Running OpenVPN as a Windows service: retries connections indefinitely
Posted: Wed May 03, 2023 2:50 pm
I have a problem with the OpenVPN Service on Windows machines. I set the connect-rety-max value in the config to 1, ergo, retry the connection once then stop. This does not work.
Here is my log
2023-05-03 09:37:30 OpenVPN 2.6.0 [git:v2.6.0/b999466418dddb89] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jan 25 2023
2023-05-03 09:37:30 Windows version 10.0 (Windows 10 or greater), amd64 executable
2023-05-03 09:37:30 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
2023-05-03 09:37:30 TCP/UDP: Preserving recently used remote address: [AF_INET]<redacted>
2023-05-03 09:37:30 UDPv4 link local: (not bound)
2023-05-03 09:37:30 UDPv4 link remote: [AF_INET]<redacted>
2023-05-03 09:38:31 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2023-05-03 09:38:31 TLS Error: TLS handshake failed
2023-05-03 09:38:31 SIGUSR1[soft,tls-error] received, process restarting
2023-05-03 09:38:32 All connections have been connect-retry-max (1) times unsuccessful, exiting
2023-05-03 09:38:32 Exiting due to fatal error
2023-05-03 09:38:41 OpenVPN 2.6.0 [git:v2.6.0/b999466418dddb89] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jan 25 2023
2023-05-03 09:38:41 Windows version 10.0 (Windows 10 or greater), amd64 executable
2023-05-03 09:38:41 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
2023-05-03 09:38:41 TCP/UDP: Preserving recently used remote address: [AF_INET]<redacted>
2023-05-03 09:38:41 UDPv4 link local: (not bound)
2023-05-03 09:38:41 UDPv4 link remote: [AF_INET]<redacted>
2023-05-03 09:39:42 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2023-05-03 09:39:42 TLS Error: TLS handshake failed
2023-05-03 09:39:42 SIGUSR1[soft,tls-error] received, process restarting
2023-05-03 09:39:43 All connections have been connect-retry-max (1) times unsuccessful, exiting
2023-05-03 09:39:43 Exiting due to fatal error
This repeats indefinitely. The connect-retry-max setting appears to nominally work in that the connection fails and the client software stops retrying, however, there is something about this running as a Windows service that appears to reset the client software and it goes through the whole process again. How can I stop that behavior from ocurring?
Here is my log
2023-05-03 09:37:30 OpenVPN 2.6.0 [git:v2.6.0/b999466418dddb89] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jan 25 2023
2023-05-03 09:37:30 Windows version 10.0 (Windows 10 or greater), amd64 executable
2023-05-03 09:37:30 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
2023-05-03 09:37:30 TCP/UDP: Preserving recently used remote address: [AF_INET]<redacted>
2023-05-03 09:37:30 UDPv4 link local: (not bound)
2023-05-03 09:37:30 UDPv4 link remote: [AF_INET]<redacted>
2023-05-03 09:38:31 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2023-05-03 09:38:31 TLS Error: TLS handshake failed
2023-05-03 09:38:31 SIGUSR1[soft,tls-error] received, process restarting
2023-05-03 09:38:32 All connections have been connect-retry-max (1) times unsuccessful, exiting
2023-05-03 09:38:32 Exiting due to fatal error
2023-05-03 09:38:41 OpenVPN 2.6.0 [git:v2.6.0/b999466418dddb89] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jan 25 2023
2023-05-03 09:38:41 Windows version 10.0 (Windows 10 or greater), amd64 executable
2023-05-03 09:38:41 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
2023-05-03 09:38:41 TCP/UDP: Preserving recently used remote address: [AF_INET]<redacted>
2023-05-03 09:38:41 UDPv4 link local: (not bound)
2023-05-03 09:38:41 UDPv4 link remote: [AF_INET]<redacted>
2023-05-03 09:39:42 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2023-05-03 09:39:42 TLS Error: TLS handshake failed
2023-05-03 09:39:42 SIGUSR1[soft,tls-error] received, process restarting
2023-05-03 09:39:43 All connections have been connect-retry-max (1) times unsuccessful, exiting
2023-05-03 09:39:43 Exiting due to fatal error
This repeats indefinitely. The connect-retry-max setting appears to nominally work in that the connection fails and the client software stops retrying, however, there is something about this running as a Windows service that appears to reset the client software and it goes through the whole process again. How can I stop that behavior from ocurring?