[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)

  • Subject: Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)
  • From: Ben Scott <dragonhawk@xxxxxxxxx>
  • Date: Thu, 2 Feb 2006 16:05:21 -0500
On 2/2/06, Don Boling <don.boling@xxxxxxxxx> wrote:
> I have 2 tunnels going... first I am running on XP in server mode on one
> end and it is the CA for my vpn... I have clients connecting to it just fine...
> ca.crt is the CA cert file for OpenSSL ...

  (PKI = Public Key Infrastructure.)

  The CA is independent of the OpenVPN server.  Indeed, the OpenVPN
server will be a PKI client of the CA; all the other OpenVPN clients
will be PKI peers with the OpenVPN server.  So the OpenVPN server
should be load a CA certificate, it's own certificate, and it's own
key (but not the CA key).

  (This may be what you're doing, but it's worth clarifying/checking.)

> The new one is trying to connect(client mode) to another OVPN server
> on a Windows2000 server on the internet that I setup. It is using a
> different port number than the first AND when I created the CA on the
> Win2000 svr , I used a different filename for the CA on
> that one, so that I can have the different ca.crt files on my XP box
> without getting them confused. So now when I try to connect to
> the second OVPN on the Win2000 svr, I get this error as well. I
> believe it is because the TLS handshake is failing...
> maybe due to my different filenames for the ca.crt's

  As long as you updated the *.ovpn config file to reference the
correct key, certificate, and CA certificate files, that should work. 
Make sure you changed the port number in the config file on *both*
OpenVPN nodes.  Also, make sure you're using the same CA for both
OpenVPN nodes.

  FWIW, you could also use the same CA and key for both OpenVPN server
instances, if you want.

-- Ben


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-02/msg00035.html on line 214

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-02/msg00035.html on line 214