severity #863110 serious thanks Hi,
we have got the same issue with all our VPNs upgraded to Stretch now. Most VPNs are connected about a 1 GBit/s datacenter connection with each other (also same LAN), the other ones are connected about a 100 MBit/s connection. Example configuration: client dev tun proto udp remote XYZ 1197 verify-x509-name "C=de, ST=Nordrhein-Westfalen, L=...., O=....., OU=...., CN=...., emailAddress=...." route remote_host 255.255.255.255 net_gateway resolv-retry infinite nobind persist-key persist-tun ca .... cert .... key ..... auth-user-pass .... cipher AES-256-CBC auth SHA256 comp-lzo route-delay 4 verb 3 reneg-sec 0 The only thing I have got in my logs is e.g. this: Jul 12 03:02:39 HOST ovpn-ABC_network[20317]: [gateway01] Inactivity timeout (--ping-restart), restarting Jul 12 03:02:39 HOST ovpn-ABC_network[20317]: SIGUSR1[soft,ping-restart] received, process restarting Jul 12 03:02:39 HOST ovpn-ABC_network[20317]: Restart pause, 5 second(s) Jul 12 03:02:44 HOST ovpn-ABC_network[20317]: TCP/UDP: Preserving recently used remote address: [AF_INET].........:44443 Jul 12 03:02:44 HOST ovpn-ABC_network[20317]: Socket Buffers: R=[87380->87380] S=[16384->16384] Jul 12 03:02:44 HOST ovpn-ABC_network[20317]: Attempting to establish TCP connection with [AF_INET]..........:44443 [nonblock] Jul 12 03:04:44 HOST ovpn-ABC_network[20317]: TCP: connect to [AF_INET]............:44443 failed: Connection timed out Jul 12 03:04:44 HOST ovpn-ABC_network[20317]: SIGUSR1[connection failed(soft),init_instance] received, process restarting Jul 12 03:04:44 HOST ovpn-ABC_network[20317]: Restart pause, 5 second(s) Jul 12 03:04:49 HOST ovpn-ABC_network[20317]: TCP/UDP: Preserving recently used remote address: [AF_INET]............:44443 Jul 12 03:04:49 HOST ovpn-ABC_network[20317]: Socket Buffers: R=[87380->87380] S=[16384->16384] Jul 12 03:04:49 HOST ovpn-ABC_network[20317]: Attempting to establish TCP connection with [AF_INET]..........:44443 [nonblock] After this the connection was down, until we manualy restarted it. Since all Stretch VPNs are affected here raised the severity of this issue. -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */