[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]
Re: [Openvpn-users] Help with diagnosing openvpn problem

Subject: Re: [Openvpn-users] Help with diagnosing openvpn problem
From: Alex Samad <alex@xxxxxxxxxxxx>
Date: Thu, 1 Nov 2007 20:50:59 +1100
Hi

for posterity I found the issue.

openvn was compiled with epoll enabled, this was on a 2.6.23, when i recompiled 
with out this all worked well!

Alex
On Tue, Oct 30, 2007 at 09:58:57PM +1100, Alex Samad wrote:
> Hi
> 
> Sorry for the resend, been looking at this for over 8 hours and wrote the wrong 
> subject 
> 
> 
> Thanks
> 
> On Tue, Oct 30, 2007 at 09:53:59PM +1100, Alex Samad wrote:
> > Hi
> > 
> > I have been running openvpn on a couple of openwrt servers, I recently upgraded 
> > one of these boxes.
> > 
> > On the box I run 3 instances of openvpn.
> > 
> > 1 old style, secret key
> > 2 as a client
> > 3 as a multi server
> > 
> > 
> > haven't tested 1 - don't really care about this one.
> > 
> > 2 - work fine - in client mode
> > 3 - has lots of problems the server starts, the problem occurs when the client 
> > attempts to connect 
> > 
> > 
> > 
> > the config file for the server
> > ==============================
> > port 563
> > proto tcp-server
> > dev tap0
> > 
> > ca ca.crt
> > cert server.crt
> > key server.key  # This file should be kept secret
> > 
> > dh dh2048.pem
> > 
> > local 60.242.62.137
> > server 192.168.4.248 255.255.255.248
> > ifconfig-pool-persist sydrt04-563.txt
> > push "route 192.168.4.0 255.255.252.0"
> > #client-to-client
> > keepalive 10 120
> > comp-lzo
> > max-clients 5
> > persist-key
> > persist-tun
> > status /etc/openvpn/sydrt04-563.openvpn-status.log
> > verb 9
> > 
> > #client-config-dir /etc/openvpn/ccd
> > client-connect /etc/openvpn/sydrt04-up.sh
> > client-disconnect /etc/openvpn/sydrt04-down.sh
> > 
> > logfile output
> > =============
> > Oct 30 21:22:47 sydrt04 daemon.notice openvpn-sydrt04[2621]: OpenVPN 2.0.9 
> > mipsel-linux [SSL] [LZO] [EPOLL] built on Oct 28 2007
> > Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2621]: TUN/TAP device 
> > tap0 opened
> > Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2621]: /sbin/ifconfig 
> > tap0 192.168.4.249 netmask 255.255.255.248 mtu 1500 broadcast 192.168.4.255
> > Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: Listening for 
> > incoming TCP connection on 60.242.62.137:563
> > Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: TCPv4_SERVER link 
> > local (bound): 60.242.62.137:563
> > Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: TCPv4_SERVER link 
> > remote: [undef]
> > Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: Initialization 
> > Sequence Completed
> > Oct 30 21:45:01 sydrt04 daemon.notice openvpn-sydrt04[2626]: SIGTERM[hard,] 
> > received, process exiting
> > Oct 30 21:45:01 sydrt04 daemon.notice openvpn-sydrt04[2738]: OpenVPN 2.0.9 
> > mipsel-linux [SSL] [LZO] [EPOLL] built on Oct 28 2007
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: Diffie-Hellman 
> > initialized with 2048 bit key
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TLS-Auth MTU parms 
> > [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TUN/TAP device 
> > tap0 opened
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TUN/TAP TX queue 
> > length set to 100
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: /sbin/ifconfig 
> > tap0 192.168.4.249 netmask 255.255.255.248 mtu 1500 broadcast 192.168.4.255
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: Data Channel MTU 
> > parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Listening for 
> > incoming TCP connection on 60.242.62.137:563
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Socket Buffers: 
> > R=[87380->131072] S=[16384->131072]
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
> > local (bound): 60.242.62.137:563
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
> > remote: [undef]
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: multi_init 
> > called, r=256 v=256
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: IFCONFIG POOL: 
> > base=192.168.4.250 size=5
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: IFCONFIG POOL LIST
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
> > client1,192.168.4.250
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
> > client2,192.168.4.251
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: TCP INIT 
> > maxclients=5 maxevents=9
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Initialization 
> > Sequence Completed
> > 
> > 
> > 
> > for the client
> > ==============
> > client
> > dev tap3
> > 
> > proto tcp-client
> > 
> > remote openvpn.barbarast.com 563	
> > 
> > resolv-retry infinite
> > nobind
> > persist-key
> > persist-tun
> > 
> > #http-proxy www-proxy.sno.cpqcorp.net 8080
> > comp-lzo
> > verb 9
> > 
> > ca /etc/openvpn/bblxfw01-ca.crt
> > cert /etc/openvpn/bblxfw01-client2.crt
> > key /etc/openvpn/bblxfw01-client2.key
> > ns-cert-type server
> > 
> > 
> > up /etc/openvpn/bblxfw01-up.sh
> > down /etc/openvpn/bblxfw01-down.sh
> > 
> > logfile for client
> > ==================
> > Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: Attempting to establish TCP 
> > connection with 60.242.62.137:563
> > Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCP connection established 
> > with 60.242.62.137:563
> > Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: Socket Buffers: 
> > R=[43689->131072] S=[16384->131072]
> > Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT link local: 
> > [undef]
> > Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT link remote: 
> > 60.242.62.137:563
> > Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT read returned 
> > 14
> > Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT READ [14] from 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=b05476ba 1137c1c6 [ 
> > ] pid=0 DATA Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TLS: Initial 
> > packet from 60.242.62.137:563, sid=b05476ba 1137c1c6
> > Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:47:54 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [26] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > 0 sid=b05476ba 1137c1c6 ] pid=0 DATA Oct 30 21:47:54 sydrt02 kern.notice 
> > openvpn[13170]: TCPv4_CLIENT write returned 28
> > Oct 30 21:47:55 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:47:57 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:47:57 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:47:57 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:47:57 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:47:58 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:47:59 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:47:59 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:47:59 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:47:59 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:00 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:01 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:01 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:01 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:01 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:02 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:03 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:03 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:03 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:03 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:04 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:05 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:05 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:05 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:06 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:07 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:07 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:07 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:07 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:08 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:09 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:09 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:09 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:09 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:10 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:11 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:11 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:11 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:11 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:12 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:13 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:13 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:13 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:13 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:14 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:16 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:16 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:16 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:16 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:17 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:18 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:18 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:18 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:18 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:19 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:20 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:20 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:20 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:20 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:21 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:22 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:22 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:22 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:22 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:23 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:24 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:24 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:24 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:24 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:25 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:26 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:26 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:26 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:26 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:27 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:28 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:28 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:28 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:28 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:29 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:30 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:30 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:30 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:30 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:31 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:32 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:32 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:32 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:32 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:33 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:34 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:34 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:34 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=6852719b 6aface76 [ 
> > ] pid=0 DATA Oct 30 21:48:34 sydrt02 kern.notice openvpn[13170]: TCPv4_CLIENT 
> > write returned 16
> > Oct 30 21:48:35 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:36 sydrt02 kern.notice openvpn[13170]:  event_wait returned 0
> > Oct 30 21:48:36 sydrt02 kern.notice openvpn[13170]:  event_wait returned 1
> > Oct 30 21:48:36 sydrt02 kern.notice openvpn[13170]: TCPv
> > 
> > 
> > The output on the server
> > ================================
> > Oct 30 21:22:47 sydrt04 daemon.notice openvpn-sydrt04[2621]: OpenVPN 2.0.9 
> > mipsel-linux [SSL] [LZO] [EPOLL] built on Oct 28 2007
> > Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2621]: TUN/TAP device 
> > tap0 opened
> > Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2621]: /sbin/ifconfig 
> > tap0 192.168.4.249 netmask 255.255.255.248 mtu 1500 broadcast 192.168.4.255
> > Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: Listening for 
> > incoming TCP connection on 60.242.62.137:563
> > Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: TCPv4_SERVER link 
> > local (bound): 60.242.62.137:563
> > Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: TCPv4_SERVER link 
> > remote: [undef]
> > Oct 30 21:22:48 sydrt04 daemon.notice openvpn-sydrt04[2626]: Initialization 
> > Sequence Completed
> > Oct 30 21:45:01 sydrt04 daemon.notice openvpn-sydrt04[2626]: SIGTERM[hard,] 
> > received, process exiting
> > Oct 30 21:45:01 sydrt04 daemon.notice openvpn-sydrt04[2738]: OpenVPN 2.0.9 
> > mipsel-linux [SSL] [LZO] [EPOLL] built on Oct 28 2007
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: Diffie-Hellman 
> > initialized with 2048 bit key
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TLS-Auth MTU parms 
> > [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TUN/TAP device 
> > tap0 opened
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: TUN/TAP TX queue 
> > length set to 100
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: /sbin/ifconfig 
> > tap0 192.168.4.249 netmask 255.255.255.248 mtu 1500 broadcast 192.168.4.255
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2738]: Data Channel MTU 
> > parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Listening for 
> > incoming TCP connection on 60.242.62.137:563
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Socket Buffers: 
> > R=[87380->131072] S=[16384->131072]
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
> > local (bound): 60.242.62.137:563
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
> > remote: [undef]
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: multi_init 
> > called, r=256 v=256
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: IFCONFIG POOL: 
> > base=192.168.4.250 size=5
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: IFCONFIG POOL LIST
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
> > client1,192.168.4.250
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
> > client2,192.168.4.251
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: TCP INIT 
> > maxclients=5 maxevents=9
> > Oct 30 21:45:03 sydrt04 daemon.notice openvpn-sydrt04[2743]: Initialization 
> > Sequence Completed
> > root@sydrt04:~# logread  -f  | grep openvpn-sydrt04
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: 
> > multi_create_instance called
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Re-using SSL/TLS 
> > context
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: LZO compression 
> > initialized
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Control Channel 
> > MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Data Channel MTU 
> > parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options 
> > String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
> > TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
> > 2,tls-server'
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
> > Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
> > TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
> > 2,tls-client'
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options hash 
> > (VER=V4): '3e6d1056'
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
> > Options hash (VER=V4): '31fdf004'
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCP connection 
> > established with 220.233.120.185:2308
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: Socket Buffers: 
> > R=[131072->131072] S=[131072->131072]
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
> > local: [undef]
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: TCPv4_SERVER link 
> > remote: 220.233.120.185:2308
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
> > 220.233.120.185:2308  event_wait returned 2
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: 
> > 220.233.120.185:2308 TCPv4_SERVER WRITE [14] to 220.233.120.185:2308: 
> > P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=b05476ba 1137c1c6 [ ] pid=0 DATA Oct 
> > 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]: 220.233.120.185:2308 
> > TCPv4_SERVER write returned 16
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  read from TUN/TAP 
> > returned 90
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  event_wait 
> > returned 2
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  read from TUN/TAP 
> > returned 78
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  event_wait 
> > returned 2
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  read from TUN/TAP 
> > returned 110
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  event_wait 
> > returned 2
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  read from TUN/TAP 
> > returned 90
> > Oct 30 21:47:54 sydrt04 daemon.notice openvpn-sydrt04[2743]:  event_wait 
> > returned 1
> > 
> > 
> > 
> > and on the server if i restart the client
> > =========================================
> > Oct 30 21:50:12 sydrt04 daemon.err openvpn-sydrt04[2743]: TCP: accept(6) 
> > failed: Resource temporarily unavailable (errno=11)
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: 
> > multi_create_instance called
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Re-using SSL/TLS 
> > context
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: LZO compression 
> > initialized
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Control Channel 
> > MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Data Channel MTU 
> > parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options 
> > String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
> > TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
> > 2,tls-server'
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
> > Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
> > TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
> > 2,tls-client'
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options hash 
> > (VER=V4): '3e6d1056'
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
> > Options hash (VER=V4): '31fdf004'
> > Oct 30 21:50:12 sydrt04 daemon.err openvpn-sydrt04[2743]: TCP: accept(6) 
> > failed: Resource temporarily unavailable (errno=11)
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: MULTI: 
> > multi_create_instance called
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Re-using SSL/TLS 
> > context
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: LZO compression 
> > initialized
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Control Channel 
> > MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Data Channel MTU 
> > parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options 
> > String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
> > TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
> > 2,tls-server'
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
> > Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto 
> > TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 
> > 2,tls-client'
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Local Options hash 
> > (VER=V4): '3e6d1056'
> > Oct 30 21:50:12 sydrt04 daemon.notice openvpn-sydrt04[2743]: Expected Remote 
> > Options hash (VER=V4): '31fdf004'
> > 
> > 
> > and what  I see on the client (on the second go around)
> > =======================================================
> > Tue Oct 30 21:50:11 2007 us=626728 OpenVPN 2.0.5 mipsel-linux [SSL] [LZO] 
> > [EPOLL] built on Mar 26 2006
> > Tue Oct 30 21:50:11 2007 us=632833 IMPORTANT: OpenVPN's default port number is 
> > now 1194, based on an official port number assignment by IANA.  OpenVPN 
> > 2.0-beta16 and earlier used 5000 as the default port.
> > Tue Oct 30 21:50:11 2007 us=668584 LZO compression initialized
> > Tue Oct 30 21:50:11 2007 us=676195 Control Channel MTU parms [ L:1576 D:140 
> > EF:40 EB:0 ET:0 EL:0 ]
> > Tue Oct 30 21:50:11 2007 us=682680 Data Channel MTU parms [ L:1576 D:1450 EF:44 
> > EB:135 ET:32 EL:0 AF:3/1 ]
> > Tue Oct 30 21:50:11 2007 us=686901 Local Options String: 'V4,dev-type 
> > tap,link-mtu 1576,tun-mtu 1532,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth 
> > SHA1,keysize 128,key-method 2,tls-client'
> > Tue Oct 30 21:50:11 2007 us=690199 Expected Remote Options String: 'V4,dev-type 
> > tap,link-mtu 1576,tun-mtu 1532,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth 
> > SHA1,keysize 128,key-method 2,tls-server'
> > Tue Oct 30 21:50:11 2007 us=691706 Local Options hash (VER=V4): '31fdf004'
> > Tue Oct 30 21:50:11 2007 us=692815 Expected Remote Options hash (VER=V4): 
> > '3e6d1056'
> > Tue Oct 30 21:50:11 2007 us=694843 Attempting to establish TCP connection with 
> > 60.242.62.137:563
> > Tue Oct 30 21:50:11 2007 us=745030 TCP connection established with 
> > 60.242.62.137:563
> > Tue Oct 30 21:50:11 2007 us=745760 Socket Buffers: R=[43689->131072] 
> > S=[16384->131072]
> > Tue Oct 30 21:50:11 2007 us=746577 TCPv4_CLIENT link local: [undef]
> > Tue Oct 30 21:50:11 2007 us=747253 TCPv4_CLIENT link remote: 60.242.62.137:563
> > Tue Oct 30 21:50:11 2007 us=748784  event_wait returned 1
> > Tue Oct 30 21:50:11 2007 us=750103 TCPv4_CLIENT WRITE [14] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=f7ef25b8 fdf953ff [ 
> > ] pid=0 DATA Tue Oct 30 21:50:11 2007 us=751377 TCPv4_CLIENT write returned 16
> > Tue Oct 30 21:50:11 2007 us=811024  event_wait returned 1
> > Tue Oct 30 21:50:11 2007 us=811781 TCPv4_CLIENT read returned 14
> > Tue Oct 30 21:50:11 2007 us=812894 TCPv4_CLIENT READ [14] from 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=6e64fc7c 3162a68e [ 
> > ] pid=0 DATA Tue Oct 30 21:50:11 2007 us=813836 TLS: Initial packet from 
> > 60.242.62.137:563, sid=6e64fc7c 3162a68e
> > Tue Oct 30 21:50:11 2007 us=814774  event_wait returned 1
> > Tue Oct 30 21:50:11 2007 us=816159 TCPv4_CLIENT WRITE [26] to 
> > 60.242.62.137:563: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=f7ef25b8 fdf953ff [ 
> > 0 sid=6e64fc7c 3162a68e ] pid=0 DATA Tue Oct 30 21:50:11 2007 us=817410 
> > TCPv4_CLIENT write returned 28
> > Tue Oct 30 21:50:12 2007 us=889947  event_wait returned 0
> > Tue Oct 30 21:50:13 2007 us=102497  event_wait returned -1
> > Tue Oct 30 21:50:13 2007 us=103216 event_wait : Interrupted system call 
> > (code=4)
> > Tue Oct 30 21:50:13 2007 us=106633 TCP/UDP: Closing socket
> > Tue Oct 30 21:50:13 2007 us=107959 SIGINT[hard,] received, process exiting
> > 
> > 
> > When I do a tcpdump, there are no missing packets, it just seems like the 
> > server doesn't accept the tls stuff ??????
> > 
> > I am at a loss what to do now.
> > 
> > One thing that has changed, because this server setup used to work on the 
> > previous box I had (before the upgrade), the host name of the machine has 
> > changed ( the server), but all the certs are in the right places and the expire 
> > dates are in 2015 
> > 
> > Help !
> > 
> > 
> > Thanks
> > Alex
> 
> 
> 
> > -------------------------------------------------------------------------
> > This SF.net email is sponsored by: Splunk Inc.
> > Still grepping through log files to find problems?  Stop.
> > Now Search log events and configuration files using AJAX and a browser.
> > Download your FREE copy of Splunk now >> http://get.splunk.com/
> > _______________________________________________
> > Openvpn-users mailing list
> > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> > https://lists.sourceforge.net/lists/listinfo/openvpn-users
> 



> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems?  Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
Attachment: signature.asc
Description: Digital signature
Prev by Date: Re: [Openvpn-users] Active Directory stuttering
Next by Date: Re: [Openvpn-users] Troubleshooting OpenVPN client at inaccessible remote site
Previous by thread: Re: [Openvpn-users] Active Directory stuttering
Next by thread: Re: [Openvpn-users] Troubleshooting OpenVPN client at inaccessible remote site
Index(es):
- Date
- Thread