OpenVPN 连接突然断开

tag-icon tag-icon networking openvpn vpn
OpenVPN 连接突然断开

我有一个 raspbian 客户端,应该有一个到远程 VPN 服务器的 openvpn 连接。该连接可以成功建立,但一天左右后,它就断开了。也就是说,客户端无法再 ping 服务器,反之亦然。ip addr产量:

6: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/none
inet 10.8.0.2/24 brd 10.8.0.255 scope global tun0
   valid_lft forever preferred_lft forever
inet6 fe80::36f2:617b:b304:fd0c/64 scope link flags 800
   valid_lft forever preferred_lft forever

service openvpn@Thomas status产生:

[email protected] - OpenVPN connection to Thomas
Loaded: loaded (/lib/systemd/system/[email protected]; enabled)
Active: active (running) since Fr 2017-08-18 21:48:29 CEST; 2 days ago
Process: 731 ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --config /etc/openvpn/%i.ovpn (code=exited, status=0/SUCCESS)
Main PID: 739 (openvpn)
CGroup: /system.slice/system-openvpn.slice/[email protected]
       └─739 /usr/sbin/openvpn --daemon ovpn-Thomas --status /run/openvpn/Thomas.status 10 --cd /etc/openvpn --config /etc/openvpn/Thomas.ovpn

Aug 21 12:23:48 raspberrypi ovpn-Thomas[739]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Aug 21 12:23:48 raspberrypi ovpn-Thomas[739]: UDPv4 link local: [undef]
Aug 21 12:23:48 raspberrypi ovpn-Thomas[739]: UDPv4 link remote: [AF_INET]91.250.77.10:1194
Aug 21 12:24:48 raspberrypi ovpn-Thomas[739]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Aug 21 12:24:48 raspberrypi ovpn-Thomas[739]: TLS Error: TLS handshake failed
Aug 21 12:24:48 raspberrypi ovpn-Thomas[739]: SIGUSR1[soft,tls-error] received, process restarting
Aug 21 12:24:48 raspberrypi ovpn-Thomas[739]: Restart pause, 2 second(s)
Aug 21 12:24:50 raspberrypi ovpn-Thomas[739]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Aug 21 12:24:50 raspberrypi ovpn-Thomas[739]: UDPv4 link local: [undef]
Aug 21 12:24:50 raspberrypi ovpn-Thomas[739]: UDPv4 link remote: [AF_INET]91.250.77.10:1194

每当我重新启动 openvpn 服务时,连接就会再次建立,没有问题。断开连接的原因可能是什么,或者更好的是,为什么 openvpn 守护程序无法自动重新连接到服务器?

答案1

您可以将一个简单的 bash 脚本添加到 cron 任务中,以便在连接丢失时自动重新启动 openvpn。该脚本可能如下所示:

#!/bin/bash
# Makes sure that openvpn service is running all times.
# Add this to a cronjob that will run every minute
set -o pipefail
if $(/sbin/ip add | grep tun | grep inet)
then
echo "OpenVPN service is already running"
else
systemctl restart [email protected]
echo "Restarted OpenVPN service"
fi

相关内容