# [SOLVED] Open VPN connection dropping  outside network activity on only one of three devices



## newconroer (Dec 30, 2013)

_Solution was to force all traffic over VPN. My VPN client gui had this a simple check box - though there are script commands that can do it as well._

===============================================================
I am running Open VPN on three devices over Netgear DG834GV4 ( have also tried this on a Sagem 2504).

Computer A (Windows 7, Viscosity VPN client, ethernet) runs fine, no problems using VPN.
Computer B (Windows 7, Viscosity VPN client, Linksys wireless adapter)runs fine for about ten minutes or so, then all websites fail. VPN is still connected(in a connected state) and internal network is ok.
Computer C (Android, Open VPN for Android client, ethernet) device runs fine, no problems using VPN.

I have tried using default blank DNS in IPV4 config, Open DNS servers via the IPV4 configuration, DNS via the VPN itself or completely no DNS at all.

My VPN provider has tried to assist but the only responses I've had are :

A) Your router must not work with multiple devices and VPN.
B) Try different ports.

A) is obviously not true
B) I am doing this next, but what alternative ports can I use for a VPN?

When I disable the VPN connection on Computer B, it works indefinitely, which says to me it's clearly an issue with the VPN connection. The settings for the VPN are identical to Computer A.


I found a person having a very similar issue, however no replies to that thread:

_"On one of my home PCs (Windows 7 Professional 64BIT, wired connection) I have problem with VPN - after 2-5 minutes after connection to my workplace it "freezes" - i.e. pings stop reaching my work computers, but connection itself reports "connected" state. If I disconnect/reconnect it manually everything returns back to life - for several minutes. I have 3 more different computers on the same network (2 laptops, one workstation), some of them are wired, some wireless, one even has the same OS )Windows 7/64bit. All have VPN configured the same way to the same workplace - but they work perfectly without disconnections/freezes, and the forth PC - does not."
_
I read elsewhere that Windows firewall might be blocking replies from the dhcp server whilst the VPN connection is open. This causes the VPN connection to drop out at the end of the dhcp lease period

...?


----------



## Aquinus (Dec 30, 2013)

What Linksys adapter are you using? I've had a number of issues with me AE2500, not just with OpenVPN but anything that makes it run too hot. I had to remove the case on the adapter just so it can keep kind of cool. I use OVPN at work and I used to administer it.

Are you running OpenVPN on the router and essentially adding your work network to your home network or is each computer connecting to the VPN individually? If it's the latter, I suspect an issue with the client, not the server. Could you output what OVPN says once it stops responding and have you tried pinging a device on the work network without DNS? I find that DNS doesn't always switch when I connect. Granted I usually connect in Linix and I manually copy a new /etc/resolve.conf to take care of it, but since it initially starts working, I'm skeptical that's the issue.

Can you ping computer B from computer A or C over the VPN connection? Pinging the VPN IP for Comp B when it stops responding?


----------



## newconroer (Dec 30, 2013)

Hi,

The adapter is a [get back to you on that].

Each device boots up and then connects individually to different VPN servers.
Are you familiar with Viscosity? That's the GUI/client I am using.

The next time it stops I will try pinging another device and also check the log.


----------



## Aquinus (Dec 30, 2013)

Sorry, I tend to use the CLI client. I like the verbosity. I don't know if Viscosity has any options for logging or debugging, but I would be surprised if it didn't.


----------



## newconroer (Dec 30, 2013)

The wireless device is a http://support.linksys.com/en-us/support/adapters/WGA54G/

I agree that it's not a server side issue.
I've switched to a wired powerline connection and we're going on fifteen minutes now.


----------



## newconroer (Dec 30, 2013)

Alright, switched back to wireless and it dropped with the log :

Dec 30 01:37:40: State changed to Connecting
Dec 30 01:37:41: Viscosity 1.0.0 (1034)
Dec 30 01:37:41: Running on Microsoft Windows 7 Ultimate
Dec 30 01:37:41: Bringing up interface...
Dec 30 01:37:41: Checking reachability status of connection...
Dec 30 01:37:42: Connection is reachable. Starting connection attempt.
Dec 30 01:37:42: OpenVPN 2.3.2 Windows-MSVC [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Dec 13 2013
Dec 30 01:37:43: Attempting to establish TCP connection with [AF_INET]109.123.107.155:80 [nonblock]
Dec 30 01:37:44: TCP connection established with [AF_INET]109.123.107.155:80
Dec 30 01:37:44: TCPv4_CLIENT link local: [undef]
Dec 30 01:37:44: TCPv4_CLIENT link remote: [AF_INET]109.123.107.155:80
Dec 30 01:37:44: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Dec 30 01:37:44: [*.earthvpn.com] Peer Connection Initiated with [AF_INET]109.123.107.155:80
Dec 30 01:37:49: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Dec 30 01:37:49: open_tun, tt->ipv6=0
Dec 30 01:37:49: TAP-WIN32 device [Viscosity] opened: \\.\Global\{7705A231-89E9-48A1-B0BC-289AFC23A14D}.tap
Dec 30 01:37:49: Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.179.17/255.255.255.252 on interface {7705A231-89E9-48A1-B0BC-289AFC23A14D} [DHCP-serv: 192.168.179.18, lease-time: 31536000]
Dec 30 01:37:49: Successful ARP Flush on interface [14] {7705A231-89E9-48A1-B0BC-289AFC23A14D}
Dec 30 01:37:55: Initialization Sequence Completed
Dec 30 01:37:55: State changed to Connected
*Dec 30 01:45:43: [*.earthvpn.com] Inactivity timeout (--ping-restart), restarting
Dec 30 01:45:43: SIGUSR1[soft,ping-restart] received, process restarting
Dec 30 01:45:43: State changed to Connecting
*
Timeout I can agree with, as per the symptoms - but why is inactivity affecting this device and not the others?

I noticed on the failing computer that WLAN configuration service is not turned started/turned on.


----------



## remixedcat (Dec 30, 2013)

Turn on the service.

Also make sure the WLAN channel isn't congested that the Linksys is using.

Also do you have any energy saving features on the adapter? If so turn those off.


----------



## newconroer (Dec 30, 2013)

Turned on the service and got a new error now :


Dec 30 02:34:03: ROUTE: route addition failed using CreateIpForwardEntry: The object already exists.   [status=5010 if_index=11]
Dec 30 02:34:03: env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Dec 30 02:34:03: Initialization Sequence Completed
Dec 30 02:34:03: State changed to Connected


Channel should not be congested; only two wireless devices (this one and a mobile phone).

The linksys device is quite basic in terms of configuration. There will be no power or advanced features. 

Considering this only happens when connected to the VPN, it should be independent of the activity status of the adapter itself.


----------



## Aquinus (Dec 30, 2013)

Do you have another wireless adapter to can try it with to try and rule out the adapter itself? You could try a different channel just for the sake of trying it. Some channels have more noise than others.


----------



## newconroer (Dec 30, 2013)

I ran the sequence again - connected wireless, connected VPN and then let it sit for twenty minutes.
I checked one website, which worked, and then right afterwards I got the disconnect again.

*[*.earthvpn.com] Inactivity timeout (--ping-restart), restarting
SIGUSR1[soft,ping-restart] received, process restarting
State changed to Connecting*

So it's holding the connection until a point of 'inactivity' but only disconnects after I try to use it again - not before!?!?



Aquinus said:


> Do you have another wireless adapter to can try it with to try and rule out the adapter itself? You could try a different channel just for the sake of trying it. Some channels have more noise than others.



I do in fact, and will do that shortly - need to clarify if it's the wireless service or just the adapter itself.

*
*


----------



## newconroer (Dec 30, 2013)

With the other adapter (USB based)[and on a different channel], it times out quicker:

*Dec 30 04:38:25*: State changed to Connecting
Dec 30 04:38:25: Viscosity 1.0.0 (1034)
Dec 30 04:38:25: Running on Microsoft Windows 7 Ultimate
Dec 30 04:38:26: Bringing up interface...
Dec 30 04:38:27: Checking reachability status of connection...
Dec 30 04:38:31: Connection is reachable. Starting connection attempt.
Dec 30 04:38:31: OpenVPN 2.3.2 Windows-MSVC [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Dec 13 2013
Dec 30 04:38:33: Attempting to establish TCP connection with [AF_INET]95.154.217.109:80 [nonblock]
Dec 30 04:38:34: TCP connection established with [AF_INET]95.154.217.109:80
Dec 30 04:38:34: TCPv4_CLIENT link local: [undef]
Dec 30 04:38:34: TCPv4_CLIENT link remote: [AF_INET]95.154.217.109:80
Dec 30 04:38:35: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Dec 30 04:38:36: [*.earthvpn.com] Peer Connection Initiated with [AF_INET]95.154.217.109:80
Dec 30 04:38:40: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Dec 30 04:38:40: open_tun, tt->ipv6=0
Dec 30 04:38:40: TAP-WIN32 device [Viscosity] opened: \\.\Global\{7705A231-89E9-48A1-B0BC-289AFC23A14D}.tap
Dec 30 04:38:40: Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.179.13/255.255.255.252 on interface {7705A231-89E9-48A1-B0BC-289AFC23A14D} [DHCP-serv: 192.168.179.14, lease-time: 31536000]
Dec 30 04:38:40: Successful ARP Flush on interface [14] {7705A231-89E9-48A1-B0BC-289AFC23A14D}
Dec 30 04:38:45: Warning: route gateway is ambiguous: 192.168.0.1 (2 matches)
Dec 30 04:38:45: env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Dec 30 04:38:46: Initialization Sequence Completed
*Dec 30 04:38:46: State changed to ConnectedDec 30 04:39:28: [*.earthvpn.com] Inactivity timeout (--ping-restart), restarting
Dec 30 04:39:28: SIGUSR1[soft,ping-restart] received, process restarting
Dec 30 04:39:28: State changed to Connecting
*

That was one website visit before it disconnected.

Note the routing comment in the fifth to last lines.

On the first adapter it was :
_Dec 30 02:34:03: ROUTE: route addition failed using CreateIpForwardEntry: The object already exists.   [status=5010 if_index=11]
_
On this adapter it changed to :
_Dec 30 04:38:45: Warning: route gateway is ambiguous: 192.168.0.1 (2 matches)
_

So that's two failures via wireless and none via wired.


----------



## BiggieShady (Dec 30, 2013)

You could try restarting your DHCP service and if it doesn't help try resetting winsock in cmd as admin:

```
netsh winsock reset
```


----------



## Aquinus (Dec 30, 2013)

Your network and the VPN network aren't on the same subnet, are they?

What's your subnet and the VPN's subnet?


----------



## newconroer (Dec 30, 2013)

BiggieShady said:


> You could try restarting your DHCP service and if it doesn't help try resetting winsock in cmd as admin:
> 
> ```
> netsh winsock reset
> ```



I am not familiar with how to manually restart the DHCP other than to toggle it on/off in the router page?

What's the purpose of resetting winsock - you think there's corruption in the catalog?



Aquinus said:


> Your network and the VPN network aren't on the same subnet, are they?
> 
> What's your subnet and the VPN's subnet?



ending .252 for VPN
ending .250 for my subnet


----------



## Aquinus (Dec 30, 2013)

newconroer said:


> I am not familiar with how to manually restart the DHCP other than to toggle it on/off in the router page?
> 
> What's the purpose of resetting winsock - you think there's corruption in the catalog?
> 
> ...



That doesn't help me? I wanted the full subnet, not just the mask.
For example mine at my network in my house is 10.0.0.0/24 with 10.0.0.1 as the gateway and at work it is 10.255.0.0/16 with 10.255.255.254 as the gateway.


----------



## newconroer (Dec 30, 2013)

I changed the port from 80 to 443 on the failing connection and it has been up (and physically inactive on my part) for about half an hour.
I tried various websites and the connection is still responding.


----------



## newconroer (Dec 30, 2013)

Connection lasted for just under an hour then reset. This time however, it didn't require any involvement from me - it had already timed out on it's own.

The facts :

-Only happens when using VPN
-Only happens on wireless (that I can tell)
-Tried two wireless devices with same results
-Used different port for the VPN


----------



## remixedcat (Dec 30, 2013)

Mabye it's a bug with the VPN software and wireless controllers. What kinda encryption are you using?


----------



## newconroer (Dec 30, 2013)

Possibly; I'll look for another VPN client.

OpenVPN protocol uses AES cipher with 128bit and 256bit(Optional) encryption, hash algorithm is 160bit SHA1, control channel is TLSv1/SSLv3 DHE-RSA-AES256-SHA and 2048 bit RSA.

EDIT: Changed to a more basic Open VPN client. OpenVPN as a protocol is not an option, so I chose SSTP which connected and am going to try it in about half an hour.


----------



## newconroer (Dec 30, 2013)

Basic Open VPN under SSTP as previously mentioned, eventually died out with the following :






I question whether it really has anything to do with password or authentication, seeing as how it connected for thirty + minutes without fault.

I have enabled logging - and hopefully will turn something up.


----------



## kn00tcn (Dec 30, 2013)

if you make computer A wireless, will it start dropping as well?


----------



## Finners (Dec 30, 2013)

Have you got the wireless device set up to have a static IP?


----------



## newconroer (Dec 30, 2013)

kn00tcn said:


> if you make computer A wireless, will it start dropping as well?


Haven't tried that; but may do so in a short bit here


Finners said:


> Have you got the wireless device set up to have a static IP?


Originally it did and we had the same problems


----------



## remixedcat (Dec 30, 2013)

Sounds like you got an encryption problem. 

How secure is your network?


----------



## newconroer (Dec 30, 2013)

I would not say it's overtly secure - and the settings between both computers are near identical in terms of active services.

I've just plugged in a wireless adapter on this main working computer to see if it produces the same fault.


----------



## newconroer (Dec 30, 2013)

54 minutes and counting; no inactivity errors and connection still working.
Downstairs computer disconnected again, this time though I got the error I was expecting to see : 







Maybe it is just that computer. Hmm.


----------



## newconroer (Dec 31, 2013)

BiggieShady said:


> You could try restarting your DHCP service and if it doesn't help try resetting winsock in cmd as admin:
> 
> ```
> netsh winsock reset
> ```



I did this winsock reset and now even when the computer is not on a VPN, I am getting resolving host/cannot load webpage errors and flash videos such as Youtube sometimes do not auto play  - I have to manually action them...


----------



## Aquinus (Dec 31, 2013)

Can you run a couple continuous pings until the connection dies? If the connection dies do both pings die?

```
ping -t 1.2.3.4
```

Replace 1.2.3.4 with a host on the VPN end of the network and one to the internet, say 8.8.8.8 (one of google's dns servers.)


----------



## newconroer (Dec 31, 2013)

I did continuous ping on another device in the network and a Google DNS server.

At forty-one minutes I browsed several web pages and the connection was still working.
My network address pings have timed out a handful of times, but never back to back or close together. The Google DNS never timed out it seems.

I did notice though that when watching a Youtube video, my pings shot up quite drastically.

I am going to stop one of the pings and see what happens.


----------



## newconroer (Dec 31, 2013)

I stopped the internal ping, connectivity remained.
I stopped the second ping (DNS server) and the connection died out a bit later with the same inactivity message from VPN log.


----------



## Aquinus (Dec 31, 2013)

newconroer said:


> I stopped the internal ping, connectivity remained.
> I stopped the second ping (DNS server) and the connection died out a bit later with the same inactivity message from VPN log.


I would disable an power saving for the wireless adapter to make sure it isn't falling asleep when the connection is idle.


----------



## newconroer (Dec 31, 2013)

Adapter settings are listed below. Cannot see anything obvious that should or should not be enabled/disabled.

Viscosity /VPN adapter -  The only thing that seemed of interest was the 'Media State,' which was set to Application Managed. I have changed it to Always Connected though the other working computer had it at Application Managed.

In the Power Plan for Windows, Wireless Adapters are set to Maximum Performance mode.


----------



## newconroer (Dec 31, 2013)

I wanted to present a quick log file, unfortunately cannot  :

With the VPN adapter's "Media State" to Always Connected instead of Application Managed, It went for about two hours and then did a soft reset of the connection. Where as before it mentioned inactivity, now it only had the two lines :

_Dec 30 01:45:43: SIGUSR1[soft,ping-restart] received, process restarting
Dec 30 01:45:43: State changed to Connecting
_

It then tried to reconnect - as it always does. It never actually makes it though, and eventually it gave up and officially disconnected.
Dormant for about another hour, I woke the computer about twenty minutes later I woke the computer and it connected again (I have the options set for it to reconnect when computer wakes). I browsed for a few minutes with no problems and then the computer froze taking the log with it.


----------



## remixedcat (Dec 31, 2013)

I think the VPN software is way too touchy.


----------



## Steevo (Dec 31, 2013)

Most have a idle timeout as part of the security features, it prevents VPN data replay and MITM attacks on VPN tunnels, disable it or increase the timeout setting.


----------



## newconroer (Dec 31, 2013)

remixedcat said:


> I think the VPN software is way too touchy.


Seems that way. I rebooted the computer and tried again. This time, got the inactivity error and disconnect like before.
So the Media State setting is not relevant it seems.



Steevo said:


> Most have a idle timeout as part of the security features, it prevents VPN data replay and MITM attacks on VPN tunnels, disable it or increase the timeout setting.



In terms of a lease, see end of this line :

Dec 30 04:38:40: Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.179.13/255.255.255.252 on interface {7705A231-89E9-48A1-B0BC-289AFC23A14D} [DHCP-serv: 192.168.179.14, *lease-time: 31536000]*

I do not know what that number equates too, however there's a few things to consider.

A) On this machine, I haven't any disconnects like that - yet the VPN settings are the same.
B) The client has an option to disconnect clients after XX amount of time. That feature is not checked.

I wish it was that simple!

Here's all the client options:






There's a comment elsewhere that reads :

_The restart is occuring because a keepalive ping was not received during 
the required time interval.

This usually happens because of short-term network outages. You can make 
OpenVPN less sensitive to network outages by using a large keepalive 
timeout. For example,

keepalive 10 600

will send a ping every 10 seconds, but only restart if a ping hasn't been 
received from the peer for 10 minutes._


Also appended with :

_I’ve been seeing bizarre problems with my openvpn client (on linux) over the last couple of days. It would connect, and I could access the network, but the VPN would regularly restart itself and connections would be closed, seeing messages like

Tue May 22 13:19:43 2012 [OpenVPN_Server] Inactivity timeout (--ping-restart), restarting
Tue May 22 13:19:43 2012 TCP/UDP: Closing socket

I saw these problems when I tried my profile on several different computers.

I was unable to find anything on the internet about this (possibly my google fu was weak), but we’ve finally managed to track down the problem. I thought I’d put this here in case other people had the same issue.

This seems to happen when you’re running two openvpn clients with the same profile from different computers. I have two computers I use, and I’d left one idle running the VPN client. When I then tried to connect to the VPN from the other computer I would see this behaviour. I then (foolishly) left that computer trying to use the VPN when I went back to the first computer, so now the problem had mysteriously appeared there too.

http://serverfault.com/questions/104154/why-is-duplicate-cn-not-recommended-in-openvpn_

Might be on to something, but the first computer and the Android device are never affected by the status of the second computer.


----------



## remixedcat (Dec 31, 2013)

persist local and persist remote ip... check these.


----------



## newconroer (Dec 31, 2013)

No dice. Both or just one at a time, still crashes. And accessing my network internally with the VPN running, gives an error in the VPN log about failed to access shared folders .. as if it's affecting the traffic internally.
Of course only from that computer; from the other side, I can have the VPN running and access the network.


----------



## remixedcat (Dec 31, 2013)

are the settings the same on all devices?


----------



## newconroer (Dec 31, 2013)

Yes on the two computers.


----------



## remixedcat (Dec 31, 2013)

Have you also made sure your drivers are updated as well?


----------



## newconroer (Jan 1, 2014)

Yes, reinstalled them anyways - no change.

Here is log from this morning's attempt : 


Jan 01 01:07:39: State changed to Connecting
Jan 01 01:07:39: Viscosity 1.0.0 (1034)
Jan 01 01:07:39: Running on Microsoft Windows 7 Ultimate 
Jan 01 01:07:41: Bringing up interface...
Jan 01 01:07:45: Checking reachability status of connection...
Jan 01 01:07:45: Connection is reachable. Starting connection attempt.
Jan 01 01:07:46: OpenVPN 2.3.2 Windows-MSVC [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Dec 13 2013
Jan 1 01:07:48: Attempting to establish TCP connection with [AF_INET]109.123.107.155:443 [nonblock]
Jan 1 01:07:49: TCP connection established with [AF_INET]109.123.107.155:443
Jan 1 01:07:49: TCPv4_CLIENT link local: [undef]
Jan 1 01:07:49: TCPv4_CLIENT link remote: [AF_INET]109.123.107.155:443
Jan 1 01:07:49: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jan 1 01:07:50: [*.earthvpn.com] Peer Connection Initiated with [AF_INET]109.123.107.155:443
Jan 1 01:07:56: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Jan 1 01:07:56: open_tun, tt->ipv6=0
Jan 1 01:07:56: TAP-WIN32 device [Viscosity] opened: \\.\Global\{7E508408-B72F-4EE9-B087-D31365C936F2}.tap
Jan 1 01:07:56: Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.179.21/255.255.255.252 on interface {7E508408-B72F-4EE9-B087-D31365C936F2} [DHCP-serv: 192.168.179.22, lease-time: 31536000]
Jan 1 01:07:56: Successful ARP Flush on interface [15] {7E508408-B72F-4EE9-B087-D31365C936F2}
*Jan 1 01:07:56: Options error: unknown --redirect-gateway flag: def*
Jan 1 01:08:02: Initialization Sequence Completed
Jan 01 01:08:02: State changed to Connected
*Jan 1 01:10:50: read TCPv4_CLIENT: Connection timed out (WSAETIMEDOUT) (code=10060)*
Jan 1 01:10:50: Connection reset, restarting [-1]
Jan 1 01:10:50: SIGUSR1[soft,connection-reset] received, process restarting
Jan 01 01:10:50: State changed to Connecting

The first bold could be unimportant, though the second is interesting because it says timed out instead of inactivity.


----------



## Steevo (Jan 2, 2014)

The first bold is a configuration item on one end of the VPN trying to set the VPN endpoint as the default gateway for all traffic. 

http://msdn.microsoft.com/en-us/library/windows/desktop/ms740668(v=vs.85).aspx

The second error is due to the connection timing out after it drops. I am guessing that if you remove the default gateway rule it will fix the issues, there may be rules in effect at the remote end that prevent communications and then windows/drvice driver is resetting the network adapter and it drops the VPN.


----------



## newconroer (Jan 2, 2014)

Hey Steevo,

That sounds promising. How would I remove the gateway rule?
Here is an example of one of the config files.

#-- Config Auto Generated By Viscosity --#

#viscosity protocol openvpn
#viscosity name EarthVPN-USA-LosAngeles2
#viscosity autoupdate false
#viscosity device OpenVPN
remote los2-us.earthvpn.com 80 tcp-client
pull
auth-user-pass
tls-client
persist-key
ca ca.crt
nobind
persist-tun
dev tun
remote-cert-tls server
cipher AES-128-CBC
reneg-sec 0
auth SHA1
resolv-retry infinite
route-delay 5


----------



## Steevo (Jan 3, 2014)

Somewhere it will say something about the remote or default gateway update for all traffic, and or it may be a check box, or simply a option to force all VPN traffic through the remote gateway, or only routed traffic. 

Server side there should show rule violations before the drop for at least your primary VPN IP that will give the reason or rule that is causing the issue or configuration problem.


----------



## newconroer (Jan 3, 2014)

Hi Steevo, only options are the ones I put in screenshots several posts above.
There is a tick option for route all traffic over VPN, though that did not solve it.

As for server side - I have asked them but since they don't keep logs, how would they know?


----------



## Aquinus (Jan 3, 2014)

Connect and do a traceroute to any address, that will tell you very quickly if the VPN is changing your default gateway. I'm pretty sure that you need to specify it for it to use a gateway on the other end of the VPN. I use OpenVPN for work and it never changes my default gateway. It does however change my primary DNS server which does make a difference when connecting to resources inside the VPN network since there certain names only resolve to the internal address when you use the DNS server inside the network that we run, but that's in my case.

Considering it only happens when you use the wireless network adapter, I'm inclined to believe that something is happening with the adapter itself.


----------



## newconroer (Jan 4, 2014)

Hey Aquinus,

I am one step ahead of you. After reinstalling the client, I have enabled 'route all traffic' and the connection has held for over two hours.
In most cases VPN should automatically route all traffic. it’s possible that with wireless connections this is not happening by default and thus requires you to force it to route all traffic. 


What you said about the change of DNS though might also be of interest to me. I have noticed that when the VPN is connected I cannot browse network shares however I can still connect if I create a manual path/shortcut. I thought this might have something to do with DNS and the VPN not making an exception for local traffic (like you see in IE proxy settings).


----------



## Steevo (Jan 4, 2014)

Switch to Open DNS as it will redirect back to internal addresses. 

I was going to suggest the same thing, the adapter may be the weakest link here, or the drivers.


----------



## newconroer (Jan 4, 2014)

Already using open DNS and ensured the VPN adapter is using it as well.
Unfortunately doesn't change the internal network browsing. I may figure it out eventually though just happy to have seemingly solved the VPN issue, and I can still direct connect over network.


----------

