|
|
> First fix the system clocks. > > Bad time can cause TLS problems. I appreciate the suggestion - the logs were a little misleading because the snippets were not exactly syncronized but I checked the time and it was accurate within a second or so. A little further information from a packet capture on the client workstation: this is what is happening in order: 1. the client sends a packet to the server at xxx.xxx.74.71:4444 (this is correct) 2. ISA Server receives the packet and NATs it to 192.168.0.34:4444 2. server responds but packet exits the ISA Server on xxx.xxx.64.46 with a destination of the client public IP on port 7238* 3. the client firewall (monowall) receives the packet and NATs it to 192.168.236.24:7238* 4. client receives the packet and responds with ICMP (port unreachable) to the server address of xxx.xxx.64.46 *this port number increments periodically in the range 7000-8000. ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2008-01/msg00024.html on line 197 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2008-01/msg00024.html on line 197 |