Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 3 subscribers
  • Views 12851 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Open VPN - Too many open files

paul-bot

Hi,

We have UTM 9 (9.501-5) deployed in AWS for VPN purposes and it was working fine for about 1 year, but since a few weeks now we're having major problems.  Every day the VPN becomes unresponsive and in the openvpn.log files we see thousands of lines like this:

2017:09:21-01:00:43 vpn openvpn[6974]: TCP: accept(7) failed: Too many open files (errno=24)

Rebooting the machine clears the problem, but anywhere between 4 and 24 hours later it happens again.

A contact at Sophos suggested we update to the latest version which we did, but the problem remains.

Has anyone else had a similar problem or any idea of a solution?

Best regards

Paul



This thread was automatically locked due to age.
Parents
  • 0

    Hi, Paul, and welcome to the UTM Community!

    I don't know how to do it, but maybe restarting the OpenVPN service at the command line would be better/faster than a reboot.  Please let us know if there is such a workaround.

    I prefer IPsec using the "AES-128 PFS" Policy with X509 certificates, so I haven't developed too many tricks with OpenVPN for Site-to-Site.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    Hi, Paul, and welcome to the UTM Community!

    I don't know how to do it, but maybe restarting the OpenVPN service at the command line would be better/faster than a reboot.  Please let us know if there is such a workaround.

    I prefer IPsec using the "AES-128 PFS" Policy with X509 certificates, so I haven't developed too many tricks with OpenVPN for Site-to-Site.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML