Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Strange OpenVPN behavior
« previous
next »
Print
Pages: [
1
]
Author
Topic: Strange OpenVPN behavior (Read 1197 times)
gearboxes
Newbie
Posts: 11
Karma: 0
Strange OpenVPN behavior
«
on:
May 07, 2021, 12:27:50 am »
OPNsense 21.1.5
I have been struggling with strange OpenVPN behavior
1. The service will stop responding, but I can still see the port is available doing a nmap scan.
Client will get TLS handshake failure and I don't see anything being logged server side.
Restarting the service or rebooting does not help.
The only way to get it to respond again is to delete the openvpn service entirely and then recreate it, but I have to use a different tunnel address range. Using the same tunnel address again will cause the same result where it does not respond to client requests.
2. After a 1/2 day - 1 day connections will be dropped all at the same time and the server logs indicate this is due to client inactivity. This will start to become more frequent until I am back to the what's described above.
3. If I recreate the service and forget to set one setting for example forget to set renegotiate to zero, going in after again and changing it, it does not seem to take effect; restating or rebooting it still now disconnects the clients after 3600 seconds which prompts a MFA request to authenticate.
I have used OPNsense in the past successful as an openvpn server, but never as a primary openvpn server for users community but only 12 users uses this server.
Few things I do want to note:
1. I am using the same cert for all the users and allowing duplicate connections. Since a password and MFA approval is required, I don't see the need for cert management as this is a break-fix customer.
2. NAT to external.
I would like to add that even trying to connect to the internal interface inside the network, I still see the same TLS handshake failures until I delete the openvpn service and recreate it.
3. Its a virtual appliance
Any ideas here would be appreciated.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Strange OpenVPN behavior