[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] No disconnect after TLS Error: local/remote TLS keys are out of sync


  • Subject: [Openvpn-users] No disconnect after TLS Error: local/remote TLS keys are out of sync
  • From: Ralf Lübben <ralfluebben@xxxxxx>
  • Date: Fri, 4 Jan 2008 15:47:57 +0100

Hello,

I develop the radiusplugin which you can find at: 

http://www.nongnu.org/radiusplugin/

Some people use the plugin to account their VPN users and also to disconnect 
the users if they exceed a limit (e.g. connection time or send/received 
bytes).

The idea is that the authentication fails if a limit is exceeded. This also 
should work during a connection if the reauthentication (renegotiation) of a 
user fails.
The problem is, that if the reauthentication fails (because the radius 
authentication fails) the client can't send any data, but the client is never 
disconnected, only the error messages

TLS Auth Error: Auth Username/Password verification failed for peer

and 

TLS Error: local/remote TLS keys are out of sync

appear in the log file.

Is there a possibility to disconnect automatically a user if the 
reauthentication fails respectively if the keys are out of sync?

Thanks.

Ralf


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users