Vpn client autoreconnect not reliable

Questions and mods regarding system management may go here
Forum rules
We've moved! Head over to Synology Community (community.synology.com) to meet up with our team and other Synology enthusiasts!
parisbyday
Experienced
Experienced
Posts: 101
Joined: Thu Oct 11, 2007 6:20 pm

Vpn client autoreconnect not reliable

Unread post by parisbyday » Wed Mar 06, 2013 8:22 am

Hello,

With latest DSM 4.2 and before, the vpn reconnect option generally works. (openvpn to vyprpn)
In my case i want the openvpn tunnel to be up 24/24.
However sometime once every 2/3 days i can see the connection down.
The last system message in the log is "Failed to redial by VPN profile".
It looks like, that if the reconnect fails once, it will not retry later.

Is the only option the usage of a script like described here :
http://forum.synology.com/enu/viewtopic ... +reconnect

Thanks in advance for your feedback,

Jean.

ronrosenfeld
Student
Student
Posts: 61
Joined: Wed Sep 28, 2011 3:32 am

Re: Vpn client autoreconnect not reliable

Unread post by ronrosenfeld » Fri May 17, 2013 2:41 pm

I have noted the same problem. Apparently, the VPN server goes down some time after midnight, local time, and I see the same messages in my log:

Warning System 2013/05/17 00:49:55 SYSTEM VPN profile [PrivateInternetAccess] was disconnected by server.

and then, sometime later:

Error System 2013/05/17 01:00:07 SYSTEM Failed to redial by VPN profile [xxxservernamexxx].

And no sign of any further attempt to reconnect.

rettile
Trainee
Trainee
Posts: 16
Joined: Wed May 15, 2013 8:38 pm

Re: Vpn client autoreconnect not reliable

Unread post by rettile » Sat May 25, 2013 8:37 am

I have the same problem, but with PPTP VPN.

I have two DS213 Air which are located in two different networks. The first one, which I call here "DS 1" is configured ad PPTP VP server. The second one, "DS 2" is the VPN client.

The VPN client on DS 2 is configured to "reconnect when VPN connection is lost"

Every day DS 1 must go off-line for 5 minutes (the router performs a reboot). In such case, VPN connection is lost. I would expect that DS 2 will automatically reconnect. However, DS 2 is not able to reconnect. It will attempt to do it one time, and then, if unable to connect, it simply will stop trying. To re-establish a connection between VPN client and VPN server I must do it manually.

Is there a way to get around this ? Is there a patch, a script, something that will force the VPN client on a Synology DS to keep trying and trying to reconnect, until it succeeds ?

parisbyday
Experienced
Experienced
Posts: 101
Joined: Thu Oct 11, 2007 6:20 pm

Re: Vpn client autoreconnect not reliable

Unread post by parisbyday » Sat May 25, 2013 8:51 am

Maybe you should raise a support case with synology ?

rettile
Trainee
Trainee
Posts: 16
Joined: Wed May 15, 2013 8:38 pm

Re: Vpn client autoreconnect not reliable

Unread post by rettile » Sun May 26, 2013 9:05 am

parisbyday wrote:Maybe you should raise a support case with synology ?
I did it a couple of days ago, but since it's still week end, I guess they will not answer before tomorrow. Since I urgently need to solve this issue, why do not tell me if you found a solution ? :mrgreen:

rettile
Trainee
Trainee
Posts: 16
Joined: Wed May 15, 2013 8:38 pm

Re: Vpn client autoreconnect not reliable

Unread post by rettile » Mon May 27, 2013 10:21 pm

Finally, answer from tech support arrived. Sadly, they have no solution to this issue. Perhaps they will add some in future to next versions of DS software..

Meanwhile, does anybody know a solution ??

Thanks for reply

jrnker
I'm New!
I'm New!
Posts: 3
Joined: Fri Jul 12, 2013 9:06 am

Re: Vpn client autoreconnect not reliable

Unread post by jrnker » Fri Jul 12, 2013 10:00 am

Okay here are my 5 cents for getting this to work.
(As much for your help as for my own reference ;))

The solution requires editing some stuff through the console, so don't do this if you're uncomfortable with it.

Create a script in /root (yeah yeah, there are probably a ton of better places than there) with the command:

Code: Select all

vi /root/openVPNreconnect
Then when in the editor press the key i (you won't see anything happening) and paste the following code:

Code: Select all

if echo `ifconfig tun0` | grep -q "00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00"
then
        echo "VPN up"
else
        echo 1 > /usr/syno/etc/synovpnclient/vpnc_connecting
        synovpnc reconnect --protocol=openvpn --name=vpntunnel
fi
exit 0
The text --name=vpntunnel contains the name of your vpn profile, so change this to whatever you've called it in your gui.
Now, press the escape key and type :wq and press enter. The file is saved and you should be returned to the console.

Then enter the command

Code: Select all

chmod +x /root/openVPNreconnect
which will prepare the script to be executed.

You should be able to test the script now with the following command:

Code: Select all

/root/openVPNreconnect

Then make a copy of crontab (which schedule jobs) with:

Code: Select all

cp /etc/crontab /root/crontab.bak
and then consequently edit it:

Code: Select all

vi /etc/crontab
and enter edit mode by pressing the key i and adding the following after the last line:

Code: Select all

*/5     *       *       *       *       root    /root/openVPNreconnect
Note that the space between the text is spaces and not tabs.
The first */5 defines how often the script will run. I run mine every 5 minutes to make sure the VPN stays up.
So for once every thirty minutes would of course be */30.
Exit the editor with escape and then :wq and press enter.

So, if all is right and I haven't done any typos in the text above, then you should be able to restart cron and it should keep your VPN up running

Code: Select all

/usr/syno/etc/rc.d/S04crond.sh stop
/usr/syno/etc/rc.d/S04crond.sh start
-Chris.J

psychedelia
Novice
Novice
Posts: 41
Joined: Wed Jan 11, 2012 5:12 pm

Re: Vpn client autoreconnect not reliable

Unread post by psychedelia » Sat Aug 17, 2013 2:47 pm

Thanks Chris, this is great! I wonder something though, let's say the server you are reconnecting too is down for maintenance (or whatever), would there be any clever way to alter the script so it tries to connect to an alternative VPN profile/server in such case?

Stanley

serrnovik
Trainee
Trainee
Posts: 15
Joined: Thu Aug 08, 2013 6:17 pm

Re: Vpn client autoreconnect not reliable

Unread post by serrnovik » Tue Sep 24, 2013 2:41 pm

Hi, Chris. This is very userfull script. Everything works fine except after synology resarts crontab got replaced with original. So in case of powerdown or something else like that diskstaion won't reconect to vpn. Any cure from that?

serrnovik
Trainee
Trainee
Posts: 15
Joined: Thu Aug 08, 2013 6:17 pm

Re: Vpn client autoreconnect not reliable

Unread post by serrnovik » Tue Sep 24, 2013 3:15 pm

Solved issue myself. The problem was that i copy pasted this string:

Code: Select all

*/5     *       *       *       *       root    /root/openVPNreconnect
But what i should have done is manualy typed it. Looks like tab symbols got replaced by spaces. And that does not get validated and synology removes this string.

timothyo
I'm New!
I'm New!
Posts: 1
Joined: Wed Oct 02, 2013 3:28 pm

Re: Vpn client autoreconnect not reliable

Unread post by timothyo » Wed Oct 02, 2013 3:31 pm

You can also use the following script if you are using pptp:

if echo `ifconfig ppp0` | grep -q "Link encap:Point-to-Point Protocol"
then
echo "VPN up"
else
echo 1 > /usr/syno/etc/synovpnclient/vpnc_connecting
synovpnc reconnect --protocol=pptp --name=Connection
fi
exit 0

tailslide
Rookie
Rookie
Posts: 31
Joined: Wed Nov 13, 2013 8:35 pm

Re: Vpn client autoreconnect not reliable

Unread post by tailslide » Tue Nov 19, 2013 9:22 pm

Great stuff works perfectly thank you saved me lots of time :D

tailslide
Rookie
Rookie
Posts: 31
Joined: Wed Nov 13, 2013 8:35 pm

Re: Vpn client autoreconnect not reliable

Unread post by tailslide » Mon Mar 03, 2014 4:21 pm

Just a note.. applying synology OS updates seems to clean out the /root folder but not the crontab entry so you either need to find a different place to put the script or re-apply it after updates.

serrnovik
Trainee
Trainee
Posts: 15
Joined: Thu Aug 08, 2013 6:17 pm

Re: Vpn client autoreconnect not reliable

Unread post by serrnovik » Mon Mar 03, 2014 7:29 pm

Good to know notice.Thank you.

006fazer
Student
Student
Posts: 61
Joined: Sun May 09, 2010 8:28 pm

Re: Vpn client autoreconnect not reliable

Unread post by 006fazer » Sun Mar 09, 2014 7:53 am

tailslide wrote:Just a note.. applying synology OS updates seems to clean out the /root folder but not the crontab entry so you either need to find a different place to put the script or re-apply it after updates.
Hi,

Just update mine with Beta 5, script has been removed :-(

I added some code to update remote hosts file to update my IP vpn client address :-(

The scripyt seem not fonctionning on Beta 5...

Edit :
with this modification it works :

Code: Select all

if echo `ifconfig tun0` | grep -q "00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00"
then
        echo "VPN up"
else
        echo conf_id=o1380223815 > /usr/syno/etc/synovpnclient/vpnc_connecting
        echo conf_name=ConnectionRackstation >> /usr/syno/etc/synovpnclient/vpnc_connecting
        echo proto=openvpn >> /usr/syno/etc/synovpnclient/vpnc_connecting
        synovpnc reconnect --protocol=openvpn --name=Connection
fi
exit 0

Locked

Return to “System Managment Mods”