0

I have Ubuntu 12.04 on AMD64. I use OpenVPN to connect from my home to office. On Windows it just works. When I installed it on Ubuntu Im using same config file from windows. I can connect. It works few minutes then suddenly disconnected and I lost all connectivity. I need to kill the openvpn process to restore connectivity to internet. I run openvpn from terminal. (OpenVPN 2.2.1 x86_64-linux-gnu)

Here is the log:

Enter Private Key Password:
Thu Sep 12 21:04:35 2013 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Sep 12 21:04:35 2013 LZO compression initialized
Thu Sep 12 21:04:35 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Sep 12 21:04:35 2013 Socket Buffers: R=[87380->131072] S=[16384->131072]
Thu Sep 12 21:04:35 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Sep 12 21:04:35 2013 Local Options hash (VER=V4): '31fdf004'
Thu Sep 12 21:04:35 2013 Expected Remote Options hash (VER=V4): '3e6d1056'
Thu Sep 12 21:04:35 2013 Attempting to establish TCP connection with [AF_INET]89.185.253.33:11194 [nonblock]
Thu Sep 12 21:04:36 2013 TCP connection established with [AF_INET]89.185.253.33:11194
Thu Sep 12 21:04:36 2013 TCPv4_CLIENT link local: [undef]
Thu Sep 12 21:04:36 2013 TCPv4_CLIENT link remote: [AF_INET]89.185.253.33:11194
Thu Sep 12 21:04:36 2013 TLS: Initial packet from [AF_INET]89.185.253.33:11194, sid=897cedfa 30d3a48b
Thu Sep 12 21:04:37 2013 VERIFY OK: depth=1, /C=CZ/ST=Czech_Republic/O=Syntactic_Sugar_s._r._o./OU=Technical_Support/CN=SyntacticSugarCA/[email protected]
Thu Sep 12 21:04:37 2013 VERIFY OK: depth=0, /C=CZ/ST=Czech_Republic/L=Pilsen/O=Syntactic_Sugar_s._r._o./OU=Technical_Support/CN=plymouth.syntacticsugar.com/[email protected]
Thu Sep 12 21:04:38 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Sep 12 21:04:38 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Sep 12 21:04:38 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Sep 12 21:04:38 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Sep 12 21:04:38 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
Thu Sep 12 21:04:38 2013 [plymouth.syntacticsugar.com] Peer Connection Initiated with [AF_INET]89.185.253.33:11194
Thu Sep 12 21:04:40 2013 SENT CONTROL [plymouth.syntacticsugar.com]: 'PUSH_REQUEST' (status=1)
Thu Sep 12 21:04:40 2013 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 10.0.0.1,dhcp-option DNS 10.0.0.3,ping 10,ping-restart 120,route 192.168.2.0 255.255.255.0 10.0.0.6,route 192.168.120.32 255.255.255.224 10.0.0.6,route 192.168.120.64 255.255.255.192 10.0.0.6,route 192.168.120.128 255.255.255.128 10.0.0.6,route 192.168.20.0 255.255.255.0 10.0.0.6,ifconfig 10.0.0.128 255.255.0.0'
Thu Sep 12 21:04:40 2013 OPTIONS IMPORT: timers and/or timeouts modified
Thu Sep 12 21:04:40 2013 OPTIONS IMPORT: --ifconfig/up options modified
Thu Sep 12 21:04:40 2013 OPTIONS IMPORT: route options modified
Thu Sep 12 21:04:40 2013 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Sep 12 21:04:40 2013 ROUTE default_gateway=192.168.2.1
Thu Sep 12 21:04:40 2013 TUN/TAP device tap0 opened
Thu Sep 12 21:04:40 2013 TUN/TAP TX queue length set to 100
Thu Sep 12 21:04:40 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Sep 12 21:04:40 2013 /sbin/ifconfig tap0 10.0.0.128 netmask 255.255.0.0 mtu 1500 broadcast 10.0.255.255
Thu Sep 12 21:04:40 2013 WARNING: potential route subnet conflict between local LAN [192.168.2.0/255.255.255.0] and remote VPN [192.168.2.0/255.255.255.0]
Thu Sep 12 21:04:40 2013 /sbin/route add -net 192.168.2.0 netmask 255.255.255.0 gw 10.0.0.6
Thu Sep 12 21:04:40 2013 /sbin/route add -net 192.168.120.32 netmask 255.255.255.224 gw 10.0.0.6
Thu Sep 12 21:04:40 2013 /sbin/route add -net 192.168.120.64 netmask 255.255.255.192 gw 10.0.0.6
Thu Sep 12 21:04:40 2013 /sbin/route add -net 192.168.120.128 netmask 255.255.255.128 gw 10.0.0.6
Thu Sep 12 21:04:40 2013 /sbin/route add -net 192.168.20.0 netmask 255.255.255.0 gw 10.0.0.6
Thu Sep 12 21:04:40 2013 Initialization Sequence Completed
Thu Sep 12 21:11:43 2013 [plymouth.syntacticsugar.com] Inactivity timeout (--ping-restart), restarting
Thu Sep 12 21:11:43 2013 TCP/UDP: Closing socket
Thu Sep 12 21:11:43 2013 SIGUSR1[soft,ping-restart] received, process restarting
Thu Sep 12 21:11:43 2013 Restart pause, 5 second(s)
Thu Sep 12 21:11:48 2013 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Thu Sep 12 21:11:48 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Sep 12 21:11:48 2013 Re-using SSL/TLS context
Thu Sep 12 21:11:48 2013 LZO compression initialized
Thu Sep 12 21:11:48 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Sep 12 21:11:48 2013 Socket Buffers: R=[87380->131072] S=[16384->131072]
Thu Sep 12 21:12:28 2013 RESOLVE: Cannot resolve host address: plymouth.syntacticsugar.com: [HOST_NOT_FOUND] The specified host is unknown.
Thu Sep 12 21:12:28 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Sep 12 21:12:28 2013 Local Options hash (VER=V4): '31fdf004'
Thu Sep 12 21:12:28 2013 Expected Remote Options hash (VER=V4): '3e6d1056'
Thu Sep 12 21:13:08 2013 RESOLVE: Cannot resolve host address: plymouth.syntacticsugar.com: [HOST_NOT_FOUND] The specified host is unknown.
Thu Sep 12 21:13:53 2013 RESOLVE: Cannot resolve host address: plymouth.syntacticsugar.com: [HOST_NOT_FOUND] The specified host is unknown.
Thu Sep 12 21:14:38 2013 RESOLVE: Cannot resolve host address: plymouth.syntacticsugar.com: [HOST_NOT_FOUND] The specified host is unknown.

Does anybody knows what can be a problem? I am not expert in Linux.

Improve this question
3
  • Looks like it can't find the server, plymouth.syntacticsugar.com, which is probably some internal resource. Unclear from the details at hand if this is a client issue or a server issue, but I'm going to guess if you do a tracert plymouth.syntacticsugar.com from a Windows client, you'll see a route, while if you do traceroute plymouth.syntacticsugar.com from your linux system, it'll time out. Probably worth comparing the virtual NICs the VPN creates, as well as the networking sets.
    – ernie
    Commented Sep 13, 2013 at 20:16
  • Oh that route conflict looks suspicious too. I'm guessing your Windows system isn't on the 192.168.2.* network locally?
    – ernie
    Commented Sep 13, 2013 at 20:17
  • I set my home network to 182.168.8.* to solve the conflict and its not disconnecting any more. Thanks!
    – Joe Bobson
    Commented Sep 14, 2013 at 14:35

2 Answers 2

Reset to default
1

I am guessing that plymouth.syntacticsugar.com is name of the OpenVPN server? If that is the case, then I would also assume that your VPN server is pushing DNS servers to your local machine to use for name resolution, but the DNS servers they are pushing are not resolving the name plymouth.syntacticsugar.com. Meaning once your DNS connection has been established your connection will only stay open until that name expires out of the DNS cache.

Try adjust your OpenVPN config to use an IP address instead of a DNS name for the remote.

You might also need to look at adding a static route in your local config that makes sure your local DNS servers are still reachable when the VPN connection has been established.

Improve this answer
0

This looks like the problem:

Thu Sep 12 21:04:40 2013 WARNING: potential route subnet conflict between local LAN [192.168.2.0/255.255.255.0] and remote VPN [192.168.2.0/255.255.255.0]

The VPN looks like it's using the same subnet you are, so then you run into issues.

Either change your local subnet, or you'll probably need to add static routes to plymouth.syntacticsugar.com

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .