 ovpn-server1[20073]: 138.99.216.112:61000 Connection reset, restarting [0]
May  4 22:41:50 ovpn-server1[20073]: 138.99.216.112:61000 SIGUSR1[soft,connection-reset] received, client-instance restarting
May  4 23:11:43 ovpn-server1[20073]: TCP connection established with [AF_INET6]::ffff:185.202.2.147:1463
May  4 23:12:43 ovpn-server1[20073]: 185.202.2.147:1463 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
May  4 23:12:43 ovpn-server1[20073]: 185.202.2.147:1463 TLS Error: TLS handshake failed
May  4 23:12:43 ovpn-server1[20073]: 185.202.2.147:1463 Fatal TLS error (check_tls_errors_co), restarting
May  4 23:12:43 ovpn-server1[20073]: 185.202.2.147:1463 SIGUSR1[soft,tls-error] received, client-instance restarting
May  4 23:12:44 ovpn-server1[20073]: client/192.168.1.120:56994 read TCPv6_SERVER: Connection timed out (code=110)
May  4 23:12:44 ovpn-server1[20073]: client/192.168.1.120:56994 Connection reset, restarting [0]
May  4 23:12:44 ovpn-server1[20073]: client/192.168.1.120:56994 SIGUSR1[soft,connection-reset] received, client-instance restarting
May  4 23:24:19 ovpn-server1[20073]: TCP connection established with [AF_INET6]::ffff:192.168.1.120:57454
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 TLS: Initial packet from [AF_INET6]::ffff:192.168.1.120:57454, sid=c315fd62 839fc19b
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC87U, emailAddress=me@myhost.mydomain
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=client, emailAddress=me@myhost.mydomain
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 peer info: IV_GUI_VER=OC30Android
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 peer info: IV_VER=3.git::f225fcd0:Release
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 peer info: IV_PLAT=android
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 peer info: IV_LZO_STUB=1
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 peer info: IV_COMP_STUB=1
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 PLUGIN_CALL: POST /usr/lib/openvpn-plugin-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 TLS: Username/Password authentication succeeded for username 'USER' 
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1552', remote='link-mtu 1524'
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
May  4 23:24:19 ovpn-server1[20073]: 192.168.1.120:57454 [client] Peer Connection Initiated with [AF_INET6]::ffff:192.168.1.120:57454
May  4 23:24:19 ovpn-server1[20073]: client/192.168.1.120:57454 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
May  4 23:24:19 ovpn-server1[20073]: client/192.168.1.120:57454 MULTI: Learn: 10.8.0.2 -> client/192.168.1.120:57454
May  4 23:24:19 ovpn-server1[20073]: client/192.168.1.120:57454 MULTI: primary virtual IP for client/192.168.1.120:57454: 10.8.0.2
May  4 23:24:19 ovpn-server1[20073]: client/192.168.1.120:57454 PUSH: Received control message: 'PUSH_REQUEST'
May  4 23:24:19 ovpn-server1[20073]: client/192.168.1.120:57454 SENT CONTROL [client]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0 vpn_gateway 500,dhcp-option DNS 192.168.1.1,redirect-gateway def1,route-gateway 10.8.0.1,topology subnet,ping 15,ping-restart 60,ifconfig 10.8.0.2 255.255.255.0' (status=1)
May  4 23:59:37 ovpn-server1[20073]: client/192.168.1.120:57454 read TCPv6_SERVER: Connection timed out (code=110)
May  4 23:59:37 ovpn-server1[20073]: client/192.168.1.120:57454 Connection reset, restarting [0]
May  4 23:59:37 ovpn-server1[20073]: client/192.168.1.120:57454 SIGUSR1[soft,connection-reset] received, client-instance restarting
I read a similar error here but it is on iOS.

Apps energy saving is disabled for OpenVPN Connection app (I changed it).

I changed many options in both server and client but the error persists.


Someone can help me?
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/