Page 1 of 1

1.7.9 Disconnects shortly after connection

Posted: Sun May 20, 2018 7:26 am
by jcarson
Viscosity 1.7.9, OSX 10.13.4.

First time using Viscosity since the update to 1.7.9, I connect to a VPN and it disconnects within ~15 seconds.

I also have Viscosity 1.7.9 running on my Surface (WIN10 1709.16299.431) and it connects and stays connected to the same VPNs. Works great on the Surface.

All of my VPNs are connecting to pfSense firewalls that have been setup for over a year and are 2.3.4p1.

Please advise.

From the log, one example:
Code: Select all
2018-05-19 17:14:53: Viscosity Mac 1.7.9 (1450)
2018-05-19 17:14:53: Viscosity OpenVPN Engine Started
2018-05-19 17:14:53: Running on macOS 10.13.4
2018-05-19 17:14:53: ---------
2018-05-19 17:14:53: State changed to Connecting
2018-05-19 17:14:54: Checking reachability status of connection...
2018-05-19 17:14:54: Connection is reachable. Starting connection attempt.
2018-05-19 17:14:54: OpenVPN 2.4.6 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Apr 25 2018
2018-05-19 17:14:54: library versions: OpenSSL 1.0.2o  27 Mar 2018, LZO 2.10
2018-05-19 17:14:55: TCP/UDP: Preserving recently used remote address: [AF_INET]70.x.x.x:1194
2018-05-19 17:14:55: UDP link local (bound): [AF_INET][undef]:1194
2018-05-19 17:14:55: UDP link remote: [AF_INET]70.x.x.x:1194
2018-05-19 17:14:55: State changed to Authenticating
2018-05-19 17:14:55: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2018-05-19 17:14:55: [XXXX-VPN] Peer Connection Initiated with [AF_INET]70.x.x.x:1194
2018-05-19 17:14:57: Opened utun device utun1
2018-05-19 17:14:57: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
2018-05-19 17:14:57: /sbin/ifconfig utun1 delete
2018-05-19 17:14:57: NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2018-05-19 17:14:57: /sbin/ifconfig utun1 10.x.x.2 10.x.x.2 netmask 255.255.255.0 mtu 1500 up
2018-05-19 17:14:57: Initialization Sequence Completed
2018-05-19 17:14:57: DNS mode set to Split
2018-05-19 17:14:58: State changed to Connected
2018-05-19 17:14:59: TCP/UDP: Incoming packet rejected from [AF_INET]70.x.x.x:1194[2], expected peer address: [AF_INET]70.x.x.x:1194 (allow this incoming source address/port by removing --remote or adding --float)
2018-05-19 17:15:09: TCP/UDP: Incoming packet rejected from [AF_INET]70.x.x.x:1194[2], expected peer address: [AF_INET]70.x.x.x:1194 (allow this incoming source address/port by removing --remote or adding --float)
2018-05-19 17:15:15: State changed to Disconnecting
2018-05-19 17:15:15: SIGTERM[hard,] received, process exiting
2018-05-19 17:15:16: State changed to Disconnected

Re: 1.7.9 Disconnects shortly after connection

Posted: Mon May 21, 2018 4:53 pm
by James
Hi jcarson,

It looks likely there is a routing problem with the connection:
Code: Select all
2018-05-19 17:14:59: TCP/UDP: Incoming packet rejected from [AF_INET]70.x.x.x:1194[2], expected peer address: [AF_INET]70.x.x.x:1194 (allow this incoming source address/port by removing --remote or adding --float)
I recommend posting a copy of your configuration file and we can see if anything stands out from the client side. You can view the raw configuration data for your Viscosity connection by opening Viscosity’s Preferences window, holding down the Option key on your keyboard, right-clicking on your connection, and selecting “View Configuration Data”.

Cheers,
James

Re: 1.7.9 Disconnects shortly after connection

Posted: Thu May 24, 2018 5:01 pm
by jcarson
I'm not saying you're wrong, but this makes for one hell of an unexplainable coincidence:

I tried again 30mins after I posted this issue and got the same results (a reboot of the Mac didn't make a difference). So I turned off "disconnect connections after 30mins of inactivity" and it worked fine. I turned the inactivity timer back on and it disconnected after ~15sec. So I left the inactivity timer off and been using it that way all week.

I just tried to reproduce the problem (by turning on the inactivity timer) and now it's staying connected no matter what. Nothing changed on my end or the pfSense end.

I guess I'll report back if it does it again.

FWIW, here is what you asked for
Code: Select all
#-- Configuration Generated By Viscosity --#

#viscosity startonopen false
#viscosity protocol openvpn
#viscosity dns automatic
#viscosity usepeerdns true
#viscosity autoreconnect false
#viscosity dnssupport true
#viscosity name XXX
#viscosity dhcp true
remote 70.x.x.x 1194 udp
dev tun
persist-tun 
persist-key 
pull 
auth-user-pass 
tls-client 
ca ca.crt
cert cert.crt
key key.key
remote-cert-tls server
tls-auth ta.key
auth SHA1
resolv-retry infinite
verify-x509-name XXX-VPN name
cipher AES-256-CBC
key-direction 1