[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Certificate Problems getting Linux<->Windows tunnel to work?

  • Subject: Re: [Openvpn-users] Certificate Problems getting Linux<->Windows tunnel to work?
  • From: "James Yonan" <jim@xxxxxxxxx>
  • Date: Tue, 16 Sep 2003 19:12:16 -0000
Carl,

This looks like a configuration issue.

Can you post your config files?

James

Carl Perry <cperry@xxxxxxxxxxxxx> said:

> I'm testing OpenVPN here at the office as a road-warrior solution.  I've
> got a Win2k notebook and our Linux firewall on a hub connected to our T1
> line.  When I try to launch the OpenVPN client on windows, I get the
> following messages:
> 
> Mon Sep 15 18:26:18 2003 24: Authenticate/Decrypt packet error: bad
> packet ID (may be a replay): [ #1 / time = (1063667992) Mon Sep 15
> 18:19:52 2003 ]
> Mon Sep 15 18:26:18 2003 25: TLS Error: incoming packet authentication
> failed from 67.153.25.126:500
> ...
> Mon Sep 15 18:26:18 2003 38: Authenticate/Decrypt packet error: bad
> packet ID (
> may be a replay): [ #23 / time = (1063667992) Mon Sep 15 18:19:52 2003 ]
> Mon Sep 15 18:26:18 2003 39: TLS Error: incoming packet authentication
> failed fr
> om 67.153.25.126:5000
> Mon Sep 15 18:26:18 2003 40: VERIFY ERROR: depth=0, error=unsupported
> certifi
> cate purpose:
> /C=US/ST=Texas/L=Austin/O=TICOM.Geomtaics.VPN/OU=IPSEC.VPN.Server.
> Certificate/CN=dimebox.ticom-geo.com/emailAddress=cperry@xxxxxxxxxxxxx
> Mon Sep 15 18:26:18 2003 41: TLS_ERROR: BIO read tls_read_plaintext
> error: error
> :14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
> Mon Sep 15 18:26:18 2003 42: TLS Error: TLS object -> incoming plaintext
> read er
> ror
> Mon Sep 15 18:26:18 2003 43: TLS Error: TLS handshake failed
> Mon Sep 15 18:26:18 2003 44: TLS Error: Unroutable control packet
> received from
>  67.153.25.126:5000 (si=3 op=P_CONTROL_V1)
> 
> The linux side has less details:
> 
> Mon Sep 15 23:19:52 2003 26[0]: TLS: tls_pre_decrypt: first response to
> initial
>  packet from 67.153.25.80:5000, sid=5c4768a4 6890f26f
> Mon Sep 15 23:19:52 2003 27[0]: Authenticate/Decrypt packet error: bad
> packet I
> D (may be a replay): [ #1 / time = (1063668373) Mon Sep 15 23:26:13 2003 ]
> Mon Sep 15 23:19:52 2003 28[0]: TLS Error: incoming packet
> authentication failed
>  from 67.153.25.80:5000
> Mon Sep 15 23:19:52 2003 29[0]: Authenticate/Decrypt packet error: bad
> packet
> ID (may be a replay): [ #2 / time = (1063668373) Mon Sep 15 23:26:13 2003 ]
> Mon Sep 15 23:19:52 2003 30[0]: TLS Error: incoming packet
> authentication failed
>  from 67.153.25.80:5000
> 
> Is this a configuration issue, a lack of router issue, or a TLS
> certificate issue?  I've tried with both UDP and TCP transport, same
> results.  I have not tried going from linux to linux yet, as windows to
> linux is far more valuable to me in the short term.  I am willing to
> post config files and public certificates if they will be of help.  I'm
> sorry if this has come up before and an answer posted to the list, but
> SF's lack of search function makes it difficult to find past messages. 
> I did check back about three months on the list archive manually, but
> may have missed some stuff.  Any information would be appreciated.  Thanks!
> 
>     -Carl
> 



-- 




____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users