Skip to main content

VPN Troubleshooting

These guidelines provide a systematic approach to troubleshooting configuration inconsistencies for vpn issues. A mismatched configuration can result in vpn connection failure, intermittent disconnection, or even access to resources in a remote network. By following the steps outlined in this document, you should be able to identify and address configuration issues with VPN connections.

Issue: Configuration Mismatch

Symptoms

  • VPN connection fails to establish or frequently disconnects.
  • The client device is unable to access resources on the remote network.
  • Logs indicate error messages related to mismatched configurations.

Troubleshooting Steps

1. Access the CE Terminal

  • Log in to the CE terminal with superuser privileges to perform diagnostic checks.
sudo su -

2. Check Configuration Files

Check the OpenVPN configuration files for all correct settings. Start by reviewing the interface configuration of OpenVPN.

  • To review the OpenVPN configuration, execute the following command:
cat /tmp/last_config_response.json | jq .interfacesConfig.openVpn
  • This will display the OpenVPN interface configuration from the file.
cat /etc/config/openvpn

3. Check OpenVPN Service

Check if the OpenVPN service is running on the CE device. Use the following command for its service status.

  • To check if the OpenVPN service is running, execute:
/etc/init.d/openvpn status
  • If the OpenVPN service is not running, start it by executing:
/etc/init.d/openvpn start
  • If you need to stop the OpenVPN service, use the following command:
/etc/init.d/openvpn stop

4. Client PC Troubleshooting

On the client PC, use traceroute to test network connectivity. This helps determine if routing between the client and the remote network is being done correctly.

  • On the client PC, open a terminal or command prompt and run the following command to check connectivity:
traceroute -n 8.8.8.8

5. Review OpenVPN Logs on the CE Device

Check the OpenVPN log for any error messages or warnings that may indicate configuration issues. To check the logs on the CE device, use the following command:

  • To check the OpenVPN logs for any errors or warnings, execute the following command on the CE device:
logread | grep openvpn

6. Verify Route on Client PC

To verify that the VPN route is active, run the following command on the client PC to verify that the route to the remote network is configured correctly:

  • On the client PC, to verify if the VPN route is active, use the following command:
ip route -n 8.8.8.8