我有一个pfSense的openVPN隧道问题。 我有10个站点,但有时候一些站点会自动closures,所以我需要重新启动客户端的openVPN服务。 我能做些什么来解决它?
注意:我有一个不稳定的广域网链接。
openvpn[20891]: Re-using SSL/TLS contex openvpn[20891]: UDPv4 link local (bound):[AF_INET]10.99.62.18 openvpn[20891]: UDPv4 link remote: [AF_INET]10.89.57.5:1194 openvpn[20891]: [UNDEF] Inactivity timeout (--ping-restart), restarting openvpn[20891]: SIGUSR1[soft,ping-restart] received, process restarting openvpn[20891]: WARNING: NO server certificate verification method has been enable. openvpn[20891]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts openvpn[20891]: Re-using SSL/TLS contex openvpn[20891]: UDPv4 link local (bound):[AF_INET]10.99.62.18 openvpn[20891]: UDPv4 link remote: [AF_INET]10.89.57.5:1194 openvpn[20891]: [UNDEF] Inactivity timeout (--ping-restart), restarting openvpn[20891]: SIGUSR1[soft,ping-restart] received, process restarting openvpn[20891]: WARNING: NO server certificate verification method has been enable. See http://openvpn.net/howto.html#mitm for more information. openvpn[20891]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts openvpn[20891]: Re-using SSL/TLS contex openvpn[20891]: UDPv4 link local (bound):[AF_INET]10.99.62.18 openvpn[20891]: UDPv4 link remote: [AF_INET]10.89.57.5:1194 openvpn[20891]: [UNDEF] Inactivity timeout (--ping-restart), restarting openvpn[20891]: SIGUSR1[soft,ping-restart] received, process restarting openvpn[20891]: WARNING: NO server certificate verification method has been enable. openvpn[20891]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts openvpn[20891]: Re-using SSL/TLS contex openvpn[20891]: Preseving previous TUN/TAP instance:ovpnc1 openvpn[20891]: Initialization Sequence Completed openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: Option error: route parameter netmask '255.255.240' must be an IP address openvpn[20891]: OpenVPN ROUTE: cannot add more than 100 routes -- please increase the max-routes option in the client configuration file openvpn[20891]: Exiting openvpn[20891]: /usr/local/sbin/ovpn-linkdown ovpnc1 1500 1557 10.0.8.22 10.0.8.21 init 你不需要重新启动它,它会自己处理。 你需要解决你在那里的configuration问题。 无效的networking掩码“255.255.240”在某处,显然超过100个路由几乎肯定是过度的(例如,如果您有很多10.xxxnetworking,请使用“路由10.0.0.0 255.0.0.0”或相似的摘要) 。