I set up a lxc container in proxmox for OpenVPN. It seemed to be working when I connected on my phone. I connected with multiple windows machines to try and transfer files but the connection drops every couple of minutes. It comes back on it’s own after a little but it keeps dropping. I have tried it on multiple windows machines. I have also connected on my phone and ubuntu both of which seem to work consistently but don’t access network resources from what I can tell so I can’t even connect to the share at all so I can’t test moving files, I’m not sure if that is normal behavior or if it indicates something is wrong.
Here are the logs
logs.txt (6.1 KB)
Presumably everything is working fine on the Proxmox side of things and you aren’t having issues with other virtual machines on the same Host?
Are you using the turnkey-openvpn image or another image with it installed on top?
The important line in your log is this:
[server] Inactivity timeout (–ping-restart), restarting
So OpenVPN perodically sends a ping to connected clients to see if the connection is still active. If it doesn’t get a response, it drop the connection allowing for re-establishment.
There are two problems that could cause this.
- You’ve configured OpenVPN to only allow one connection per key and are connecting multiple clients on the same key.
- A stateful firewall is dropping the connection.
I think the best thing to do is post your config so we can see what you have setup. (redact a “local” line if you have it)
That looks like you have no “push routes” setup.
As far as I can tell everything is working on proxmox. I created a debian container and used this to set up openvpn.
I added this line to the lxc configuration file to get it working
lxc.cgroup.devices.allow: c 10:200 rwm
Here are my configuration files
server.txt (453 Bytes)
Client.txt (560 Bytes)
What’s the contents of ipp.txt?
should look something like:
With xxx being an IP within the 10.8.0.0/24 block (most likely 10.8.0.2)
When you connect to the VPN, do you indeed get the IP 10.8.0.2 on the tunnel interface?
And can you ping 10.8.0.1?
If this seems to happen when transfering files, it might be because your MTU size is mismatched.
Looking at your logs, your link-MTU is 1624, which is above the default.
If the entire path from your client to your server is able of using an above-normal MTU, this is fine… but… if this is not the case (And, often only 1500 is allowed), then you risk your packets will get fragmented…
As OpenVPN is encrypting your trafic - fragmentation is a real issue then
I would advice you to try and get your link-mtu down to 1500 (or slightly lower).
You could do this, by adding this to your server-config AND client-config: