Hi,
yesterday one of our client router stuck again, after 21 days.
Log is full of ovpn and l2tp entries:
May/04/2020 22:48:53 ovpn,info TCP connection established from 95.156.170.96
May/04/2020 22:48:53 ovpn,info TCP connection established from 46.239.53.103
May/04/2020 22:48:53 ovpn,info TCP connection established from 95.156.172.18
May/04/2020 22:48:54 ovpn,info TCP connection established from 109.165.199.171
May/04/2020 22:48:54 ovpn,info TCP connection established from 31.223.135.229
May/04/2020 22:48:54 ovpn,info TCP connection established from 178.77.33.52
May/04/2020 22:48:54 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:54 ovpn,info TCP connection established from 1.1.1.1
May/04/2020 22:48:54 ovpn,info TCP connection established from 1.1.1.2
May/04/2020 22:48:54 ovpn,info TCP connection established from 1.1.1.3
May/04/2020 22:48:54 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:55 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:55 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:55 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:55 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:55 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:55 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:55 ovpn,info TCP connection established from 1.1.1.4
May/04/2020 22:48:55 ovpn,info TCP connection established from 1.1.1.5
May/04/2020 22:48:55 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:56 ovpn,info : using encoding - BF-128-CBC/SHA1
May/04/2020 22:48:56 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:56 ovpn,info TCP connection established from 1.1.1.6
May/04/2020 22:48:56 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:56 ovpn,info : using encoding - BF-128-CBC/SHA1
May/04/2020 22:48:56 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:56 ovpn,info TCP connection established from 1.1.1.7
May/04/2020 22:48:56 ovpn,debug,error duplicate packet, dropping
May/04/2020 22:48:56 ovpn,info TCP connection established from 1.1.1.8
May/04/2020 22:48:56 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:56 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:57 ovpn,info TCP connection established from 1.1.1.9
May/04/2020 22:48:57 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:57 ovpn,info TCP connection established from 1.1.1.10
May/04/2020 22:48:57 ovpn,info TCP connection established from 1.1.1.11
May/04/2020 22:48:57 ovpn,info TCP connection established from 1.1.1.12
May/04/2020 22:48:57 ovpn,info TCP connection established from 1.1.1.13
May/04/2020 22:48:57 ovpn,info TCP connection established from 1.1.1.14
May/04/2020 22:48:57 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:58 ovpn,info TCP connection established from 1.1.1.15
May/04/2020 22:48:58 ovpn,info TCP connection established from 1.1.1.16
May/04/2020 22:48:58 ovpn,info TCP connection established from 1.1.1.17
May/04/2020 22:48:58 l2tp,info first L2TP UDP packet received from 1.1.1.17
May/04/2020 22:48:58 ovpn,info TCP connection established from 1.1.1.18
May/04/2020 22:48:58 ovpn,info TCP connection established from 1.1.1.19
May/04/2020 22:48:58 ovpn,info TCP connection established from 1.1.1.20
May/04/2020 22:48:58 ovpn,info TCP connection established from 1.1.1.21
May/04/2020 22:48:58 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:58 l2tp,ppp,error <1.1.1.17>: user USER01 is already active
May/04/2020 22:48:58 ovpn,info TCP connection established from 1.1.1.22
May/04/2020 22:48:58 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:58 l2tp,info first L2TP UDP packet received from 1.1.1.23
May/04/2020 22:48:58 ovpn,info : using encoding - AES-256-CBC/SHA1
May/04/2020 22:48:58 l2tp,ppp,error <1.1.1.23>: user USER02 is already active
May/04/2020 22:48:58 ovpn,info TCP connection established from 1.1.1.24
Real public addresses are mapped to 1.1.1.X addresses for the sake of the security.
This problem affected ovpn and l2tp connections, ipsec as well (connection is established but the connections to remote server experience a lot of lost packets).
I've turned on a debug logging for ovpn. Among other non human readable data here is the one entry:
May/04/2020 22:57:03 ovpn,debug <1.1.1.1>: disconnected <user USER is already active>
I tried disabling OVPN, L2TP service, remove stale VPN connection, like I did before...but the reboot is the only remedy
Any thoughts ??
mIRO