[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] No disconnect after TLS Error: local/remote TLS keys are out of sync


  • Subject: Re: [Openvpn-users] No disconnect after TLS Error: local/remote TLS keys are out of sync
  • From: Ralf Lübben <ralfluebben@xxxxxx>
  • Date: Sat, 5 Jan 2008 13:16:10 +0100

Thanks.

That's the solution.

Ralf

On Saturday, 5. January 2008 01:37:55 Jan Just Keijser wrote:
> have you tried
>   --tls-exit
>
> ?
>
> HTH,
>
> JJK
>
> Ralf Lübben wrote:
> > Hello,
> >
> > I develop the radiusplugin which you can find at:
> >
> > http://www.nongnu.org/radiusplugin/
> >
> > Some people use the plugin to account their VPN users and also to
> > disconnect the users if they exceed a limit (e.g. connection time or
> > send/received bytes).
> >
> > The idea is that the authentication fails if a limit is exceeded. This
> > also should work during a connection if the reauthentication
> > (renegotiation) of a user fails.
> > The problem is, that if the reauthentication fails (because the radius
> > authentication fails) the client can't send any data, but the client is
> > never disconnected, only the error messages
> >
> > TLS Auth Error: Auth Username/Password verification failed for peer
> >
> > and
> >
> > TLS Error: local/remote TLS keys are out of sync
> >
> > appear in the log file.
> >
> > Is there a possibility to disconnect automatically a user if the
> > reauthentication fails respectively if the keys are out of sync?


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users