[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Help with diagnosing openwrt problem


  • Subject: [Openvpn-users] Help with diagnosing openwrt problem
  • From: Alex Samad <alex@xxxxxxxxxxxx>
  • Date: Tue, 30 Oct 2007 21:53:59 +1100

Hi

I have been running openvpn on a couple of openwrt servers, I recently upgraded 
one of these boxes.

On the box I run 3 instances of openvpn.

1 old style, secret key
2 as a client
3 as a multi server


haven't tested 1 - don't really care about this one.

2 - work fine - in client mode
3 - has lots of problems the server starts, the problem occurs when the client 
attempts to connect 



the config file for the server
==============================
port 563
proto tcp-server
dev tap0

ca ca.crt
cert server.crt
key server.key  # This file should be kept secret

dh dh2048.pem

local 60.242.62.137
server 192.168.4.248 255.255.255.248
ifconfig-pool-persist sydrt04-563.txt
push "route 192.168.4.0 255.255.252.0"
#client-to-client
keepalive 10 120
comp-lzo
max-clients 5
persist-key
persist-tun
status /etc/openvpn/sydrt04-563.openvpn-status.log
verb 9

#client-config-dir /etc/openvpn/ccd
client-connect /etc/openvpn/sydrt04-up.sh
client-disconnect /etc/openvpn/sydrt04-down.sh

logfile output
=============
Oct 30 21:22:47 sydrt04 daemon.notice openvpn-sydrt04[2621]: OpenVPN 2.0.9 
mipsel-linux [SSL] [LZO] [EPOLL] built on Oct 28 2007
Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2621]: TUN/TAP device 
tap0 opened
Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2621]: /sbin/ifconfig 
tap0 192.168.4.249 netmask 255.255.255.248 mtu 1500 broadcast 192.168.4.255
Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: Listening for 
incoming TCP connection on 60.242.62.137:563
Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: TCPv4_SERVER link 
local (bound): 60.242.62.137:563
Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: TCPv4_SERVER link 
remote: [undef]
Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: Initialization 
Sequence Completed
Oct 30 21:45:01 sydrt04 daemon.notice openvpn-sydrt04[2626]: SIGTERM[hard,] 
received, process exiting
Oct 30 21:45:01 sydrt04 daemon.notice openvpn-sydrt04[2738]: OpenVPN 2.0.9 
mipsel-linux [SSL] [LZO] [EPOLL] built on Oct 28 2007
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: Diffie-Hellman 
initialized with 2048 bit key
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TLS-Auth MTU parms 
[ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TUN/TAP device 
tap0 opened
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TUN/TAP TX queue 
length set to 100
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: /sbin/ifconfig 
tap0 192.168.4.249 netmask 255.255.255.248 mtu 1500 broadcast 192.168.4.255
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: Data Channel MTU 
parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Listening for 
incoming TCP connection on 60.242.62.137:563
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Socket Buffers: 
R=[87380->131072] S=[16384->131072]
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
local (bound): 60.242.62.137:563
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
remote: [undef]
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: multi_init 
called, r=256 v=256
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: IFCONFIG POOL: 
base=192.168.4.250 size=5
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: IFCONFIG POOL LIST
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
client1,192.168.4.250
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
client2,192.168.4.251
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: TCP INIT 
maxclients=5 maxevents=9
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Initialization 
Sequence Completed



for the client
==============
client
dev tap3

proto tcp-client

remote openvpn.barbarast.com 563	

resolv-retry infinite
nobind
persist-key
persist-tun

#http-proxy www-proxy.sno.cpqcorp.net 8080
comp-lzo
verb 9

ca /etc/openvpn/bblxfw01-ca.crt
cert /etc/openvpn/bblxfw01-client2.crt
key /etc/openvpn/bblxfw01-client2.key
ns-cert-type server


up /etc/openvpn/bblxfw01-up.sh
down /etc/openvpn/bblxfw01-down.sh

logfile for client
==================
Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: Attempting to establish TCP 
connection with 60.242.62.137:563
Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCP connection established 
with 60.242.62.137:563
Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: Socket Buffers: 
R=[43689->131072] S=[16384->131072]
Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT link local: 
[undef]
Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT link remote: 
60.242.62.137:563
Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT read returned 
14
Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT READ [14] from 
60.242.62.137:563: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=b05476ba 1137c1c6 [ 
] pid=0 DATA Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TLS: Initial 
packet from 60.242.62.137:563, sid=b05476ba 1137c1c6
Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [26] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
0 sid=b05476ba 1137c1c6 ] pid=0 DATA Oct 30 21:47:54 sydrt02 kern.notice 
openvpn[13170]: TCPv4_CLIENT write returned 28
Oct 30 21:47:55 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:47:57 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:47:57 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:47:57 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:47:57 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:47:58 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:47:59 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:47:59 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:47:59 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:47:59 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:00 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:01 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:01 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:01 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:01 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:02 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:03 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:03 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:03 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:03 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:04 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:05 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:05 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:05 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:06 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:07 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:07 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:07 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:07 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:08 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:09 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:09 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:09 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:09 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:10 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:11 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:11 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:11 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:11 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:12 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:13 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:13 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:13 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:13 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:14 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:16 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:16 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:16 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:16 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:17 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:18 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:18 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:18 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:18 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:19 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:20 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:20 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:20 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:20 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:21 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:22 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:22 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:22 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:22 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:23 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:24 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:24 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:24 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:24 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:25 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:26 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:26 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:26 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:26 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:27 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:28 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:28 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:28 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:28 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:29 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:30 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:30 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:30 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:30 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:31 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:32 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:32 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:32 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:32 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:33 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:34 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:34 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:34 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
] pid=0 DATA Oct 30 21:48:34 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
write returned 16
Oct 30 21:48:35 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:36 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
Oct 30 21:48:36 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
Oct 30 21:48:36 sydrt02 kern.notice openvpn[13170]: TCPv


The output on the server
================================
Oct 30 21:22:47 sydrt04 daemon.notice openvpn-sydrt04[2621]: OpenVPN 2.0.9 
mipsel-linux [SSL] [LZO] [EPOLL] built on Oct 28 2007
Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2621]: TUN/TAP device 
tap0 opened
Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2621]: /sbin/ifconfig 
tap0 192.168.4.249 netmask 255.255.255.248 mtu 1500 broadcast 192.168.4.255
Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: Listening for 
incoming TCP connection on 60.242.62.137:563
Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: TCPv4_SERVER link 
local (bound): 60.242.62.137:563
Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: TCPv4_SERVER link 
remote: [undef]
Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: Initialization 
Sequence Completed
Oct 30 21:45:01 sydrt04 daemon.notice openvpn-sydrt04[2626]: SIGTERM[hard,] 
received, process exiting
Oct 30 21:45:01 sydrt04 daemon.notice openvpn-sydrt04[2738]: OpenVPN 2.0.9 
mipsel-linux [SSL] [LZO] [EPOLL] built on Oct 28 2007
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: Diffie-Hellman 
initialized with 2048 bit key
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TLS-Auth MTU parms 
[ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TUN/TAP device 
tap0 opened
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TUN/TAP TX queue 
length set to 100
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: /sbin/ifconfig 
tap0 192.168.4.249 netmask 255.255.255.248 mtu 1500 broadcast 192.168.4.255
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: Data Channel MTU 
parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Listening for 
incoming TCP connection on 60.242.62.137:563
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Socket Buffers: 
R=[87380->131072] S=[16384->131072]
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
local (bound): 60.242.62.137:563
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
remote: [undef]
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: multi_init 
called, r=256 v=256
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: IFCONFIG POOL: 
base=192.168.4.250 size=5
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: IFCONFIG POOL LIST
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
client1,192.168.4.250
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
client2,192.168.4.251
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: TCP INIT 
maxclients=5 maxevents=9
Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Initialization 
Sequence Completed
root@sydrt04:~# logread  -f  | grep openvpn-sydrt04
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: 
multi_create_instance called
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Re-using SSL/TLS 
context
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: LZO compression 
initialized
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Control Channel 
MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Data Channel MTU 
parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options 
String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
2,tls-server'
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
2,tls-client'
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options hash 
(VER=V4): '3e6d1056'
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
Options hash (VER=V4): '31fdf004'
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCP connection 
established with 220.233.120.185:2308
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Socket Buffers: 
R=[131072->131072] S=[131072->131072]
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
local: [undef]
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
remote: 220.233.120.185:2308
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
220.233.120.185:2308  event_wait returned 2
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
220.233.120.185:2308 TCPv4_SERVER WRITE [14] to 220.233.120.185:2308: 
P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=b05476ba 1137c1c6 [ ] pid=0 DATA Oct 
30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: 220.233.120.185:2308 
TCPv4_SERVER write returned 16
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  read from TUN/TAP 
returned 90
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  event_wait 
returned 2
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  read from TUN/TAP 
returned 78
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  event_wait 
returned 2
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  read from TUN/TAP 
returned 110
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  event_wait 
returned 2
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  read from TUN/TAP 
returned 90
Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  event_wait 
returned 1



and on the server if i restart the client
=========================================
Oct 30 21:50:12 sydrt04 daemon.err openvpn-sydrt04[2743]: TCP: accept(6) 
failed: Resource temporarily unavailable (errno=11)
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: 
multi_create_instance called
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Re-using SSL/TLS 
context
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: LZO compression 
initialized
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Control Channel 
MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Data Channel MTU 
parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options 
String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
2,tls-server'
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
2,tls-client'
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options hash 
(VER=V4): '3e6d1056'
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
Options hash (VER=V4): '31fdf004'
Oct 30 21:50:12 sydrt04 daemon.err openvpn-sydrt04[2743]: TCP: accept(6) 
failed: Resource temporarily unavailable (errno=11)
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: 
multi_create_instance called
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Re-using SSL/TLS 
context
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: LZO compression 
initialized
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Control Channel 
MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Data Channel MTU 
parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options 
String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
2,tls-server'
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
2,tls-client'
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options hash 
(VER=V4): '3e6d1056'
Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
Options hash (VER=V4): '31fdf004'


and what  I see on the client (on the second go around)
=======================================================
Tue Oct 30 21:50:11 2007 us=626728 OpenVPN 2.0.5 mipsel-linux [SSL] [LZO] 
[EPOLL] built on Mar 26 2006
Tue Oct 30 21:50:11 2007 us=632833 IMPORTANT: OpenVPN's default port number is 
now 1194, based on an official port number assignment by IANA.  OpenVPN 
2.0-beta16 and earlier used 5000 as the default port.
Tue Oct 30 21:50:11 2007 us=668584 LZO compression initialized
Tue Oct 30 21:50:11 2007 us=676195 Control Channel MTU parms [ L:1576 D:140 
EF:40 EB:0 ET:0 EL:0 ]
Tue Oct 30 21:50:11 2007 us=682680 Data Channel MTU parms [ L:1576 D:1450 EF:44 
EB:135 ET:32 EL:0 AF:3/1 ]
Tue Oct 30 21:50:11 2007 us=686901 Local Options String: 'V4,dev-type 
tap,link-mtu 1576,tun-mtu 1532,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth 
SHA1,keysize 128,key-method 2,tls-client'
Tue Oct 30 21:50:11 2007 us=690199 Expected Remote Options String: 'V4,dev-type 
tap,link-mtu 1576,tun-mtu 1532,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth 
SHA1,keysize 128,key-method 2,tls-server'
Tue Oct 30 21:50:11 2007 us=691706 Local Options hash (VER=V4): '31fdf004'
Tue Oct 30 21:50:11 2007 us=692815 Expected Remote Options hash (VER=V4): 
'3e6d1056'
Tue Oct 30 21:50:11 2007 us=694843 Attempting to establish TCP connection with 
60.242.62.137:563
Tue Oct 30 21:50:11 2007 us=745030 TCP connection established with 
60.242.62.137:563
Tue Oct 30 21:50:11 2007 us=745760 Socket Buffers: R=[43689->131072] 
S=[16384->131072]
Tue Oct 30 21:50:11 2007 us=746577 TCPv4_CLIENT link local: [undef]
Tue Oct 30 21:50:11 2007 us=747253 TCPv4_CLIENT link remote: 60.242.62.137:563
Tue Oct 30 21:50:11 2007 us=748784  event_wait returned 1
Tue Oct 30 21:50:11 2007 us=750103 TCPv4_CLIENT WRITE [14] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=f7ef25b8 fdf953ff [ 
] pid=0 DATA Tue Oct 30 21:50:11 2007 us=751377 TCPv4_CLIENT write returned 16
Tue Oct 30 21:50:11 2007 us=811024  event_wait returned 1
Tue Oct 30 21:50:11 2007 us=811781 TCPv4_CLIENT read returned 14
Tue Oct 30 21:50:11 2007 us=812894 TCPv4_CLIENT READ [14] from 
60.242.62.137:563: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=6e64fc7c 3162a68e [ 
] pid=0 DATA Tue Oct 30 21:50:11 2007 us=813836 TLS: Initial packet from 
60.242.62.137:563, sid=6e64fc7c 3162a68e
Tue Oct 30 21:50:11 2007 us=814774  event_wait returned 1
Tue Oct 30 21:50:11 2007 us=816159 TCPv4_CLIENT WRITE [26] to 
60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=f7ef25b8 fdf953ff [ 
0 sid=6e64fc7c 3162a68e ] pid=0 DATA Tue Oct 30 21:50:11 2007 us=817410 
TCPv4_CLIENT write returned 28
Tue Oct 30 21:50:12 2007 us=889947  event_wait returned 0
Tue Oct 30 21:50:13 2007 us=102497  event_wait returned -1
Tue Oct 30 21:50:13 2007 us=103216 event_wait : Interrupted system call 
(code=4)
Tue Oct 30 21:50:13 2007 us=106633 TCP/UDP: Closing socket
Tue Oct 30 21:50:13 2007 us=107959 SIGINT[hard,] received, process exiting


When I do a tcpdump, there are no missing packets, it just seems like the 
server doesn't accept the tls stuff ??????

I am at a loss what to do now.

One thing that has changed, because this server setup used to work on the 
previous box I had (before the upgrade), the host name of the machine has 
changed ( the server), but all the certs are in the right places and the expire 
dates are in 2015 

Help !


Thanks
Alex

Attachment: signature.asc
Description: Digital signature