[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] encryption problems

  • Subject: [Openvpn-users] encryption problems
  • From: "EDV - WHW (Goesta Smekal)" <EDV@xxxxxxxxxxxxxxxxxxx>
  • Date: Mon, 15 Apr 2002 13:11:34 +0200
  • Priority: normal
Hi there,

  using OpenVPN 1.1.0 (and also with 1.0.3) I get errors when using 
any kind of encryption (only tried static):

All machines involved are Slackware Linux 8.0. One is my production 
machine (with full development stuff installed) the others two are 
firewall gateways, thus lacking anything but the necessities.

I compiled OpenVPN on the production machine, where I also installed 
LZO lib. The binary, along with a generated private key, was copied 
to either gateway (configure --disable-lzo).

As long as I start the tunnel without encryption everything works PG !

--- VPN start script follows ---
openvpn --mktun --dev tun7
ifconfig tun7 10.1.0.1 pointopoint 10.1.0.2 mtu 1450
openvpn --remote 192.168.1.8 \
		--dev tun7 --verb 4 \
		1>> /var/log/OpenVPN.log 2>> /var/log/OpenVPN.err &
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.1.0.2
--- script end ---

as soon as I start OpenVPN with the following switches things get 
wierd:

openvpn --remote 192.168.1.8 \
		--dev tun7 --verb 4 \
		--secret /root/OpenVPN/openvpn.key \
		1>> /var/log/OpenVPN.log 2>> /var/log/OpenVPN.err &

With OpenVPN v1.0.3 the following message appears:

50: OpenVPN 1.0.3 Built On Apr  9 2002
51: UDP link local (bound): [undef]:5000
52: UDP link remote: 192.168.1.8:5000
53: TUN/TAP device tun7 opened
54: Static: Cipher 'BF-CBC' initialized with 128 bit key
55: Static: Using 160 bit message digest 'SHA1' for HMAC 
authentication
56: Data Channel MTU parms: mtu=1450 extra_frame=28 extra_buffer=28
57: Authenticate/Decrypt packet error: packet HMAC authentication 
failed
58: Authenticate/Decrypt packet error: packet HMAC authentication 
failed
... and so on ...

Whereas with v1.1.0 it reads:

47: OpenVPN 1.1.0 Built On Apr 16 2002
48: UDP link local (bound): [undef]:5000
49: UDP link remote: 192.168.1.8:5000
50: TUN/TAP device tun7 opened
51: Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
52: Static Encrypt: Using 160 bit message digest 'SHA1' for HMAC 
authentication
53: Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
54: Static Decrypt: Using 160 bit message digest 'SHA1' for HMAC 
authentication
55: Data Channel MTU parms: mtu=1450 extra_frame=44 extra_buffer=44 
extra_tun=0
56: Peer Connection Initiated with 192.168.1.8:5000

and nothing crosses the tunnel.

WHAT DID I MESS UP ???

Do I miss any libraries on the gateway systems ? Can I create 
statically linked executables, so that I don't need to install lib on 
the gateways ? (there is not even a 'make' installed ...)

  any help welcome !


--
This may seem a bit weird, but that's okay, because it is weird.

found on line 89 of 'perldoc perl'

_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users