You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi there, first of all thanks for the amazing script. I'm using it, based in a restricted country with a remote VPS and I've had this set up for years, since around 6 months now with your solution (previously used Streisand which is no longer maintained).
I'm having a challenge though and I'm not even entirely sure it's linked to your script but I'd appreciate a pointer to debug this if you can... Most recently, I am faced with sporadic downtime and the only way for me to reconnect is by restarting my router. While I'm pretty sure the router itself is o.k. (Intel Nuc, solid HW specs) and I am on a static IP with fibre, I was wondering if there is anything I can debug. I never had these issues with the previous setup (same hardware,using Streisand Effcect).
Setup:
HOME - static IP, 250MBit fibre optic connection - firewall/router is untangle (used for many years), rotuer is an Intel NUC with i5 and 16GB RAM.
VPNSERVER - static IP, hosted on VM that is super reliable (0% downtime on the host in 5 years). 16GB RAM , 2 AMD EPYC vcores. OS Ubuntu 20.04 LTS, fully updated and upgraded
These are the client ovpn settings I am using.
Note: I must use TCP 443 as DPI prevents any other connection
client
proto tcp-client
remote XX 443
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_xxxxxxx name
auth SHA512
auth-nocache
cipher AES-256-CBC
tls-client
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ignore-unknown-option block-outside-dns
setenv opt block-outside-dns # Prevent Windows 10 DNS leak
verb 3
server.conf
port 443
proto tcp
dev tun
user nobody
group nogroup
persist-key
persist-tun
keepalive 10 120
topology subnet
server xx.xx.xx.xx 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 1.0.0.1"
push "dhcp-option DNS 1.1.1.1"
push "redirect-gateway def1 bypass-dhcp"
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server_xxxxx.crt
key server_xxxxx.key
auth SHA512
cipher AES-256-CBC
ncp-ciphers AES-256-CBC
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
verb 3
This discussion was converted from issue #909 on December 13, 2021 21:53.
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi there, first of all thanks for the amazing script. I'm using it, based in a restricted country with a remote VPS and I've had this set up for years, since around 6 months now with your solution (previously used Streisand which is no longer maintained).
I'm having a challenge though and I'm not even entirely sure it's linked to your script but I'd appreciate a pointer to debug this if you can... Most recently, I am faced with sporadic downtime and the only way for me to reconnect is by restarting my router. While I'm pretty sure the router itself is o.k. (Intel Nuc, solid HW specs) and I am on a static IP with fibre, I was wondering if there is anything I can debug. I never had these issues with the previous setup (same hardware,using Streisand Effcect).
Setup:
HOME - static IP, 250MBit fibre optic connection - firewall/router is untangle (used for many years), rotuer is an Intel NUC with i5 and 16GB RAM.
VPNSERVER - static IP, hosted on VM that is super reliable (0% downtime on the host in 5 years). 16GB RAM , 2 AMD EPYC vcores. OS Ubuntu 20.04 LTS, fully updated and upgraded
These are the client ovpn settings I am using.
Note: I must use TCP 443 as DPI prevents any other connection
server.conf
Thanks for your thoughts!
Beta Was this translation helpful? Give feedback.
All reactions