[Openvpn-users] connection works intermittently

["Bruno Cruvelier" <bcruvelier@xxxxxxxxxxxx>]

Hi

 

I've got a little problem with my VPN connection

 

The VPN connection works intermittently. I'm not sure but I think I have to wait 24h to reconnect after a connection.

When the connection doesn't work

 

 

The problem can be fixed by restarting the DSL connection on the server (which is stranger because it's a fixed IP) but it's tiresome and I can't do it everyday.

 

 

Have I forgot an option in one of my configs ?

Have you ever heard of a problem like this ?

 

 

Here are all the details :

- DSL connexion with fixed IP on server side

- DSL connexion with dynamic IP on client side

 

- SERVER : Linux Debian

config :

dev tun1

local 213.X.X.X
port 8147

proto udp

server 10.4.0.0 255.255.255.0

client-to-client

dh /etc/ssl/dh1024.pem

ca /etc/ssl/certs/autorite-ca.crt
cert /etc/ssl/server.crt

key /etc/ssl/private/serverPrivate.key

tun-mtu 1500
mssfix

auth-user-pass-verify /etc/openvpn/validateUser.sh via-file

comp-lzo

verb 5

log-append /var/log/openvpn.log

keepalive 10 120

push "route 192.168.1.0 255.255.255.0"

persist-key
persist-tun
persist-local-ip

 

log :

The server doesn't log anything when the connection doesn't work (it logs when it's working)

- CLIENT : Windows XP

config :

remote 213.X.X.X
client

port 8147

dev tun

ca C:\\OpenVPN\\easy-rsa\\keys\\autorite-ca.crt
cert C:\\OpenVPN\\easy-rsa\\keys\\xxxxx.crt
key C:\\OpenVPN\\easy-rsa\\keys\\xxxxx.key
auth-user-pass
reneg-sec 3600
ping 10
comp-lzo
verb 5

ip-win32 dynamic
dhcp-option DNS 192.1.2.3

 

log :

Here is a part of the log of the client when the connection doesn't work

 

Mon Apr 03 16:33:03 2006 us=834667 OpenVPN 2.0.5 Win32-MinGW [SSL] [LZO] built on Nov  2 2005
Mon Apr 03 16:33:08 2006 us=371465 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Apr 03 16:33:08 2006 us=404158 LZO compression initialized
Mon Apr 03 16:33:08 2006 us=404370 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Apr 03 16:33:08 2006 us=409642 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Apr 03 16:33:08 2006 us=409710 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Mon Apr 03 16:33:08 2006 us=409727 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Mon Apr 03 16:33:08 2006 us=409943 Local Options hash (VER=V4): '41690919'
Mon Apr 03 16:33:08 2006 us=409983 Expected Remote Options hash (VER=V4): '530fdded'
Mon Apr 03 16:33:08 2006 us=410056 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Apr 03 16:33:08 2006 us=410096 UDPv4 link local (bound): [undef]:8147
Mon Apr 03 16:33:08 2006 us=410117 UDPv4 link remote: 213.41.176.174:8147

Mon Apr 03 16:34:08 2006 us=747482 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Apr 03 16:34:08 2006 us=747531 TLS Error: TLS handshake failed
Mon Apr 03 16:34:08 2006 us=747966 TCP/UDP: Closing socket
Mon Apr 03 16:34:08 2006 us=748108 SIGUSR1[soft,tls-error] received, process restarting
Mon Apr 03 16:34:08 2006 us=748130 Restart pause, 2 second(s)

...