[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)

Subject: Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)
From: James Yonan <jim@xxxxxxxxx>
Date: Tue, 07 Feb 2006 19:56:42 -0700

Cameron Gocke wrote:

On 2/2/06, Ben Scott <dragonhawk@xxxxxxxxx> wrote:

On 2/2/06, Cameron Gocke <livedrive777@xxxxxxxxx> wrote:

One of the things throwing me for a loop is that these errors are happening in my server log not my clients.

 From what I understand, OpenVPN is basically a peer-to-peer design.
The client/server mode is mainly used as an administrative
convenience, to simply things like tunnel configuration.  Once the
tunnel is up and running, I believe the client/server distinction
largely disappears.  So it could well be that something is going
wrong, and then when something on the server side of the tunnel tries
to transmit, the server notices and logs the problem.

Since the log doesn't indicate what session the error applies to I don't know who or what exactly it thinks it has lost its connection to.

 That does make things more difficult.  But, with my logs on my
server, most of the connection-specific log entries include client IP
address, port number, and name.  For example (names and addresses
changed to protect the guilty):

Feb  1 13:57:14 server openvpn[314]: LAPTOP128/192.168.15.16:1192 Data
Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key

 "LAPTOP128" being the pretend client here, with IP address
192.168.15.16 and port 1192.  You're not seeing that, I take it?

Now, my firewall doesn't allow any outbound traffic from my OpenVPN server (which is in my DMZ), but I wouldn't think that it would need to since all of the connections originate from the clients.

 Your firewall might not be recognizing the OpenVPN session for what
it is (UDP being stateless), or timing out the connection, or some
such thing.  You might try adding an explicit firewall rule that
permits the OpenVPN server to send any packet with an OpenVPN as the
source port.

Is there anything else that could cause this that I'm still not getting?

 Probably.  ;-)

-- Ben


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

That is correct, the exact error taken from the log is this:

Thu Feb 02 15:15:41 2006 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)

This error (when in the server log file) usually means that the network path between client and server has been interrupted. It can also occur during normal operation when a UDP client disconnects from the server, before the server has timed out the client instance.

James


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-02/msg00140.html on line 238

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-02/msg00140.html on line 238