Tweet
Hello,
I know there are already a lot of post about blocking firewall about this, but we have disabled every firewall on server Side. Nothing helpt so fare. So thats the reason, why I'm asking again.
Right now, we are using the Community Server, hosted in Switzerland. I will explain first a bit about our Server Setup. There are around 600 valid Certificate on our Server. Up to 200 are online at the same time. The clients that are connecting to the VPN Server are excavators all over the world. Those excavators are connected via mobile connection and sending the machine data through the VPN Tunnel to an MQTT Server.
Until the 26.09.2024 everything was fine so far. All clients connected normally, and there were no noticeable anomalies in the network. However, on September 26, 2024, at 10:30 CEST, we suddenly experienced a significant drop in the amount of data coming into our server. Around 50 machines suddenly stopped connecting. At first, we assumed it was an MQTT issue, but after some time, we realized that our VPN server was experiencing problems.
We then analyzed the data to identify which machines were actually affected and, after an initial analysis, found that only machines (clients) from Norway were impacted. The provider Telenor, which our clients use to establish the internet connection, assured us that they had not made any changes and that there were no issues with their network.
What is particularly strange for us is that sometimes the connection to the clients is established, while at other times it drops again. Moreover, not all clients in Norway are affected.
The issue that is occurring on the OpenVPN server is that the TLS key negotiation failed. I have also attached the log for reference with verbose 6. Unfortunately, we currently do not have access to the logs of the clients.
Here our server.conf:
Thanks in advance for your help.
I know there are already a lot of post about blocking firewall about this, but we have disabled every firewall on server Side. Nothing helpt so fare. So thats the reason, why I'm asking again.
Right now, we are using the Community Server, hosted in Switzerland. I will explain first a bit about our Server Setup. There are around 600 valid Certificate on our Server. Up to 200 are online at the same time. The clients that are connecting to the VPN Server are excavators all over the world. Those excavators are connected via mobile connection and sending the machine data through the VPN Tunnel to an MQTT Server.
Until the 26.09.2024 everything was fine so far. All clients connected normally, and there were no noticeable anomalies in the network. However, on September 26, 2024, at 10:30 CEST, we suddenly experienced a significant drop in the amount of data coming into our server. Around 50 machines suddenly stopped connecting. At first, we assumed it was an MQTT issue, but after some time, we realized that our VPN server was experiencing problems.
We then analyzed the data to identify which machines were actually affected and, after an initial analysis, found that only machines (clients) from Norway were impacted. The provider Telenor, which our clients use to establish the internet connection, assured us that they had not made any changes and that there were no issues with their network.
What is particularly strange for us is that sometimes the connection to the clients is established, while at other times it drops again. Moreover, not all clients in Norway are affected.
The issue that is occurring on the OpenVPN server is that the TLS key negotiation failed. I have also attached the log for reference with verbose 6. Unfortunately, we currently do not have access to the logs of the clients.
Here our server.conf:
Code:
port 1194 proto tcp dev tun ca ca.crt cert server.crt key server.key dh dh2048.pem server 10.8.0.0 255.255.0.0 ifconfig-pool-persist ipp.txt client-config-dir ccd keepalive 10 120 comp-lzo user nobody group nogroup persist-key persist-tun status ../openvpn-status.log log openvpn.log verb 6 crl-verify crl.pem
Comment