vpn flapping
Posted: Wed May 22, 2019 5:33 pm
Hi There,
I am using viscosity vpn client but since some time the vpn connection is not stable.
Here the log (in german)
Basically everytime the vpn is disconneting and the connecting back autonatically i always see the below loogs (of course with different timestamp).
I am trying to use differnet wifi access, i also tried a cabled network and restart of the laptop but nothing helped.
Any hint?
May 22 8:34:16 AM: Status auf Verbinde geändert
May 22 8:34:16 AM: Viscosity Windows 1.7.14 (1595)
May 22 8:34:17 AM: Betriebsystem ist Microsoft Windows 10 Pro
May 22 8:34:17 AM: Betriebsystem ist .NET Framework Version 4.7.03190.461814
May 22 8:34:17 AM: Aktivieren des Netzwerkadapters...
May 22 8:34:18 AM: OpenVPN 2.4.6 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [AEAD] built on Jan 21 2019
May 22 8:34:18 AM: library versions: OpenSSL 1.0.2q 20 Nov 2018, LZO 2.09
May 22 8:34:18 AM: Checking remote host "vpn1.xx.xx.xx" is reachable...
May 22 8:34:19 AM: Server reachable. Connecting to xx.xx.xx.xx
May 22 8:34:20 AM: TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xx.xx.xx:yyyy
May 22 8:34:20 AM: UDP link local (bound): [AF_INET][undef]:1194
May 22 8:34:20 AM: UDP link remote: [AF_INET]xx.xx.xx.xx:yyyy
May 22 8:34:20 AM: Status auf Authenticating geändert
May 22 8:34:20 AM: [openvpn.vpn.blabla.de] Peer Connection Initiated with [AF_INET]xx.xx.xx.xx:yyyy
May 22 8:34:21 AM: Status auf Verbinde geändert
May 22 8:34:22 AM: WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
May 22 8:34:22 AM: WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
May 22 8:34:22 AM: WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
May 22 8:34:22 AM: open_tun
May 22 8:34:23 AM: TAP-WIN32 device [abc] opened: \\.\Global\{Bxxx-xxx-xx-xx}.tap
May 22 8:34:23 AM: Notified TAP-Windows driver to set a DHCP IP/netmask of xx.xx.xx.xx/255.255.255.0 on interface {Bxxx-xxx-xx-xx} [DHCP-serv: xx.xx.xx.xx, lease-time: 31536000]
May 22 8:34:23 AM: Successful ARP Flush on interface [20] {Bxxx-xxx-xx-xx}
May 22 8:34:23 AM: Sorry, but I don't know how to configure link layer addresses on this operating system.
May 22 8:34:23 AM: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
May 22 8:34:28 AM: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
May 22 8:34:28 AM: Initialization Sequence Completed
May 22 8:34:29 AM: Warnung: DNS ist auf 'Splitten' eingestellt, aber es sind keine DNS-Domänen vorhanden. Der/die DNS-Server für diese Verbindung können nicht genutzt werden. Für weitere Informationen konsultieren Sie bitte: https://www.sparklabs.com/support/kb/article/warning-split-dns-is-being-used-however-no-dns-domains-are-present/
Server - xx.xx.xx.xx:53; Lookup Type - Split; Domains - None
Server -xx.xx.xx.xx:53; Lookup Type - Split; Domains - None
Server - 192.168.1.1:53; Lookup Type - Any; Domains - localdomain.
May 22 8:34:29 AM: Status auf Verbunden geändert
I am using viscosity vpn client but since some time the vpn connection is not stable.
Here the log (in german)
Basically everytime the vpn is disconneting and the connecting back autonatically i always see the below loogs (of course with different timestamp).
I am trying to use differnet wifi access, i also tried a cabled network and restart of the laptop but nothing helped.
Any hint?
May 22 8:34:16 AM: Status auf Verbinde geändert
May 22 8:34:16 AM: Viscosity Windows 1.7.14 (1595)
May 22 8:34:17 AM: Betriebsystem ist Microsoft Windows 10 Pro
May 22 8:34:17 AM: Betriebsystem ist .NET Framework Version 4.7.03190.461814
May 22 8:34:17 AM: Aktivieren des Netzwerkadapters...
May 22 8:34:18 AM: OpenVPN 2.4.6 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [AEAD] built on Jan 21 2019
May 22 8:34:18 AM: library versions: OpenSSL 1.0.2q 20 Nov 2018, LZO 2.09
May 22 8:34:18 AM: Checking remote host "vpn1.xx.xx.xx" is reachable...
May 22 8:34:19 AM: Server reachable. Connecting to xx.xx.xx.xx
May 22 8:34:20 AM: TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xx.xx.xx:yyyy
May 22 8:34:20 AM: UDP link local (bound): [AF_INET][undef]:1194
May 22 8:34:20 AM: UDP link remote: [AF_INET]xx.xx.xx.xx:yyyy
May 22 8:34:20 AM: Status auf Authenticating geändert
May 22 8:34:20 AM: [openvpn.vpn.blabla.de] Peer Connection Initiated with [AF_INET]xx.xx.xx.xx:yyyy
May 22 8:34:21 AM: Status auf Verbinde geändert
May 22 8:34:22 AM: WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
May 22 8:34:22 AM: WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
May 22 8:34:22 AM: WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
May 22 8:34:22 AM: open_tun
May 22 8:34:23 AM: TAP-WIN32 device [abc] opened: \\.\Global\{Bxxx-xxx-xx-xx}.tap
May 22 8:34:23 AM: Notified TAP-Windows driver to set a DHCP IP/netmask of xx.xx.xx.xx/255.255.255.0 on interface {Bxxx-xxx-xx-xx} [DHCP-serv: xx.xx.xx.xx, lease-time: 31536000]
May 22 8:34:23 AM: Successful ARP Flush on interface [20] {Bxxx-xxx-xx-xx}
May 22 8:34:23 AM: Sorry, but I don't know how to configure link layer addresses on this operating system.
May 22 8:34:23 AM: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
May 22 8:34:28 AM: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
May 22 8:34:28 AM: Initialization Sequence Completed
May 22 8:34:29 AM: Warnung: DNS ist auf 'Splitten' eingestellt, aber es sind keine DNS-Domänen vorhanden. Der/die DNS-Server für diese Verbindung können nicht genutzt werden. Für weitere Informationen konsultieren Sie bitte: https://www.sparklabs.com/support/kb/article/warning-split-dns-is-being-used-however-no-dns-domains-are-present/
Server - xx.xx.xx.xx:53; Lookup Type - Split; Domains - None
Server -xx.xx.xx.xx:53; Lookup Type - Split; Domains - None
Server - 192.168.1.1:53; Lookup Type - Any; Domains - localdomain.
May 22 8:34:29 AM: Status auf Verbunden geändert