AirVPN Disconnects every half hour

[Sanctioner 3]

I have openvpn running on Fedora 28 Server.  It's setup as a router controlling my network.  I can connect fine and share the connection to all of my devices, but every half hour it goes down.  I found this in my logs the moment it disconnects.

 

Aug 27 21:42:46 xxxxxxxx openvpn[26729]: TLS: soft reset sec=0 bytes=67315645/-1 pkts=76825/0
Aug 27 21:42:46 xxxxxxxx openvpn[26729]: Error opening 'Auth' auth file: /etc/openvpn/client/airvpn.proxyauth: Permission denied (errno=13)
Aug 27 21:42:46 xxxxxxxx openvpn[26729]: Exiting due to fatal error

[...]

Aug 27 21:42:46 xxxxxxxx openvpn[26729]: Closing TUN/TAP interface
Aug 27 21:42:46 xxxxxxxx openvpn[26729]: /sbin/ip addr del dev tun0 10.22.149.39/24
Aug 27 21:42:46 xxxxxxxx openvpn[26729]: RTNETLINK answers: Operation not permitted
Aug 27 21:42:46 xxxxxxxx openvpn[26729]: Linux ip addr del failed: external program exited with error status: 2
Aug 27 21:42:46 xxxxxxxx named[8605]: no longer listening on 10.22.149.39#53
Aug 27 21:42:46 xxxxxxxx NetworkManager[790]: <info>  [1535420566.1599] device (tun0): state change: activated -> unmanaged (reason 'unmanaged', internal state 'removed')
Aug 27 21:42:46 xxxxxxxx dbus-daemon[769]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.4' (uid=0 pid=790 comm="/usr/sbin/NetworkManager --no-daemon " label="system_u:system_r:NetworkManager_t:s0")
Aug 27 21:42:46 xxxxxxxx openvpn[26729]: PLUGIN_CALL: POST /usr/lib64/openvpn/plugins/openvpn-plugin-down-root.so/PLUGIN_DOWN status=0
Aug 27 21:42:46 xxxxxxxx systemd[1]: openvpn-client@airvpn.service: Main process exited, code=exited, status=1/FAILURE
Aug 27 21:42:46 xxxxxxxx audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=openvpn-client@airvpn comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Aug 27 21:42:46 xxxxxxxx systemd[1]: openvpn-client@airvpn.service: Unit entered failed state.
Aug 27 21:42:46 xxxxxxxx systemd[1]: openvpn-client@airvpn.service: Failed with result 'exit-code'.
Aug 27 21:42:46 xxxxxxxx systemd[1]: Starting Network Manager Script Dispatcher Service...
Aug 27 21:42:46 xxxxxxxx dbus-daemon[769]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Aug 27 21:42:46 xxxxxxxx systemd[1]: Started Network Manager Script Dispatcher Service.
Aug 27 21:42:46 xxxxxxxx audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Aug 27 21:42:46 xxxxxxxx nm-dispatcher[26990]: req:1 'down' [tun0]: new request (6 scripts)
Aug 27 21:42:46 xxxxxxxx nm-dispatcher[26990]: req:1 'down' [tun0]: start running ordered scripts... 

 

 

It can't read the auth file.  I think it's because it's running as "nobody", as widely recommended.

 

Here is my setup.  It is mostly taken from the auto-generated configs in the client area, but a script i have makes a few changes to it.  here is the final setup.

 

client
dev tun0
remote 142.0.47.36 443
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
route-delay 5
verb 3
auth-user-pass /etc/openvpn/client/airvpn.proxyauth
auth-nocache
script-security 2
up /etc/openvpn/client/client.up
plugin /usr/lib64/openvpn/plugins/openvpn-plugin-down-root.so /etc/openvpn/client/client.down
user nobody
group nobody
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
proto tcp
key-direction 1

 

 

and the permissions

 

drwxr-x---. 2 root openvpn 4096 Aug 27 21:52 .
drwxr-xr-x. 4 root root      51 Aug 18 11:39 ..
-rw-r--r--. 1 root root    9285 Aug 25 21:52 airvpn.conf
-rw-------. 1 root root      21 Apr 28 23:21 airvpn.proxyauth

 

 

Can anyone help find out why this happens, or if there's a better way to connect that'll survive a reconnection attempt?
 

Thanks,

sanc