Project

General

Profile

Actions
Copy link

Bug #6802

closed

GUI does not respond and vpn stops working

Added by Ricardo ot over 7 years ago. Updated over 7 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
09/21/2016
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:
amd64

Description

Since I update the firewall to 2.3.x (actualy 2.3.2) Some times GUI does't respond and VPN client are disconnected until I connect by SSH and restart php-fpm.
Please, I need help.

No relevant information on error logs for me:

Sep 21 16:42:08 openvpn user 'XXXXXXXX' authenticated
Sep 21 16:40:52 openvpn 67156 XXXXXX/IP.IP.IP.IP:59617 [XXXXXXXX] Inactivity timeout (--ping-restart), restarting
Sep 21 16:43:53 check_reload_status Reloading filter

Sep 21 16:40:29 php-fpm /index.php: Successful login for user 'admin' from: 192.168.10.78
Sep 21 16:38:10 rc.php-fpm_restart 18017 >>> Restarting php-fpm
Sep 21 16:38:04 sshd 91454 Accepted password for admin from 192.168.10.78 port 63482 ssh2

Sep 21 16:38:52 openvpn 67156 IP.IP.IP.IP:49027 TLS Error: TLS handshake failed
Sep 21 16:38:52 openvpn 67156 IP.IP.IP.IP:49027 TLS Error: TLS object - > incoming plaintext read error
Sep 21 16:38:52 openvpn 67156 IP.IP.IP.IP:49027 TLS_ERROR: BIO read tls_read_plaintext error
Sep 21 16:38:52 openvpn 67156 IP.IP.IP.IP:49027 OpenSSL: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
Sep 21 16:38:52 openvpn 67156 IP.IP.IP.IP:49027 WARNING: Failed running command (--tls-verify script): external program exited with error status: 1
Sep 21 16:35:53 openvpn 15658 IP.IP.IP.IP:47295 TLS Error: incoming packet authentication failed from [AF_INET]IP.IP.IP.IP:47295
Sep 21 16:35:53 openvpn 15658 IP.IP.IP.IP:47295 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1474468503) Wed Sep 21 16:35:03 2016 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Sep 21 16:35:53 openvpn 15658 IP.IP.IP.IP:59869 TLS Error: TLS handshake failed
Sep 21 16:35:53 openvpn 15658 IP.IP.IP.IP:59869 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

2 OpenVPN server for user Ldap authentication
1 OpenVPN for TSL/SSL certificates
IP Carp for wans and lan, but only 1 node pfsense
Multiple WAN, Loadbalancing or failover GWs
Multiple LAN
NATs from WAN to LAN for some app
Site to site IPsec tunel (not stable tunnel I don't know reason, I think to buy a propietary firewall to manage Ipsec)
no more services

Thanks,

Actions
Copy link

Also available in: Atom PDF