[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Assertion failed at crypto.c:149

  • Subject: Re: [Openvpn-users] Assertion failed at crypto.c:149
  • From: Jon Bendtsen <jon.bendtsen@xxxxxxxxxx>
  • Date: Wed, 2 Jun 2004 16:33:44 +0200
Den 2. jun 2004, kl. 16:18, skrev James Yonan:

Jon Bendtsen <jon.bendtsen@xxxxxxxxxx> said: 

[cut]

One could say that of course the link dies when it isnt used, but what
i dont like is that it dies with an assertion error.
It could say "link unused, closing"

Actually, that error has nothing to do with the fact that the link is mostly
unused.

It looks like some kind of framing or dynamic buffer sizing error that should
have been caught before the code hit the assertion. Take a look at the
"WARNING: Actual Remote Options ..." message above. That shows an
inconsistency in the MTU values being used on either side of the connection.
That's most likely the culprit.

It would help if you shared your config files, with suitable address masking
of course. 

The config files are stolen from the 2.0 releasenotes

the client.conf:


#########################################
# Sample client-side OpenVPN config file
# for connecting to multi-client server.
#
# The server can be pinged at 10.8.0.1.
#
# This configuration can be used by multiple
# clients, however each client should have
# its own cert and key files.
#
# tun-style tunnel

port 5000
dev tun0
remote <server ip>

# TLS parms

tls-client
ca sample-keys/tmp-ca.crt
cert sample-keys/client.crt
key sample-keys/client.key

# This parm is required for connecting
# to a multi-client server.  It tells
# the client to accept options which
# the server pushes to us.
pull


verb 4



the server.conf:

########################################
# Sample OpenVPN config file for
# multi-client udp server
#
# tun-style tunnel

port 5000
dev tun

# TLS parms

tls-server
ca sample-keys/tmp-ca.crt
cert sample-keys/server.crt
key sample-keys/server.key
dh sample-keys/dh1024.pem

# Tell OpenVPN to be a multi-client udp server
mode server


# The server's virtual endpoints
ifconfig 10.8.0.1 10.8.0.2

# Pool of /30 subnets to be allocated to clients.
# When a client connects, an --ifconfig command
# will be automatically generated and pushed back to
# the client.
ifconfig-pool 10.8.0.4 10.8.0.255

# Push route to client to bind it to our local
# virtual endpoint.
push "route 10.8.0.1 255.255.255.255"

# Delete client instances after some period
# of inactivity.
inactive 600

# Route the --ifconfig pool range into the
# OpenVPN server.
route 10.8.0.0 255.255.255.0

# The server doesn't need privileges
user nobody
group nogroup


verb 4






JonB