Reconnect after ISP disconnect at main office

Got a problem with Viscosity or need help? Ask here!

troveitech

Posts: 5
Joined: Wed Mar 25, 2020 7:13 am

Post by troveitech » Wed Mar 25, 2020 7:25 am
Generally Viscosity works great, connects to our main office without issue. But occasionally after a network connectivity drop on either side it seems to go down, and just repeats this handshake error a few times, then sits in the "authenticating" state until I happen to remote in and see that it's hung. Is their a change I can make to allow Viscosity to regain connection after a network outage?
Code: Select all
Mar 19 12:18:22 PM: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mar 19 12:18:22 PM: TLS Error: TLS handshake failed
Mar 19 12:19:36 PM: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mar 19 12:19:36 PM: TLS Error: TLS handshake failed
Mar 19 12:20:52 PM: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mar 19 12:20:52 PM: TLS Error: TLS handshake failed
Mar 19 12:22:07 PM: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mar 19 12:22:07 PM: TLS Error: TLS handshake failed
Mar 19 12:22:29 PM: State changed to Authenticating
Code: Select all
#-- Config Auto Generated By Viscosity --#

#viscosity name client2
#viscosity autoreconnect true
#viscosity dns automatic
#viscosity usepeerdns true
#viscosity manageadapter true
#viscosity startonopen true
remote edgerouter.mainlocationwebsite.domain 1194 udp
pull
tls-client
dev tun
redirect-gateway def1
nobind
persist-key
ca cacert.pem
cert client2.pem
key client2-nopass.key
compress lzo
cipher AES-256-CBC
auth SHA256
resolv-retry infinite
comp-lzo yes
dev-node {B954547C-62DE-47B7-9145-5415598A5D1C}
route-delay 5
mute 20
I also had persist-tun until now, but saw in some research to disable that. But haven't been able to confirm if that does the trick.
- Andrew

Eric

User avatar
Posts: 969
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Wed Mar 25, 2020 10:18 am
Hi troveitech,

I'm afraid I haven't seen this one happen before, how long do these occasional network dropouts last for off interest?

Disabling persist-tun is unlikely to help here unless there is a bug in OpenVPN we're unaware of, if it does help, please do let us know and we'll investigate that specifically.

Another option is to let Viscosity handle the dropout instead of OpenVPN. To do this, edit your connection, ensure Automatically reconnect if disconnected is ticked, then go to Advanced and on a new line add:

remap-usr1 SIGTERM

This will cause Viscosity to effectively cycle the connection completely in the event of a dropout which may help.

Regards,
Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs

troveitech

Posts: 5
Joined: Wed Mar 25, 2020 7:13 am

Post by troveitech » Thu Mar 26, 2020 12:22 am
Hi Eric,

The date of the log event it was about 10 minutes of dropping while the modem rebooted due to carrier outage, coming online for a few seconds, and then another modem reboot. I believe both locations are on the same ISP system so both sides would likely have gone down near simultaneously.

Would you prefer that I re-enabled persist-tun and just try letting Viscosity handle the disconnect first?

Thanks for your response.
- Andrew

Eric

User avatar
Posts: 969
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Thu Mar 26, 2020 9:12 am
Hi Andrew,

If a dropout/modem reboot lasts for that long, you are probably better off letting Viscosity handle the dropout in this case.

Regards,
Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs

troveitech

Posts: 5
Joined: Wed Mar 25, 2020 7:13 am

Post by troveitech » Fri Mar 27, 2020 12:37 am
Sounds good to me, made those changes, I'll see how it goes.
- Andrew

troveitech

Posts: 5
Joined: Wed Mar 25, 2020 7:13 am

Post by troveitech » Mon Jul 06, 2020 11:22 pm
Hello just wanted to bring this up again. It seems letting viscosity handle the disconnect occasionally still disconnects and sits in an endless "authenticating" state.
- Andrew

Eric

User avatar
Posts: 969
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Tue Jul 07, 2020 11:38 am
Hi troveitech,

Try removing the persist-key option from your config, though I'm not sure it will help in this case. OpenVPN will try authentication for up to a minute each cycle, so it may take 2-3 minutes to reconnect after a drop out sometimes depending on how long your internet connection is down for.

Regards,
Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs

troveitech

Posts: 5
Joined: Wed Mar 25, 2020 7:13 am

Post by troveitech » Wed Jul 08, 2020 1:09 am
Tue Jul 07, 2020 11:38 amEric wrote:
Hi troveitech,

Try removing the persist-key option from your config, though I'm not sure it will help in this case. OpenVPN will try authentication for up to a minute each cycle, so it may take 2-3 minutes to reconnect after a drop out sometimes depending on how long your internet connection is down for.

Regards,
Eric
Okay I'll give that a try, and will see if I remember to check sooner.
- Andrew
8 posts Page 1 of 1