[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)

Subject: Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)
From: Ben Scott <dragonhawk@xxxxxxxxx>
Date: Thu, 2 Feb 2006 16:15:16 -0500

On 2/2/06, Cameron Gocke <livedrive777@xxxxxxxxx> wrote:
> One of the things throwing me for a loop is that these errors
> are happening in my server log not my clients.

  From what I understand, OpenVPN is basically a peer-to-peer design. 
The client/server mode is mainly used as an administrative
convenience, to simply things like tunnel configuration.  Once the
tunnel is up and running, I believe the client/server distinction
largely disappears.  So it could well be that something is going
wrong, and then when something on the server side of the tunnel tries
to transmit, the server notices and logs the problem.

> Since the log doesn't indicate what session the error applies to I
> don't know who or what exactly it thinks it has lost its connection
> to.

  That does make things more difficult.  But, with my logs on my
server, most of the connection-specific log entries include client IP
address, port number, and name.  For example (names and addresses
changed to protect the guilty):

Feb  1 13:57:14 server openvpn[314]: LAPTOP128/192.168.15.16:1192 Data
Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key

  "LAPTOP128" being the pretend client here, with IP address
192.168.15.16 and port 1192.  You're not seeing that, I take it?

>  Now, my firewall doesn't allow any outbound traffic from my
> OpenVPN server (which is in my DMZ), but I wouldn't think that it
> would need to since all of the connections originate from the clients.

  Your firewall might not be recognizing the OpenVPN session for what
it is (UDP being stateless), or timing out the connection, or some
such thing.  You might try adding an explicit firewall rule that
permits the OpenVPN server to send any packet with an OpenVPN as the
source port.

> Is there anything else that could cause this that I'm still not getting?

  Probably.  ;-)

-- Ben

-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Follow-Ups:
- Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)
  - From: Cameron Gocke

References:
- [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)
  - From: Cameron Gocke
- Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)
  - From: Ben Scott
- Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)
  - From: Cameron Gocke

Prev by Date: Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)
Next by Date: Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)
Previous by thread: Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)
Next by thread: Re: [Openvpn-users] VPN working, but getting (WSAECONNRESET) (code=10054)
Index(es):
- Date
- Thread