[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Exchange over OpenVPN giving General Failure code=31


  • Subject: Re: [Openvpn-users] Exchange over OpenVPN giving General Failure code=31
  • From: James Yonan <jim@xxxxxxxxx>
  • Date: Sat, 02 Feb 2008 13:29:59 -0700

Paul Goodyear wrote:
> HI,
>
> I have OpenVPN and OpenVPN GUI running on a XP machine.
>
> OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct  1 2006
> OpenVPN GUI v1.0.3
>
> Everything appears to be fine, I can connect and use the company chat
> server, transfer files from the servers, connect and use the internal
> PBX. The only issue I am having is connecting to the Exchange server.
>
> As soon as Outlook starts I get a few "More data is available
> (code=234)" messages and a few General failure
> (ERROR_GEN_FAILURE)(code=31) errors.
>
> I have no firewalls in places, everything is open and standard.
>
> OpenVPN client config looks like this:
>
> #############################################
> #OpenVPN Server conf
> tls-client
> client
> dev tun
> proto udp
> tun-mtu 1400
> remote (RED INTERFACE ON IPCOP) 1194
> pkcs12 MyPKCSFile.p12
> cipher BF-CBC
> verb 3
> ns-cert-type server
>
> The log looks like this:
>
> ############################################
> Sat Feb 02 14:41:35 2008 read from TUN/TAP  [State=AT?c
> Err=[c:\src\21\tap-win32\tapdrvr.c/2405] #O=4 Tx=[18733,0,0]
> Rx=[15949,0,0] IrpQ=[0,1,16] PktQ=[0,24,64]]: More data is available.
>  (code=234)
> Sat Feb 02 14:41:35 2008 read from TUN/TAP  [State=AT?c
> Err=[c:\src\21\tap-win32\tapdrvr.c/2405] #O=4 Tx=[18739,0,0]
> Rx=[15953,0,0] IrpQ=[0,1,16] PktQ=[0,24,64]]: General failure
> (ERROR_GEN_FAILURE) (code=31)
>   
I see the problem.   You are setting tun-mtu to 1400.  You should leave 
this setting at the default value and use mssfix instead as an MTU limiter.

What is occurring is that the TUN/TAP driver is getting packets > 1400 
bytes from the virtual network interface, and is then realizing that 
OpenVPN (running in user space) has only provided a 1400 byte buffer to 
return the packet.  So the TUN tap driver is erring over the attempted 
buffer overflow.

James

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users