I have a problem connecting multiple users to a single server.
One user = good.
Two users = problem.
Problem:
Thu Jan 28 10:44:03 2016 TLS Error: local/remote TLS keys are out of sync: [AF_INET]185.24.26.12:58474 [0]
my configuration:
port 1194
proto udp
dev tap0
keepalive 10 120
status /tmp/openvpn-status.log
verb 3
tls-server
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/tomato/dh.pem
log-append /tmp-log.log
bridge configuration:
#!/bin/sh /etc/rc.common
START=94
start() {
openvpn --mktun --dev tap0
brctl addif br-lan tap0
ifconfig tap0 0.0.0.0 promisc up
}
stop() {
ifconfig tap0 0.0.0.0 down
brctl delif br-lan tap0
openvpn --rmtun --dev tap0
}
dhcp:
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
Logs:
Thu Jan 28 10:37:10 2016 TLS: Initial packet from [AF_INET]185.24.26.12:58474, sid=95df3f74 f3152eae
Thu Jan 28 10:37:11 2016 VERIFY OK: depth=1, C=PL, ST=lubuskie, L=ZielonaGora, O=VPN OPENWRT, OU=MyOrganizationalUnit, CN=VPN OPENWRT CA, name=EasyRSA, emailAddress=xxx@gmail.com
Thu Jan 28 10:37:11 2016 VERIFY OK: depth=0, C=PL, ST=lubuskie, L=ZielonaGora, O=VPN OPENWRT, OU=MyOrganizationalUnit, CN=windows_klient1_password, name=EasyRSA, emailAddress=xxx@gmail.com
Thu Jan 28 10:37:11 2016 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jan 28 10:37:11 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jan 28 10:37:11 2016 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jan 28 10:37:11 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jan 28 10:37:11 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Thu Jan 28 10:37:11 2016 [windows_klient1_password] Peer Connection Initiated with [AF_INET]185.24.26.12:58474
Thu Jan 28 10:37:12 2016 Initialization Sequence Completed
Thu Jan 28 10:37:14 2016 PUSH: Received control message: 'PUSH_REQUEST'
Thu Jan 28 10:37:14 2016 send_push_reply(): safe_cap=940
Thu Jan 28 10:37:14 2016 SENT CONTROL [windows_klient1_password]: 'PUSH_REPLY' (status=1)
Thu Jan 28 10:43:38 2016 TLS: new session incoming connection from [AF_INET]185.24.26.12:49340
Thu Jan 28 10:43:39 2016 VERIFY OK: depth=1, C=PL, ST=lubuskie, L=ZielonaGora, O=VPN OPENWRT, OU=MyOrganizationalUnit, CN=VPN OPENWRT CA, name=EasyRSA, emailAddress=xxx@gmail.com
Thu Jan 28 10:43:39 2016 VERIFY OK: depth=0, C=PL, ST=lubuskie, L=ZielonaGora, O=VPN OPENWRT, OU=MyOrganizationalUnit, CN=tz, name=EasyRSA, emailAddress=xxx@gmail.com
Thu Jan 28 10:43:39 2016 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jan 28 10:43:39 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jan 28 10:43:39 2016 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jan 28 10:43:39 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jan 28 10:43:39 2016 TLS: move_session: dest=TM_ACTIVE src=TM_UNTRUSTED reinit_src=1
Thu Jan 28 10:43:39 2016 TLS: tls_multi_process: untrusted session promoted to trusted
Thu Jan 28 10:43:39 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Thu Jan 28 10:43:39 2016 [tz] Peer Connection Initiated with [AF_INET]185.24.26.12:49340
Thu Jan 28 10:43:42 2016 PUSH: Received control message: 'PUSH_REQUEST'
Thu Jan 28 10:43:42 2016 send_push_reply(): safe_cap=940
Thu Jan 28 10:43:42 2016 SENT CONTROL [tz]: 'PUSH_REPLY' (status=1)
Thu Jan 28 10:44:03 2016 TLS Error: local/remote TLS keys are out of sync: [AF_INET]185.24.26.12:58474 [0]
Thu Jan 28 10:44:04 2016 TLS Error: local/remote TLS keys are out of sync: [AF_INET]185.24.26.12:58474 [0]
Thu Jan 28 10:44:04 2016 TLS Error: local/remote TLS keys are out of sync: [AF_INET]185.24.26.12:58474 [0]
Thu Jan 28 10:44:04 2016 TLS Error: local/remote TLS keys are out of sync: [AF_INET]185.24.26.12:58474 [0]
Thu Jan 28 10:44:04 2016 TLS Error: local/remote TLS keys are out of sync: [AF_INET]185.24.26.12:58474 [0]
Thu Jan 28 10:44:08 2016 TLS Error: local/remote TLS keys are out of sync: [AF_INET]185.24.26.12:58474 [0]
Thu Jan 28 10:44:09 2016 TLS Error: local/remote TLS keys are out of sync: [AF_INET]185.24.26.12:58474 [0]
Thu Jan 28 10:44:10 2016 TLS Error: local/remote TLS keys are out of sync: [AF_INET]185.24.26.12:58474 [0]
Thu Jan 28 10:44:18 2016 TLS Error: local/remote TLS keys are out of sync: [AF_INET]185.24.26.12:58474 [0]
Thu Jan 28 10:44:18 2016 TLS Error: local/remote TLS keys are out of sync: [AF_INET]185.24.26.12:58474 [0]
Thu Jan 28 10:44:19 2016 TLS Error: local/remote TLS keys are out of sync: [AF_INET]185.24.26.12:58474 [0]
TLS Error: local/remote TLS keys are out of sync: - problem
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 2
- Joined: Thu Jan 28, 2016 11:02 am
-
- OpenVpn Newbie
- Posts: 2
- Joined: Thu Jan 28, 2016 11:02 am
Re: TLS Error: local/remote TLS keys are out of sync: - prob
problem solved.
They are missing a few entries in the configuration.
They are missing a few entries in the configuration.
-
- OpenVpn Newbie
- Posts: 1
- Joined: Tue Aug 22, 2017 10:32 am
Re: TLS Error: local/remote TLS keys are out of sync: - problem
Hi,andrewxxx wrote:problem solved.
They are missing a few entries in the configuration.
I have the same problem... which are the missing entries?
-
- OpenVpn Newbie
- Posts: 2
- Joined: Sat Mar 30, 2019 3:35 pm
Re: TLS Error: local/remote TLS keys are out of sync: - problem
what is missing?