If the OpenVPN connection is utilised as an mdex Control Station device or DevicePro SIM-Tunnel and the connection experiences frequent interruptions despite a stable internet connection and the use of an up-to-date configuration file (.ovpn), there may be various causes depending on the specific problem.
Causes:
1. Multiple clients establish the connection simultaneously
2. The OpenVPN connection is interrupted by a firewall
3. The OpenVPN connection was established as a service and additionally manually
1. Multiple clients establish the connection simultaneously
Problem:
The OpenVPN connection was successfully established and the message "Initialization Sequence Completed" appears in the OpenVPN log file. However, the connection is regularly interrupted every 30 seconds, and after about 90 seconds the error message "Inactivity timeout" appears in the OpenVPN log file.
Initialization Sequence Completed
...Inactivity timeout (--ping-restart), restartingThis process repeats regularly.
In the portal, you can see in the usage overview that the connection is interrupted approximately every 90 seconds. When using the OpenVPN GUI, the status display in the taskbar constantly switches from green to yellow.
Cause:
The login credentials (username and password) of the OpenVPN device are used simultaneously in multiple OpenVPN clients. In this case, the two OpenVPN clients disconnect each other. For this reason, the connection is regularly interrupted after about 30 seconds and re-established after about 90 seconds.
Solution:
The OpenVPN connection with username and password may only be used by one client at a time. Multiple clients can use the same OpenVPN device, but cannot establish a connection simultaneously. For simultaneous connections, each client requires its own OpenVPN device.
Tip for error diagnosis:
If you cannot identify the client currently establishing the connection with the same OpenVPN credentials, please change the password of the respective OpenVPN device in the portal and then use the current configuration file (.ovpn) in the desired client.
- Download configuration file (.ovpn) for 'mdex control station'
- Download configuration file (.ovpn) for 'DevicePro SIM-Tunnel'
All authentications with the previous password will thus be rejected, and the OpenVPN connection can only be established with the new configuration file (.ovpn) which contains the current password.
2. The OpenVPN connection is interrupted by a firewall
Problem:
The OpenVPN connection was successfully established and the message "Initialization Sequence Completed" appears in the OpenVPN log file. However, at irregular intervals the OpenVPN connection is interrupted, especially when no data transfer occurs. The log file then shows "Inactivity timeout":
Initialization Sequence Completed
... Inactivity timeout (--ping-restart), restarting
When using the OpenVPN GUI, the status display switches from green to yellow or red.
Cause:
The firewall of the internet connection monitors the UDP session of the OpenVPN connection. However, the "UDP session timeout" timer of this firewall is set to less than 27 seconds. The firewall (UDP session monitoring) interrupts the OpenVPN connection if no data transfer through the OpenVPN tunnel Leitstellentunnel is detected within the monitoring period set.
Solution:
Disable the "UDP session monitoring" function in the firewall (internet router) or increase the "UDP session timeout" timer to more than 30 seconds. In Lancom routers, this monitoring is called 'UDP aging' and is set to 20 seconds by default. It is recommended to adjust this value to 30 seconds.
A keep-alive data packet is transmitted via the OpenVPN tunnel at least every 27 seconds. If the firewall's UDP session monitoring considers a longer period (e.g. 30 seconds), the OpenVPN connection will no longer be interrupted due to inactivity.
Alternatively, you can use the TCP configuration file (.ovpn) available for the OpenVPN device to bypass possible restrictions caused by UDP firewall settings.
- Download configuration file (.ovpn) for 'mdex control station'
- Download configuration file (.ovpn) for 'DevicePro SIM-Tunnel'
3. The OpenVPN connection was established as a service and additionally manually
Problem:
The OpenVPN GUI was started on the Windows PC/server and a connection was established. The status display of the OpenVPN GUI switches from red to green (connected).
However, the connection is interrupted every few minutes. The status display of the OpenVPN GUI continuously switches from green to yellow, and the OpenVPN log file shows the message "Initialization Sequence Completed" followed each time by "Inactivity timeout":
Initialization Sequence Completed
...Inactivity timeout (--ping-restart), restarting
This process repeats regularly every 60-90 seconds. In the portal, the usage overview shows that the connection is interrupted every few minutes. It can be ruled out that a client is using the same credentials (username & password) according to 1. Multiple clients establish the connection simultaneously.
Possible cause:
On the PC or server, the OpenVPN connection was configured as an OpenVPN service and already establishes a connection during startup. At the same time, however, a connection is manually established on the same PC or server via the OpenVPN GUI with the same OpenVPN credentials. In this case, the two running instances (OpenVPN service and OpenVPN GUI) cause each other to disconnect.
Solution:
If the OpenVPN service is set up on the computer and thus automatically establishes a connection, the OpenVPN GUI must not be additionally used on this computer. Please close the OpenVPN GUI so that the OpenVPN connection is established exclusively automatically via the "OpenVPN service". Alternatively, you can stop the "OpenVPN service" and in future establish the connection exclusively manually via the OpenVPN GUI.