Re: [Openvpn-users] Errors with multiple clients at same time

  • From: Mathias Sundman <mathias@xxxxxxxxxx>
  • Date: Wed, 11 Jan 2006 19:01:55 +0100 (CET)

On Wed, 11 Jan 2006, Ben Pratt wrote:

Ben wrote:
Mathias Sundman wrote:
On Sun, 8 Jan 2006, Ben wrote:

Mathias Sundman wrote:
On Sun, 8 Jan 2006, Ben wrote:

Hello again, now that I've gotten the Ubuntu client issues worked out
I'm running into another issue so I'm turning to the group for help.

Now I'm having the problem that if more than one client connects to the server only one can be active at a time. The server then starts spewing out "local/remote TLS keys are out of sync" errors for the other client. I did some looking on the mailing lists and now have the server pushing a ping-restart command to the client every 60 seconds but as soon as a dead client restarts the server starts throwing out a "local/remote TLS keys are out of sync" for the other client and this keeps going in a cycle.
Make sure each client has it's own unique certificate, or you need to
enable --duplicate-cn on the server.
Each client does have a unique certificate and key. I created the client
certificates as stated on http://openvpn.net/howto.html#pki

One of the clients uses ca.crt, client1.crt, and client1.key while the
other client uses ca.crt, client2.crt, and client2.key.
Okay, then showing us the openvpn server log would be useful.
Here it is. The IPs have been changed to protect the innocent.

Apparently the log file was of no value. Fortunately I was able to resolve the issue last night.

You're right, I could not spot the problem from reading the log, but I might have overlooked something.

If anyone runs a crossed this problem in the future please feel free to
drop me a note and I'd be happy to work out the problem with you.

Please let us know what the problem was as I'm curious, and it good for the list archive to close threads with the solution.

