Hello,
I am running 25.1.4 and am running a newly setup OpenVPN instance server I setup using the official documentation. Everything seems to be set correctly except when I try to connect with a client it immediately disconnects with the error of "status 3." I can't find much on this error. I've found a few posts in this forum but nobody has posted a fix for it.
Here is the log from the server:
Quote2025-04-05T16:30:00 Notice openvpn_server1 MANAGEMENT: Client disconnected
2025-04-05T16:30:00 Notice openvpn_server1 MANAGEMENT: CMD 'status 3'
2025-04-05T16:30:00 Notice openvpn_server1 MANAGEMENT: Client connected from /var/etc/openvpn/instance-3790ff90-2a38-4f7e-aeb9-8daea7bfdd01.sock
2025-04-05T16:29:00 Notice openvpn_server1 MANAGEMENT: Client disconnected
2025-04-05T16:29:00 Notice openvpn_server1 MANAGEMENT: CMD 'status 3'
2025-04-05T16:29:00 Notice openvpn_server1 MANAGEMENT: Client connected from /var/etc/openvpn/instance-3790ff90-2a38-4f7e-aeb9-8daea7bfdd01.sock
2025-04-05T16:28:00 Notice openvpn_server1 MANAGEMENT: Client disconnected
2025-04-05T16:28:00 Notice openvpn_server1 MANAGEMENT: CMD 'status 3'
2025-04-05T16:28:00 Notice openvpn_server1 MANAGEMENT: Client connected from /var/etc/openvpn/instance-3790ff90-2a38-4f7e-aeb9-8daea7bfdd01.sock
2025-04-05T16:27:00 Notice openvpn_server1 MANAGEMENT: Client disconnected
2025-04-05T16:27:00 Notice openvpn_server1 MANAGEMENT: CMD 'status 3'
2025-04-05T16:27:00 Notice openvpn_server1 MANAGEMENT: Client connected from /var/etc/openvpn/instance-3790ff90-2a38-4f7e-aeb9-8daea7bfdd01.sock
2025-04-05T16:26:00 Notice openvpn_server1 MANAGEMENT: Client disconnected
2025-04-05T16:26:00 Notice openvpn_server1 MANAGEMENT: CMD 'status 3'
2025-04-05T16:26:00 Notice openvpn_server1 MANAGEMENT: Client connected from /var/etc/openvpn/instance-3790ff90-2a38-4f7e-aeb9-8daea7bfdd01.sock
2025-04-05T16:25:45 Notice openvpn_server1 MANAGEMENT: Client disconnected
2025-04-05T16:25:45 Notice openvpn_server1 MANAGEMENT: CMD 'status 3'
2025-04-05T16:25:45 Notice openvpn_server1 MANAGEMENT: Client connected from /var/etc/openvpn/instance-3790ff90-2a38-4f7e-aeb9-8daea7bfdd01.sock
2025-04-05T16:25:45 Notice openvpn_server1 Initialization Sequence Completed
2025-04-05T16:25:45 Notice openvpn_server1 NOTE: IPv4 pool size is 253, IPv6 pool size is 65536. IPv4 pool size limits the number of clients that can be served from the pool
Quote2025-04-05T16:25:45 Notice openvpn_server1 MULTI: multi_init called, r=256 v=256
2025-04-05T16:25:45 Notice openvpn_server1 UDPv6 link remote: [AF_UNSPEC]
2025-04-05T16:25:45 Notice openvpn_server1 UDPv6 link local (bound): [AF_INET6][undef]:39306
2025-04-05T16:25:45 Notice openvpn_server1 setsockopt(IPV6_V6ONLY=0)
2025-04-05T16:25:45 Notice openvpn_server1 Socket Buffers: R=[42080->42080] S=[57344->57344]
2025-04-05T16:25:45 Warning openvpn_server1 Could not determine IPv4/IPv6 protocol. Using AF_INET6
2025-04-05T16:25:45 Notice openvpn_server1 /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkup ovpns1 1500 0 10.2.9.1 255.255.255.0 init
2025-04-05T16:25:45 Notice openvpn_server1 /sbin/ifconfig ovpns1 inet6 2001:db8:abcd:12::1/64 mtu 1500 up
2025-04-05T16:25:45 Notice openvpn_server1 /sbin/ifconfig ovpns1 10.2.9.1/24 mtu 1500 up
2025-04-05T16:25:45 Notice openvpn_server1 TUN/TAP device /dev/tun1 opened
2025-04-05T16:25:45 Notice openvpn_server1 TUN/TAP device ovpns1 exists previously, keep at program end
2025-04-05T16:25:45 Notice openvpn OpenVPN server 1 instance started on PID 98753.
2025-04-05T16:25:45 Notice openvpn_server1 Diffie-Hellman initialized with 4096 bit key
2025-04-05T16:25:45 Warning openvpn_server1 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2025-04-05T16:25:45 Warning openvpn_server1 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
2025-04-05T16:25:45 Notice openvpn_server1 MANAGEMENT: unix domain socket listening on /var/etc/openvpn/instance-3790ff90-2a38-4f7e-aeb9-8daea7bfdd01.sock
2025-04-05T16:25:45 Notice openvpn_server1 DCO version: FreeBSD 14.2-RELEASE-p2 stable/25.1-n269701-7c59d89f8cd SMP
2025-04-05T16:25:45 Notice openvpn_server1 library versions: OpenSSL 3.0.16 11 Feb 2025, LZO 2.10
2025-04-05T16:25:45 Notice openvpn_server1 OpenVPN 2.6.13 amd64-portbld-freebsd14.2 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] [DCO]
2025-04-05T16:25:45 Notice openvpn_server1 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
Quote2025-04-05T16:25:45 Notice openvpn_server1 SIGTERM[hard,] received, process exiting
2025-04-05T16:25:45 Notice openvpn_server1 /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkdown ovpns1 1500 0 10.2.9.1 255.255.255.0 init
2025-04-05T16:25:45 Notice openvpn_server1 /sbin/ifconfig ovpns1 inet6 2001:db8:abcd:12::1/64 -alias
2025-04-05T16:25:45 Notice openvpn_server1 /sbin/ifconfig ovpns1 10.2.9.1 -alias
2025-04-05T16:25:45 Notice openvpn_server1 Closing TUN/TAP interface
2025-04-05T16:25:45 Error openvpn_server1 event_wait : Interrupted system call (fd=-1,code=4)
2025-04-05T16:25:43 Notice openvpn_server1 MANAGEMENT: Client disconnected
2025-04-05T16:25:43 Notice openvpn_server1 MANAGEMENT: CMD 'status 3'
2025-04-05T16:25:43 Notice openvpn_server1 MANAGEMENT: Client connected from /var/etc/openvpn/instance-3790ff90-2a38-4f7e-aeb9-8daea7bfdd01.sock
2025-04-05T16:25:43 Notice openvpn_server1 MANAGEMENT: Client disconnected
2025-04-05T16:25:43 Notice openvpn_server1 MANAGEMENT: CMD 'status 3'
2025-04-05T16:25:43 Notice openvpn_server1 MANAGEMENT: Client connected from /var/etc/openvpn/instance-3790ff90-2a38-4f7e-aeb9-8daea7bfdd01.sock
Here is the log from the OpenVPN client on my Android phone with the IP, port and domain redacted.
Quote[Apr 03, 2025, 11:20:45] ----- OpenVPN Start -----
[Apr 03, 2025, 11:20:45] EVENT: CORE_THREAD_ACTIVE
[Apr 03, 2025, 11:20:45] OpenVPN core 3.10.5(3.git::ba9c8e61:RelWithDebInfo) android arm64 64-bit PT_PROXY
[Apr 03, 2025, 11:20:45] Frame=512/2112/512 mssfix-ctrl=1250
[Apr 03, 2025, 11:20:45] NOTE: This configuration contains options that were not used:
[Apr 03, 2025, 11:20:45] Feature not implemented (option ignored)
[Apr 03, 2025, 11:20:45] 0 [lport]
[Apr 03, 2025, 11:20:45] Unsupported option (ignored)
[Apr 03, 2025, 11:20:45] 0 [persist-tun]
[Apr 03, 2025, 11:20:45] 1 [persist-key]
[Apr 03, 2025, 11:20:45] 2 [resolv-retry] [infinite]
[Apr 03, 2025, 11:20:45] EVENT: RESOLVE
[Apr 03, 2025, 11:20:46] Contacting IP:PORT via UDP
[Apr 03, 2025, 11:20:46] EVENT: WAIT
[Apr 03, 2025, 11:20:46] Connecting to [DOMAIN]:PORT (IP) via UDP
[Apr 03, 2025, 11:20:55] Server poll timeout, trying next remote entry...
[Apr 03, 2025, 11:20:55] EVENT: RECONNECTING
[Apr 03, 2025, 11:20:55] EVENT: RESOLVE
[Apr 03, 2025, 11:20:55] Contacting IP:PORT via UDP
[Apr 03, 2025, 11:20:55] EVENT: WAIT
[Apr 03, 2025, 11:20:55] Connecting to [DOMAIN]:PORT (IP) via UDP
[Apr 03, 2025, 11:21:05] Server poll timeout, trying next remote entry...
[Apr 03, 2025, 11:21:05] EVENT: RECONNECTING
[Apr 03, 2025, 11:21:05] EVENT: RESOLVE
[Apr 03, 2025, 11:21:05] Contacting IP:PORT via UDP
[Apr 03, 2025, 11:21:05] EVENT: WAIT
[Apr 03, 2025, 11:21:05] Connecting to [DOMAIN]:PORT (IP) via UDP
[Apr 03, 2025, 11:21:15] Server poll timeout, trying next remote entry...
[Apr 03, 2025, 11:21:15] EVENT: RECONNECTING
[Apr 03, 2025, 11:21:15] EVENT: RESOLVE
[Apr 03, 2025, 11:21:15] Contacting IP:PORT via UDP
[Apr 03, 2025, 11:21:15] EVENT: WAIT
[Apr 03, 2025, 11:21:15] Connecting to [DOMAIN]:PORT (IP) via UDP
[Apr 03, 2025, 11:21:25] Server poll timeout, trying next remote entry...
[Apr 03, 2025, 11:21:25] EVENT: RECONNECTING
[Apr 03, 2025, 11:21:25] EVENT: RESOLVE
[Apr 03, 2025, 11:21:25] Contacting IP:PORT via UDP
[Apr 03, 2025, 11:21:25] EVENT: WAIT
[Apr 03, 2025, 11:21:25] Connecting to [DOMAIN]:PORT (IP) via UDP
[Apr 03, 2025, 11:21:35] Server poll timeout, trying next remote entry...
[Apr 03, 2025, 11:21:35] EVENT: RECONNECTING
[Apr 03, 2025, 11:21:35] EVENT: RESOLVE
[Apr 03, 2025, 11:21:35] Contacting IP:PORT via UDP
[Apr 03, 2025, 11:21:35] EVENT: WAIT
[Apr 03, 2025, 11:21:35] Connecting to [DOMAIN]:PORT (IP) via UDP
[Apr 03, 2025, 11:21:45] EVENT: CONNECTION_TIMEOUT info=' BYTES_OUT : 3348
PACKETS_OUT : 62
CONNECTION_TIMEOUT : 1
N_RECONNECT : 5
'
[Apr 03, 2025, 11:21:45] EVENT: DISCONNECTED
[Apr 03, 2025, 11:21:45] Tunnel bytes per CPU second: 0
[Apr 03, 2025, 11:21:45] ----- OpenVPN Stop -----
[Apr 03, 2025, 11:21:45] EVENT: CORE_THREAD_DONE
having the same issue im legit getting cancer from opnsense at this point
Quote from: jackjason on May 15, 2025, 09:41:40 PMhaving the same issue im legit getting cancer from opnsense at this point
It turned out my ISP was using CGNAT for my public IP. I had to request and pay for a regular public IP address.
thats for you for me i rolled back the xml config and it was working which is weird but what ever