LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-24-2015, 11:47 AM   #1
anthony000
LQ Newbie
 
Registered: Apr 2014
Location: RI
Distribution: RHEL 7.6, OpenSUSE 15.1
Posts: 19
Blog Entries: 1

Rep: Reputation: Disabled
Issue with VPN regularly disconnecting - SOLVED


I had a similar problem whereby my VPN connection would disconnect after being is use for about 60 minutes. Then I would have to manually reconnect to get it going again for another 60 minutes. This would repeat until I solved the problem.


To find the the problem I checked the messages log (I run Linux so for my system I check the messages log in /var/log/). In the messages log I found messages for inactivity timeout and ping-restart. Even though I was always active whether browsing, downloading a file, or watching a video, it would always show a disconnect with inactivity timeout. I found the cause of this problem: in the firewall settings there is a toggle for allowing or disallowing 'ping from WAN' which means allowing or disallowing a ping from outside the router / internet. Mine was set to disallow pings from the WAN/internet. After I toggled it to allow pings from outside the router / internet, my VPN connection stayed alive indefinitely - no more disconnects. So what seems to be happening is the AirVPN server periodically sends pings to the client (your computer) to check for activity. If the AirVPN server ping can't get through because your firewall is blocking it, then your computer doesn't see it and therefore doesn't respond with a ping back to the server. When this is the case, the silence the AirVPN server experiences from the client makes it think there is no activity, so it disconnects the VPN connection.


When I had a Verizon Actiontec router the ping option was defaulted to allow pings from the outside. When I recently switched to ASUS RT-N66U its default was to disallow pings from the outside and that's when my disconnect issue began.


To modify your router's firewall setting you'll need to look up the instructions for accessing it: for the ASUS routers (and many others) you can access it by opening a browser in your connected computer and entering web-address 192.168.1.1. When the login page shows you'll have to enter your login name and password (check the sticker on the router for the default username and password if you've never done this before). Once in, find the firewall area and look for the settings. Don't forget to save/apply any changes you've made before exiting.
 
Old 05-27-2015, 07:46 AM   #2
anthony000
LQ Newbie
 
Registered: Apr 2014
Location: RI
Distribution: RHEL 7.6, OpenSUSE 15.1
Posts: 19

Original Poster
Blog Entries: 1

Rep: Reputation: Disabled
Additional Information specific to using OpenVPN and AirVPN service on WeTek HTPC with Linux OS (OpenELEC) (see forums at www.wetek.com for additional information, and also www.openelec.tv for info on this Linux OS for HTPC):


OpenVPN (and AirVPN using OpenVPN) tries to renegotiate your credentials (username and password) every 60 minutes on the OpenElec-WeTek, and will disconnect the VPN service after 60 minutes if these are not provided when asked. In the VPN client configuration (i.e., filename.ovpn for AirVPN) file if you have the line auth-nocache, while this theoretically makes your system more secure by not not caching your username and password, it also prevents you from having your VPN connection for more than 60 minutes. To extend your VPN connection indefinitely, comment out this line to # auth-nocache, or simply delete it or not include it. When doing so, thereafter every 60 minutes when OpenVPN renegotiates for your credentials it will simply automatically get them from cache without you knowing it (it will be seamless). Example for changes to be made to your client configuration file ---

Configure your original downloaded AirVPN client configuration files (filename.ovpn) as follows:

Here is a sample file.ovpn and note the paths that are relevant to the locations of where the key and crt files reside on the OpenELEC (Linux OS of WeTek HTPC device):
BEGIN FILE CONTENTS
# --------------------------------------------------------
# Air VPN | https://airvpn.org | Thursday 19th of March 2015 09:57:36 PM
# OpenVPN Client Configuration
# AirVPN_GB-Nunki_UDP-443
# --------------------------------------------------------

client
dev tun
proto udp
remote 78.129.153.40 443
resolv-retry infinite
nobind
ca /storage/.config/vpn-config/airvpnca.crt
cert /storage/.config/vpn-config/airvpnuser.crt
key /storage/.config/vpn-config/airvpnuser.key
persist-key
persist-tun
remote-cert-tls server
auth-user-pass /storage/.config/vpn-config/pass.txt
# auth-nocache OR JUST NOT INCLUDE THIS LINE - WITHOUT AUTH-NOCACHE, EVERY 60 MINUTES OPENVPN WILL GET CREDENTIALS FROM CACHE - STAYING CONNECTED, OTHERWISE DISCONNECTS AFTER 60 MINUTES
tls-auth /storage/.config/vpn-config/airvpnta.key 1
cipher AES-256-CBC
comp-lzo no
verb 3
explicit-exit-notify 5

END FILE CONTENTS
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Issue with Notebook with Ubuntu 12.04: processor hangs regularly up.. what to do? floppy_stuttgart Ubuntu 6 10-30-2014 03:14 PM
[SOLVED] PPTP VPN Server Issue w/VPN access AmberM Linux - Newbie 2 02-17-2014 10:34 AM
pptp vpn client disconnecting automatically suresh.k Linux - Server 7 11-21-2012 10:52 PM
[SOLVED] Wireless issue | Works in X | not in CLI [SOLVED] Alstare Slackware 4 08-16-2012 01:11 AM
ripd stops working after disconnecting VPN Crazy-EyE Linux - Networking 0 06-19-2009 09:20 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:32 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration