Skip to content
macOS 11.6 change to viscosity keepalive
Got a problem with Viscosity or need help? Ask here!
- Posts: 2
- Joined: Sat Dec 19, 2020 4:19 am
Viscosity Version: Viscosity 1.10b4 (1580)
macOs Version: 11.6
Reinstalled app and all helpers to continue testing.
Connecting to a Pritunl OVPN server, worked perfectly before on previous 11.5.x versions of macOS. Now when the ping-restart time is hit with keep alives enabled the client disconnects and I have to reconnect (which in my case means redoing my 2FA) and that can get a little frustrating every 60 seconds. There's no traffic moving over the VPN link during that time but that is how it was prior to 11.6 and these issues. The server is unchanged between versions and Viscosity running on another 11.5.x machine does not exhibit this issue.
Client config:
macOs Version: 11.6
Reinstalled app and all helpers to continue testing.
Connecting to a Pritunl OVPN server, worked perfectly before on previous 11.5.x versions of macOS. Now when the ping-restart time is hit with keep alives enabled the client disconnects and I have to reconnect (which in my case means redoing my 2FA) and that can get a little frustrating every 60 seconds. There's no traffic moving over the VPN link during that time but that is how it was prior to 11.6 and these issues. The server is unchanged between versions and Viscosity running on another 11.5.x machine does not exhibit this issue.
Client config:
Code: Select all
Snippet from log, note after poking at it I got it to 10 minutes but it's still frustrating.
#-- Configuration Generated By Viscosity --#
#viscosity startonopen false
#viscosity usepeerdns true
#viscosity dns automatic
#viscosity dnsdomain internal.domain.org
#viscosity dnsdomain internal.domain.dev
#viscosity protocol openvpn
#viscosity autoreconnect true
#viscosity dnsserver 172.25.0.2
#viscosity name RSR
#viscosity dhcp true
route-gateway dhcp
remote X.X.X.X 15427 udp
max-routes 1000
nobind
dev tun
inactive 0
ping 10
ping-restart 3600
persist-tun
compress
pull
tls-client
ca ca.crt
cert cert.crt
key key.key
remote-cert-tls server
tls-auth ta.key 1
route-delay auto
reneg-sec 2592000
hand-window 70
setenv UV_ID 47032e2fbb93436d8e9939556a7d5182
setenv UV_NAME autumn-plateau-8482
rcvbuf 393216
server-poll-timeout 4
auth SHA1
push-peer-info
cipher AES-128-CBC
comp-lzo no
sndbuf 393216
mute 3
Code: Select all
2021-09-28 22:36:10: State changed to Connected
2021-09-28 22:46:24: [60767cad082f2bfc992594d0] Inactivity timeout (--ping-restart), restarting
2021-09-28 22:46:24: SIGUSR1[soft,ping-restart] received, process restarting
2021-09-28 22:46:24: Viscosity Mac 1.10b4 (1580)
- Posts: 2
- Joined: Sat Dec 19, 2020 4:19 am
Update: Appears this issue isn't limited to viscosity but almost every VPN tool I have. I've tried Shimo, the Pritunl client, Barracuda VPN, everything. They all exhibit the same behaviour, after some timeout they all disconnect. It's like macOS refuses to send a packet to keep the connection alive or some other similar problem.
Hi matt-stuart,
This is unlikely to be related to macOS 11.6, unless you have some out of date firewall or network security software misbehaving with the update.
More likely this is a misconfiguration between the OpenVPN server and client. Either no traffic is passing at all (possibility a compression setting mismatch), or there is a mismatch between the ping/ping-restart values on the server and the client.
I recommend running through each of the points listed at:
https://www.sparklabs.com/support/kb/ar ... g-restart/
Cheers,
James
This is unlikely to be related to macOS 11.6, unless you have some out of date firewall or network security software misbehaving with the update.
More likely this is a misconfiguration between the OpenVPN server and client. Either no traffic is passing at all (possibility a compression setting mismatch), or there is a mismatch between the ping/ping-restart values on the server and the client.
I recommend running through each of the points listed at:
https://www.sparklabs.com/support/kb/ar ... g-restart/
The server is unchanged between versions and Viscosity running on another 11.5.x machine does not exhibit this issue.Make sure that the server isn't limiting you to a single connection at a time. By default an OpenVPN server only allows a single connection at a time per certificate. This is discussed further in the above article.
Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
3 posts
Page 1 of 1