OpenVPN Support Forum

I use OpenVPN to connect my office desktop. It is fine before. But when Bell Technician checked telephone line and did something on switch, I have problem with VPN connection.

It is still able to connect to my office desktop, but the connection is lost in seconds. Connection only keep less than minutes. When checking the log, continue got following messages:

Wed Oct 19 22:52:05 2011 Initialization Sequence Completed
Wed Oct 19 22:53:57 2011 [server] Inactivity timeout (--ping-restart), restarting
Wed Oct 19 22:53:57 2011 TCP/UDP: Closing socket
Wed Oct 19 22:53:57 2011 SIGUSR1[soft,ping-restart] received, process restarting
Wed Oct 19 22:53:57 2011 Restart pause, 2 second(s)
Wed Oct 19 22:53:59 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Oct 19 22:53:59 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Oct 19 22:53:59 2011 Re-using SSL/TLS context
Wed Oct 19 22:53:59 2011 LZO compression initialized
Wed Oct 19 22:53:59 2011 Control Channel MTU parms [ ...... ]
Wed Oct 19 22:53:59 2011 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Oct 19 22:53:59 2011 Data Channel MTU parms [ ...... ]
Wed Oct 19 22:53:59 2011 Local Options hash (VER=V4): '41690919'
Wed Oct 19 22:53:59 2011 Expected Remote Options hash (VER=V4): '530fdded'
Wed Oct 19 22:53:59 2011 UDPv4 link local: [undef]
Wed Oct 19 22:53:59 2011 UDPv4 link remote: ......
Wed Oct 19 22:53:59 2011 TLS: Initial packet from ..., sid=...
Wed Oct 19 22:53:59 2011 VERIFY OK: depth=1, /C=CA/......
Wed Oct 19 22:53:59 2011 VERIFY OK: depth=0, /C=CA/......
Wed Oct 19 22:53:59 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Oct 19 22:53:59 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Oct 19 22:53:59 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Oct 19 22:53:59 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Oct 19 22:53:59 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Oct 19 22:53:59 2011 [server] Peer Connection Initiated with .....
Wed Oct 19 22:54:01 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Oct 19 22:54:01 2011 PUSH: Received control message: 'PUSH_REPLY,route ......'
Wed Oct 19 22:54:01 2011 OPTIONS IMPORT: timers and/or timeouts modified
Wed Oct 19 22:54:01 2011 OPTIONS IMPORT: --ifconfig/up options modified
Wed Oct 19 22:54:01 2011 OPTIONS IMPORT: route options modified
Wed Oct 19 22:54:01 2011 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Oct 19 22:54:01 2011 Preserving previous TUN/TAP instance: Local Area Connection 2
Wed Oct 19 22:54:01 2011 Initialization Sequence Completed

Not sure why. How to resolve this problem?

the message

Wed Oct 19 22:53:57 2011 [server] Inactivity timeout (--ping-restart), restarting
Wed Oct 19 22:53:57 2011 TCP/UDP: Closing socket

shows that the server thinks there is no activity after ~60 seconds and therefore resets the connection. what does the corresponding client log say? you can modify the ping-restart behavior using where the first parameter means 'send a keepalive every 10 seconds' and the second parameter means 'restart after 240 seconds' ; the server will actually restart after twice this value, but the same parameters are automagically pushed out to the client, which will restart after 240 secs.

Thanks. Actually, above log is client log. Server side should has no problem because another person's computer is fine and mine was fine before. Nothing changed at server side.

Anything can be done at client side to resolve this issue?

As I continue to try, It looks like the issue is caused by DHCP. Not sure, need to try more time to confirm.

rerun the client with set and post the sanitized log file somewhere - if the client has DHCP issues they will normally show up in the log.

Check out this post http://support.microsoft.com/kb/953761/en-us
It solved my connection drop issues

viewtopic.php?f=30&t=9154&p=17201&e=17201

i was having the same connection drop out issues which was getting very frustrating so thanks for the link that you put up.

glen7565 wrote:i was having the same connection drop out issues which was getting very frustrating so thanks for the link that you put up.

Have you noticed what was the reason ? Maybe internet connection lost is the one of the prob.