[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Help with diagnosing openvpn problem


  • Subject: Re: [Openvpn-users] Help with diagnosing openvpn problem
  • From: Alex Samad <alex@xxxxxxxxxxxx>
  • Date: Tue, 30 Oct 2007 21:58:57 +1100

Hi

Sorry for the resend, been looking at this for over 8 hours and wrote the wrong 
subject 


Thanks

On Tue, Oct 30, 2007 at 09:53:59PM +1100, Alex Samad wrote:
> Hi
> 
> I have been running openvpn on a couple of openwrt servers, I recently upgraded 
> one of these boxes.
> 
> On the box I run 3 instances of openvpn.
> 
> 1 old style, secret key
> 2 as a client
> 3 as a multi server
> 
> 
> haven't tested 1 - don't really care about this one.
> 
> 2 - work fine - in client mode
> 3 - has lots of problems the server starts, the problem occurs when the client 
> attempts to connect 
> 
> 
> 
> the config file for the server
> ==============================
> port 563
> proto tcp-server
> dev tap0
> 
> ca ca.crt
> cert server.crt
> key server.key  # This file should be kept secret
> 
> dh dh2048.pem
> 
> local 60.242.62.137
> server 192.168.4.248 255.255.255.248
> ifconfig-pool-persist sydrt04-563.txt
> push "route 192.168.4.0 255.255.252.0"
> #client-to-client
> keepalive 10 120
> comp-lzo
> max-clients 5
> persist-key
> persist-tun
> status /etc/openvpn/sydrt04-563.openvpn-status.log
> verb 9
> 
> #client-config-dir /etc/openvpn/ccd
> client-connect /etc/openvpn/sydrt04-up.sh
> client-disconnect /etc/openvpn/sydrt04-down.sh
> 
> logfile output
> =============
> Oct 30 21:22:47 sydrt04 daemon.notice openvpn-sydrt04[2621]: OpenVPN 2.0.9 
> mipsel-linux [SSL] [LZO] [EPOLL] built on Oct 28 2007
> Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2621]: TUN/TAP device 
> tap0 opened
> Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2621]: /sbin/ifconfig 
> tap0 192.168.4.249 netmask 255.255.255.248 mtu 1500 broadcast 192.168.4.255
> Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: Listening for 
> incoming TCP connection on 60.242.62.137:563
> Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: TCPv4_SERVER link 
> local (bound): 60.242.62.137:563
> Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: TCPv4_SERVER link 
> remote: [undef]
> Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: Initialization 
> Sequence Completed
> Oct 30 21:45:01 sydrt04 daemon.notice openvpn-sydrt04[2626]: SIGTERM[hard,] 
> received, process exiting
> Oct 30 21:45:01 sydrt04 daemon.notice openvpn-sydrt04[2738]: OpenVPN 2.0.9 
> mipsel-linux [SSL] [LZO] [EPOLL] built on Oct 28 2007
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: Diffie-Hellman 
> initialized with 2048 bit key
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TLS-Auth MTU parms 
> [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TUN/TAP device 
> tap0 opened
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TUN/TAP TX queue 
> length set to 100
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: /sbin/ifconfig 
> tap0 192.168.4.249 netmask 255.255.255.248 mtu 1500 broadcast 192.168.4.255
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: Data Channel MTU 
> parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Listening for 
> incoming TCP connection on 60.242.62.137:563
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Socket Buffers: 
> R=[87380->131072] S=[16384->131072]
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
> local (bound): 60.242.62.137:563
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
> remote: [undef]
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: multi_init 
> called, r=256 v=256
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: IFCONFIG POOL: 
> base=192.168.4.250 size=5
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: IFCONFIG POOL LIST
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
> client1,192.168.4.250
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
> client2,192.168.4.251
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: TCP INIT 
> maxclients=5 maxevents=9
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Initialization 
> Sequence Completed
> 
> 
> 
> for the client
> ==============
> client
> dev tap3
> 
> proto tcp-client
> 
> remote openvpn.barbarast.com 563	
> 
> resolv-retry infinite
> nobind
> persist-key
> persist-tun
> 
> #http-proxy www-proxy.sno.cpqcorp.net 8080
> comp-lzo
> verb 9
> 
> ca /etc/openvpn/bblxfw01-ca.crt
> cert /etc/openvpn/bblxfw01-client2.crt
> key /etc/openvpn/bblxfw01-client2.key
> ns-cert-type server
> 
> 
> up /etc/openvpn/bblxfw01-up.sh
> down /etc/openvpn/bblxfw01-down.sh
> 
> logfile for client
> ==================
> Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: Attempting to establish TCP 
> connection with 60.242.62.137:563
> Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCP connection established 
> with 60.242.62.137:563
> Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: Socket Buffers: 
> R=[43689->131072] S=[16384->131072]
> Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT link local: 
> [undef]
> Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT link remote: 
> 60.242.62.137:563
> Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT read returned 
> 14
> Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT READ [14] from 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=b05476ba 1137c1c6 [ 
> ] pid=0 DATA Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TLS: Initial 
> packet from 60.242.62.137:563, sid=b05476ba 1137c1c6
> Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [26] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> 0 sid=b05476ba 1137c1c6 ] pid=0 DATA Oct 30 21:47:54 sydrt02 kern.notice 
> openvpn[13170]: TCPv4_CLIENT write returned 28
> Oct 30 21:47:55 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:47:57 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:47:57 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:47:57 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:47:57 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:47:58 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:47:59 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:47:59 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:47:59 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:47:59 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:00 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:01 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:01 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:01 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:01 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:02 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:03 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:03 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:03 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:03 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:04 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:05 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:05 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:05 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:06 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:07 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:07 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:07 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:07 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:08 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:09 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:09 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:09 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:09 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:10 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:11 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:11 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:11 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:11 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:12 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:13 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:13 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:13 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:13 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:14 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:16 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:16 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:16 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:16 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:17 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:18 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:18 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:18 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:18 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:19 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:20 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:20 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:20 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:20 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:21 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:22 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:22 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:22 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:22 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:23 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:24 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:24 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:24 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:24 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:25 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:26 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:26 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:26 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:26 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:27 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:28 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:28 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:28 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:28 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:29 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:30 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:30 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:30 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:30 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:31 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:32 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:32 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:32 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:32 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:33 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:34 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:34 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:34 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> ] pid=0 DATA Oct 30 21:48:34 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> write returned 16
> Oct 30 21:48:35 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:36 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> Oct 30 21:48:36 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> Oct 30 21:48:36 sydrt02 kern.notice openvpn[13170]: TCPv
> 
> 
> The output on the server
> ================================
> Oct 30 21:22:47 sydrt04 daemon.notice openvpn-sydrt04[2621]: OpenVPN 2.0.9 
> mipsel-linux [SSL] [LZO] [EPOLL] built on Oct 28 2007
> Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2621]: TUN/TAP device 
> tap0 opened
> Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2621]: /sbin/ifconfig 
> tap0 192.168.4.249 netmask 255.255.255.248 mtu 1500 broadcast 192.168.4.255
> Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: Listening for 
> incoming TCP connection on 60.242.62.137:563
> Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: TCPv4_SERVER link 
> local (bound): 60.242.62.137:563
> Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: TCPv4_SERVER link 
> remote: [undef]
> Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: Initialization 
> Sequence Completed
> Oct 30 21:45:01 sydrt04 daemon.notice openvpn-sydrt04[2626]: SIGTERM[hard,] 
> received, process exiting
> Oct 30 21:45:01 sydrt04 daemon.notice openvpn-sydrt04[2738]: OpenVPN 2.0.9 
> mipsel-linux [SSL] [LZO] [EPOLL] built on Oct 28 2007
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: Diffie-Hellman 
> initialized with 2048 bit key
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TLS-Auth MTU parms 
> [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TUN/TAP device 
> tap0 opened
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TUN/TAP TX queue 
> length set to 100
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: /sbin/ifconfig 
> tap0 192.168.4.249 netmask 255.255.255.248 mtu 1500 broadcast 192.168.4.255
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: Data Channel MTU 
> parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Listening for 
> incoming TCP connection on 60.242.62.137:563
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Socket Buffers: 
> R=[87380->131072] S=[16384->131072]
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
> local (bound): 60.242.62.137:563
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
> remote: [undef]
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: multi_init 
> called, r=256 v=256
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: IFCONFIG POOL: 
> base=192.168.4.250 size=5
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: IFCONFIG POOL LIST
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
> client1,192.168.4.250
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
> client2,192.168.4.251
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: TCP INIT 
> maxclients=5 maxevents=9
> Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Initialization 
> Sequence Completed
> root@sydrt04:~# logread  -f  | grep openvpn-sydrt04
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: 
> multi_create_instance called
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Re-using SSL/TLS 
> context
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: LZO compression 
> initialized
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Control Channel 
> MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Data Channel MTU 
> parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options 
> String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
> TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
> 2,tls-server'
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
> Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
> TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
> 2,tls-client'
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options hash 
> (VER=V4): '3e6d1056'
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
> Options hash (VER=V4): '31fdf004'
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCP connection 
> established with 220.233.120.185:2308
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Socket Buffers: 
> R=[131072->131072] S=[131072->131072]
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
> local: [undef]
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
> remote: 220.233.120.185:2308
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
> 220.233.120.185:2308  event_wait returned 2
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
> 220.233.120.185:2308 TCPv4_SERVER WRITE [14] to 220.233.120.185:2308: 
> P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=b05476ba 1137c1c6 [ ] pid=0 DATA Oct 
> 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: 220.233.120.185:2308 
> TCPv4_SERVER write returned 16
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  read from TUN/TAP 
> returned 90
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  event_wait 
> returned 2
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  read from TUN/TAP 
> returned 78
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  event_wait 
> returned 2
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  read from TUN/TAP 
> returned 110
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  event_wait 
> returned 2
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  read from TUN/TAP 
> returned 90
> Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  event_wait 
> returned 1
> 
> 
> 
> and on the server if i restart the client
> =========================================
> Oct 30 21:50:12 sydrt04 daemon.err openvpn-sydrt04[2743]: TCP: accept(6) 
> failed: Resource temporarily unavailable (errno=11)
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: 
> multi_create_instance called
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Re-using SSL/TLS 
> context
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: LZO compression 
> initialized
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Control Channel 
> MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Data Channel MTU 
> parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options 
> String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
> TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
> 2,tls-server'
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
> Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
> TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
> 2,tls-client'
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options hash 
> (VER=V4): '3e6d1056'
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
> Options hash (VER=V4): '31fdf004'
> Oct 30 21:50:12 sydrt04 daemon.err openvpn-sydrt04[2743]: TCP: accept(6) 
> failed: Resource temporarily unavailable (errno=11)
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: 
> multi_create_instance called
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Re-using SSL/TLS 
> context
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: LZO compression 
> initialized
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Control Channel 
> MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Data Channel MTU 
> parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options 
> String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
> TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
> 2,tls-server'
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
> Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
> TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
> 2,tls-client'
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options hash 
> (VER=V4): '3e6d1056'
> Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
> Options hash (VER=V4): '31fdf004'
> 
> 
> and what  I see on the client (on the second go around)
> =======================================================
> Tue Oct 30 21:50:11 2007 us=626728 OpenVPN 2.0.5 mipsel-linux [SSL] [LZO] 
> [EPOLL] built on Mar 26 2006
> Tue Oct 30 21:50:11 2007 us=632833 IMPORTANT: OpenVPN's default port number is 
> now 1194, based on an official port number assignment by IANA.  OpenVPN 
> 2.0-beta16 and earlier used 5000 as the default port.
> Tue Oct 30 21:50:11 2007 us=668584 LZO compression initialized
> Tue Oct 30 21:50:11 2007 us=676195 Control Channel MTU parms [ L:1576 D:140 
> EF:40 EB:0 ET:0 EL:0 ]
> Tue Oct 30 21:50:11 2007 us=682680 Data Channel MTU parms [ L:1576 D:1450 EF:44 
> EB:135 ET:32 EL:0 AF:3/1 ]
> Tue Oct 30 21:50:11 2007 us=686901 Local Options String: 'V4,dev-type 
> tap,link-mtu 1576,tun-mtu 1532,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth 
> SHA1,keysize 128,key-method 2,tls-client'
> Tue Oct 30 21:50:11 2007 us=690199 Expected Remote Options String: 'V4,dev-type 
> tap,link-mtu 1576,tun-mtu 1532,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth 
> SHA1,keysize 128,key-method 2,tls-server'
> Tue Oct 30 21:50:11 2007 us=691706 Local Options hash (VER=V4): '31fdf004'
> Tue Oct 30 21:50:11 2007 us=692815 Expected Remote Options hash (VER=V4): 
> '3e6d1056'
> Tue Oct 30 21:50:11 2007 us=694843 Attempting to establish TCP connection with 
> 60.242.62.137:563
> Tue Oct 30 21:50:11 2007 us=745030 TCP connection established with 
> 60.242.62.137:563
> Tue Oct 30 21:50:11 2007 us=745760 Socket Buffers: R=[43689->131072] 
> S=[16384->131072]
> Tue Oct 30 21:50:11 2007 us=746577 TCPv4_CLIENT link local: [undef]
> Tue Oct 30 21:50:11 2007 us=747253 TCPv4_CLIENT link remote: 60.242.62.137:563
> Tue Oct 30 21:50:11 2007 us=748784  event_wait returned 1
> Tue Oct 30 21:50:11 2007 us=750103 TCPv4_CLIENT WRITE [14] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=f7ef25b8 fdf953ff [ 
> ] pid=0 DATA Tue Oct 30 21:50:11 2007 us=751377 TCPv4_CLIENT write returned 16
> Tue Oct 30 21:50:11 2007 us=811024  event_wait returned 1
> Tue Oct 30 21:50:11 2007 us=811781 TCPv4_CLIENT read returned 14
> Tue Oct 30 21:50:11 2007 us=812894 TCPv4_CLIENT READ [14] from 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=6e64fc7c 3162a68e [ 
> ] pid=0 DATA Tue Oct 30 21:50:11 2007 us=813836 TLS: Initial packet from 
> 60.242.62.137:563, sid=6e64fc7c 3162a68e
> Tue Oct 30 21:50:11 2007 us=814774  event_wait returned 1
> Tue Oct 30 21:50:11 2007 us=816159 TCPv4_CLIENT WRITE [26] to 
> 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=f7ef25b8 fdf953ff [ 
> 0 sid=6e64fc7c 3162a68e ] pid=0 DATA Tue Oct 30 21:50:11 2007 us=817410 
> TCPv4_CLIENT write returned 28
> Tue Oct 30 21:50:12 2007 us=889947  event_wait returned 0
> Tue Oct 30 21:50:13 2007 us=102497  event_wait returned -1
> Tue Oct 30 21:50:13 2007 us=103216 event_wait : Interrupted system call 
> (code=4)
> Tue Oct 30 21:50:13 2007 us=106633 TCP/UDP: Closing socket
> Tue Oct 30 21:50:13 2007 us=107959 SIGINT[hard,] received, process exiting
> 
> 
> When I do a tcpdump, there are no missing packets, it just seems like the 
> server doesn't accept the tls stuff ??????
> 
> I am at a loss what to do now.
> 
> One thing that has changed, because this server setup used to work on the 
> previous box I had (before the upgrade), the host name of the machine has 
> changed ( the server), but all the certs are in the right places and the expire 
> dates are in 2015 
> 
> Help !
> 
> 
> Thanks
> Alex



> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems?  Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users

Attachment: signature.asc
Description: Digital signature