[Solved] TLS Error: client->client server->server connection

This forum is for all inquiries relating to the installation of OpenVPN from source and with binaries.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Locked
johncarter
OpenVpn Newbie
Posts: 3
Joined: Wed Jan 13, 2016 5:05 pm

[Solved] TLS Error: client->client server->server connection

Post by johncarter » Tue Jan 19, 2016 6:37 pm

Hi all,
I've installed and configured my OpenVPN Server and the Windows Client.
The OpenVPN Server listens on the 1194 UDP Port, but in the Windows Client config file I've set the port 53 UDP since the corporate firewall of my company block almost all the port, but 53 UDP is open. So I'm try to connect to my VPN server in this way: from client I make this request IP_SERVER:53 in PREROUTING chain of server I've added a rule that redirect the incoming traffic of port 53 udp on port 1194 udp,that is the port where OpenVPN listen on.
When I try to connect I get this error: TLS Error: client->client or server->server connection attempted from [AF_INET]

Post here my config. Hope that someone can help me...

client.ovpn

Code: Select all

client
dev tun
proto udp
remote 51.255.210.231 53
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
comp-lzo
verb 5
server.conf

Code: Select all

port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh /etc/openvpn/rsa/keys/dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
comp-lzo
user nobody
persist-key
persist-tun
status openvpn-status.log
verb 3
firewall config

Code: Select all

# Generated by iptables-save v1.4.21 on Tue Jan 19 19:00:35 2016
*nat
:PREROUTING ACCEPT [239:33342]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [16:1196]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -i eth0 -p udp -m udp --dport 53 -j REDIRECT --to-ports 1194
-A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 22
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
COMMIT
# Completed on Tue Jan 19 19:00:35 2016
# Generated by iptables-save v1.4.21 on Tue Jan 19 19:00:35 2016
*filter
:INPUT DROP [4:128]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -i tun+ -j ACCEPT
-A INPUT -i eth0 -p tcp -m multiport --dports 22,443 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p udp -m multiport --dports 53,1194 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m multiport --sports 80,443 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 53 -j ACCEPT
-A FORWARD -i tun+ -j ACCEPT
-A FORWARD -i tun+ -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o tun+ -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m multiport --sports 22,443 -m state --state ESTABLISHED -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m multiport --dports 80,443 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m multiport --sports 53,1194 -m state --state ESTABLISHED -j ACCEPT
COMMIT
# Completed on Tue Jan 19 19:00:35 2016
client.log

Code: Select all

Tue Jan 19 19:30:46 2016 us=269466 Current Parameter Settings:
Tue Jan 19 19:30:46 2016 us=269466   config = 'client.ovpn'
Tue Jan 19 19:30:46 2016 us=269466   mode = 0
Tue Jan 19 19:30:46 2016 us=269466   show_ciphers = DISABLED
Tue Jan 19 19:30:46 2016 us=269466   show_digests = DISABLED
Tue Jan 19 19:30:46 2016 us=269466   show_engines = DISABLED
Tue Jan 19 19:30:46 2016 us=269466   genkey = DISABLED
Tue Jan 19 19:30:46 2016 us=269466   key_pass_file = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=269466   show_tls_ciphers = DISABLED
Tue Jan 19 19:30:46 2016 us=269466 Connection profiles [default]:
Tue Jan 19 19:30:46 2016 us=269466   proto = udp
Tue Jan 19 19:30:46 2016 us=269466   local = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=269466   local_port = 0
Tue Jan 19 19:30:46 2016 us=269466   remote = '51.255.210.231'
Tue Jan 19 19:30:46 2016 us=270466   remote_port = 53
Tue Jan 19 19:30:46 2016 us=270466   remote_float = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   bind_defined = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   bind_local = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   connect_retry_seconds = 5
Tue Jan 19 19:30:46 2016 us=270466   connect_timeout = 10
Tue Jan 19 19:30:46 2016 us=270466   connect_retry_max = 0
Tue Jan 19 19:30:46 2016 us=270466   socks_proxy_server = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   socks_proxy_port = 0
Tue Jan 19 19:30:46 2016 us=270466   socks_proxy_retry = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   tun_mtu = 1500
Tue Jan 19 19:30:46 2016 us=270466   tun_mtu_defined = ENABLED
Tue Jan 19 19:30:46 2016 us=270466   link_mtu = 1500
Tue Jan 19 19:30:46 2016 us=270466   link_mtu_defined = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   tun_mtu_extra = 0
Tue Jan 19 19:30:46 2016 us=270466   tun_mtu_extra_defined = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   mtu_discover_type = -1
Tue Jan 19 19:30:46 2016 us=270466   fragment = 0
Tue Jan 19 19:30:46 2016 us=270466   mssfix = 1450
Tue Jan 19 19:30:46 2016 us=270466   explicit_exit_notification = 0
Tue Jan 19 19:30:46 2016 us=270466 Connection profiles END
Tue Jan 19 19:30:46 2016 us=270466   remote_random = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   ipchange = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   dev = 'tun'
Tue Jan 19 19:30:46 2016 us=270466   dev_type = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   dev_node = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   lladdr = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   topology = 1
Tue Jan 19 19:30:46 2016 us=270466   tun_ipv6 = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   ifconfig_local = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   ifconfig_remote_netmask = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   ifconfig_noexec = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   ifconfig_nowarn = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   ifconfig_ipv6_local = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   ifconfig_ipv6_netbits = 0
Tue Jan 19 19:30:46 2016 us=270466   ifconfig_ipv6_remote = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   shaper = 0
Tue Jan 19 19:30:46 2016 us=270466   mtu_test = 0
Tue Jan 19 19:30:46 2016 us=270466   mlock = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   keepalive_ping = 0
Tue Jan 19 19:30:46 2016 us=270466   keepalive_timeout = 0
Tue Jan 19 19:30:46 2016 us=270466   inactivity_timeout = 0
Tue Jan 19 19:30:46 2016 us=270466   ping_send_timeout = 0
Tue Jan 19 19:30:46 2016 us=270466   ping_rec_timeout = 0
Tue Jan 19 19:30:46 2016 us=270466   ping_rec_timeout_action = 0
Tue Jan 19 19:30:46 2016 us=270466   ping_timer_remote = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   remap_sigusr1 = 0
Tue Jan 19 19:30:46 2016 us=270466   persist_tun = ENABLED
Tue Jan 19 19:30:46 2016 us=270466   persist_local_ip = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   persist_remote_ip = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   persist_key = ENABLED
Tue Jan 19 19:30:46 2016 us=270466   passtos = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   resolve_retry_seconds = 1000000000
Tue Jan 19 19:30:46 2016 us=270466   username = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   groupname = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   chroot_dir = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   cd_dir = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   writepid = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   up_script = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   down_script = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   down_pre = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   up_restart = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   up_delay = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   daemon = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   inetd = 0
Tue Jan 19 19:30:46 2016 us=270466   log = ENABLED
Tue Jan 19 19:30:46 2016 us=270466   suppress_timestamps = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   nice = 0
Tue Jan 19 19:30:46 2016 us=270466   verbosity = 5
Tue Jan 19 19:30:46 2016 us=270466   mute = 0
Tue Jan 19 19:30:46 2016 us=270466   gremlin = 0
Tue Jan 19 19:30:46 2016 us=270466   status_file = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   status_file_version = 1
Tue Jan 19 19:30:46 2016 us=270466   status_file_update_freq = 60
Tue Jan 19 19:30:46 2016 us=270466   occ = ENABLED
Tue Jan 19 19:30:46 2016 us=270466   rcvbuf = 0
Tue Jan 19 19:30:46 2016 us=270466   sndbuf = 0
Tue Jan 19 19:30:46 2016 us=270466   sockflags = 0
Tue Jan 19 19:30:46 2016 us=270466   fast_io = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   lzo = 7
Tue Jan 19 19:30:46 2016 us=270466   route_script = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   route_default_gateway = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   route_default_metric = 0
Tue Jan 19 19:30:46 2016 us=270466   route_noexec = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   route_delay = 5
Tue Jan 19 19:30:46 2016 us=270466   route_delay_window = 30
Tue Jan 19 19:30:46 2016 us=270466   route_delay_defined = ENABLED
Tue Jan 19 19:30:46 2016 us=270466   route_nopull = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   route_gateway_via_dhcp = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   max_routes = 100
Tue Jan 19 19:30:46 2016 us=270466   allow_pull_fqdn = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   management_addr = '127.0.0.1'
Tue Jan 19 19:30:46 2016 us=270466   management_port = 25340
Tue Jan 19 19:30:46 2016 us=270466   management_user_pass = 'stdin'
Tue Jan 19 19:30:46 2016 us=270466   management_log_history_cache = 250
Tue Jan 19 19:30:46 2016 us=270466   management_echo_buffer_size = 100
Tue Jan 19 19:30:46 2016 us=270466   management_write_peer_info_file = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   management_client_user = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   management_client_group = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   management_flags = 6
Tue Jan 19 19:30:46 2016 us=270466   shared_secret_file = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   key_direction = 0
Tue Jan 19 19:30:46 2016 us=270466   ciphername_defined = ENABLED
Tue Jan 19 19:30:46 2016 us=270466   ciphername = 'BF-CBC'
Tue Jan 19 19:30:46 2016 us=270466   authname_defined = ENABLED
Tue Jan 19 19:30:46 2016 us=270466   authname = 'SHA1'
Tue Jan 19 19:30:46 2016 us=270466   prng_hash = 'SHA1'
Tue Jan 19 19:30:46 2016 us=270466   prng_nonce_secret_len = 16
Tue Jan 19 19:30:46 2016 us=270466   keysize = 0
Tue Jan 19 19:30:46 2016 us=270466   engine = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   replay = ENABLED
Tue Jan 19 19:30:46 2016 us=270466   mute_replay_warnings = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   replay_window = 64
Tue Jan 19 19:30:46 2016 us=270466   replay_time = 15
Tue Jan 19 19:30:46 2016 us=270466   packet_id_file = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   use_iv = ENABLED
Tue Jan 19 19:30:46 2016 us=270466   test_crypto = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   tls_server = DISABLED
Tue Jan 19 19:30:46 2016 us=270466   tls_client = ENABLED
Tue Jan 19 19:30:46 2016 us=270466   key_method = 2
Tue Jan 19 19:30:46 2016 us=270466   ca_file = 'ca.crt'
Tue Jan 19 19:30:46 2016 us=270466   ca_path = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   dh_file = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   cert_file = 'client.crt'
Tue Jan 19 19:30:46 2016 us=270466   extra_certs_file = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   priv_key_file = 'client.key'
Tue Jan 19 19:30:46 2016 us=270466   pkcs12_file = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   cryptoapi_cert = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   cipher_list = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   tls_verify = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   tls_export_cert = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=270466   verify_x509_type = 0
Tue Jan 19 19:30:46 2016 us=271466   verify_x509_name = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=271466   crl_file = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=271466   ns_cert_type = 1
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_ku[i] = 0
Tue Jan 19 19:30:46 2016 us=271466   remote_cert_eku = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=271466   ssl_flags = 0
Tue Jan 19 19:30:46 2016 us=271466   tls_timeout = 2
Tue Jan 19 19:30:46 2016 us=271466   renegotiate_bytes = 0
Tue Jan 19 19:30:46 2016 us=271466   renegotiate_packets = 0
Tue Jan 19 19:30:46 2016 us=271466   renegotiate_seconds = 3600
Tue Jan 19 19:30:46 2016 us=271466   handshake_window = 60
Tue Jan 19 19:30:46 2016 us=271466   transition_window = 3600
Tue Jan 19 19:30:46 2016 us=271466   single_session = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   push_peer_info = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   tls_exit = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   tls_auth_file = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_protected_authentication = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_private_mode = 00000000
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_cert_private = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_pin_cache_period = -1
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_id = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=271466   pkcs11_id_management = DISABLED
Tue Jan 19 19:30:46 2016 us=271466   server_network = 0.0.0.0
Tue Jan 19 19:30:46 2016 us=271466   server_netmask = 0.0.0.0
Tue Jan 19 19:30:46 2016 us=273466   server_network_ipv6 = ::
Tue Jan 19 19:30:46 2016 us=273466   server_netbits_ipv6 = 0
Tue Jan 19 19:30:46 2016 us=273466   server_bridge_ip = 0.0.0.0
Tue Jan 19 19:30:46 2016 us=273466   server_bridge_netmask = 0.0.0.0
Tue Jan 19 19:30:46 2016 us=273466   server_bridge_pool_start = 0.0.0.0
Tue Jan 19 19:30:46 2016 us=273466   server_bridge_pool_end = 0.0.0.0
Tue Jan 19 19:30:46 2016 us=273466   ifconfig_pool_defined = DISABLED
Tue Jan 19 19:30:46 2016 us=273466   ifconfig_pool_start = 0.0.0.0
Tue Jan 19 19:30:46 2016 us=273466   ifconfig_pool_end = 0.0.0.0
Tue Jan 19 19:30:46 2016 us=273466   ifconfig_pool_netmask = 0.0.0.0
Tue Jan 19 19:30:46 2016 us=273466   ifconfig_pool_persist_filename = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=273466   ifconfig_pool_persist_refresh_freq = 600
Tue Jan 19 19:30:46 2016 us=273466   ifconfig_ipv6_pool_defined = DISABLED
Tue Jan 19 19:30:46 2016 us=273466   ifconfig_ipv6_pool_base = ::
Tue Jan 19 19:30:46 2016 us=273466   ifconfig_ipv6_pool_netbits = 0
Tue Jan 19 19:30:46 2016 us=273466   n_bcast_buf = 256
Tue Jan 19 19:30:46 2016 us=273466   tcp_queue_limit = 64
Tue Jan 19 19:30:46 2016 us=273466   real_hash_size = 256
Tue Jan 19 19:30:46 2016 us=273466   virtual_hash_size = 256
Tue Jan 19 19:30:46 2016 us=273466   client_connect_script = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=273466   learn_address_script = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=273466   client_disconnect_script = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=273466   client_config_dir = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=273466   ccd_exclusive = DISABLED
Tue Jan 19 19:30:46 2016 us=273466   tmp_dir = 'C:\Users\LORENZ~1.BIO\AppData\Local\Temp\'
Tue Jan 19 19:30:46 2016 us=273466   push_ifconfig_defined = DISABLED
Tue Jan 19 19:30:46 2016 us=273466   push_ifconfig_local = 0.0.0.0
Tue Jan 19 19:30:46 2016 us=273466   push_ifconfig_remote_netmask = 0.0.0.0
Tue Jan 19 19:30:46 2016 us=273466   push_ifconfig_ipv6_defined = DISABLED
Tue Jan 19 19:30:46 2016 us=273466   push_ifconfig_ipv6_local = ::/0
Tue Jan 19 19:30:46 2016 us=273466   push_ifconfig_ipv6_remote = ::
Tue Jan 19 19:30:46 2016 us=274466   enable_c2c = DISABLED
Tue Jan 19 19:30:46 2016 us=274466   duplicate_cn = DISABLED
Tue Jan 19 19:30:46 2016 us=274466   cf_max = 0
Tue Jan 19 19:30:46 2016 us=274466   cf_per = 0
Tue Jan 19 19:30:46 2016 us=274466   max_clients = 1024
Tue Jan 19 19:30:46 2016 us=274466   max_routes_per_client = 256
Tue Jan 19 19:30:46 2016 us=274466   auth_user_pass_verify_script = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=274466   auth_user_pass_verify_script_via_file = DISABLED
Tue Jan 19 19:30:46 2016 us=274466   client = ENABLED
Tue Jan 19 19:30:46 2016 us=274466   pull = ENABLED
Tue Jan 19 19:30:46 2016 us=274466   auth_user_pass_file = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=274466   show_net_up = DISABLED
Tue Jan 19 19:30:46 2016 us=274466   route_method = 0
Tue Jan 19 19:30:46 2016 us=274466   block_outside_dns = DISABLED
Tue Jan 19 19:30:46 2016 us=274466   ip_win32_defined = DISABLED
Tue Jan 19 19:30:46 2016 us=274466   ip_win32_type = 3
Tue Jan 19 19:30:46 2016 us=274466   dhcp_masq_offset = 0
Tue Jan 19 19:30:46 2016 us=274466   dhcp_lease_time = 31536000
Tue Jan 19 19:30:46 2016 us=274466   tap_sleep = 0
Tue Jan 19 19:30:46 2016 us=274466   dhcp_options = DISABLED
Tue Jan 19 19:30:46 2016 us=274466   dhcp_renew = DISABLED
Tue Jan 19 19:30:46 2016 us=274466   dhcp_pre_release = DISABLED
Tue Jan 19 19:30:46 2016 us=274466   dhcp_release = DISABLED
Tue Jan 19 19:30:46 2016 us=274466   domain = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=274466   netbios_scope = '[UNDEF]'
Tue Jan 19 19:30:46 2016 us=274466   netbios_node_type = 0
Tue Jan 19 19:30:46 2016 us=274466   disable_nbt = DISABLED
Tue Jan 19 19:30:46 2016 us=274466 OpenVPN 2.3.10 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Jan  4 2016
Tue Jan 19 19:30:46 2016 us=274466 Windows version 6.1 (Windows 7)
Tue Jan 19 19:30:46 2016 us=274466 library versions: OpenSSL 1.0.1q 3 Dec 2015, LZO 2.09
Enter Management Password:
Tue Jan 19 19:30:46 2016 us=280467 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Jan 19 19:30:46 2016 us=280467 Need hold release from management interface, waiting...
Tue Jan 19 19:30:46 2016 us=722511 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Jan 19 19:30:46 2016 us=823521 MANAGEMENT: CMD 'state on'
Tue Jan 19 19:30:46 2016 us=824521 MANAGEMENT: CMD 'log all on'
Tue Jan 19 19:30:46 2016 us=988538 MANAGEMENT: CMD 'hold off'
Tue Jan 19 19:30:46 2016 us=989538 MANAGEMENT: CMD 'hold release'
Tue Jan 19 19:30:47 2016 us=177557 LZO compression initialized
Tue Jan 19 19:30:47 2016 us=178557 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Jan 19 19:30:47 2016 us=178557 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Jan 19 19:30:47 2016 us=178557 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Tue Jan 19 19:30:47 2016 us=178557 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Jan 19 19:30:47 2016 us=178557 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Jan 19 19:30:47 2016 us=178557 Local Options hash (VER=V4): '41690919'
Tue Jan 19 19:30:47 2016 us=178557 Expected Remote Options hash (VER=V4): '530fdded'
Tue Jan 19 19:30:47 2016 us=178557 UDPv4 link local: [undef]
Tue Jan 19 19:30:47 2016 us=178557 UDPv4 link remote: [AF_INET]51.255.210.231:53
Tue Jan 19 19:30:47 2016 us=178557 MANAGEMENT: >STATE:1453228247,WAIT,,,
Tue Jan 19 19:31:47 2016 us=258564 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jan 19 19:31:47 2016 us=258564 TLS Error: TLS handshake failed
Tue Jan 19 19:31:47 2016 us=259564 TCP/UDP: Closing socket
Tue Jan 19 19:31:47 2016 us=259564 SIGUSR1[soft,tls-error] received, process restarting
Tue Jan 19 19:31:47 2016 us=259564 MANAGEMENT: >STATE:1453228307,RECONNECTING,tls-error,,
Tue Jan 19 19:31:47 2016 us=259564 Restart pause, 2 second(s)
Tue Jan 19 19:31:49 2016 us=260764 Re-using SSL/TLS context
Tue Jan 19 19:31:49 2016 us=261764 LZO compression initialized
Tue Jan 19 19:31:49 2016 us=262764 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Jan 19 19:31:49 2016 us=263765 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Jan 19 19:31:49 2016 us=264765 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Tue Jan 19 19:31:49 2016 us=264765 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Jan 19 19:31:49 2016 us=265765 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Jan 19 19:31:49 2016 us=265765 Local Options hash (VER=V4): '41690919'
Tue Jan 19 19:31:49 2016 us=265765 Expected Remote Options hash (VER=V4): '530fdded'
Tue Jan 19 19:31:49 2016 us=265765 UDPv4 link local: [undef]
Tue Jan 19 19:31:49 2016 us=265765 UDPv4 link remote: [AF_INET]51.255.210.231:53
Tue Jan 19 19:31:49 2016 us=265765 MANAGEMENT: >STATE:1453228309,WAIT,,,
Tue Jan 19 19:31:49 2016 us=324771 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:31:51 2016 us=649003 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:31:55 2016 us=103348 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:32:03 2016 us=115150 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:32:19 2016 us=122750 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:32:49 2016 us=951833 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jan 19 19:32:49 2016 us=951833 TLS Error: TLS handshake failed
Tue Jan 19 19:32:49 2016 us=951833 TCP/UDP: Closing socket
Tue Jan 19 19:32:49 2016 us=952833 SIGUSR1[soft,tls-error] received, process restarting
Tue Jan 19 19:32:49 2016 us=952833 MANAGEMENT: >STATE:1453228369,RECONNECTING,tls-error,,
Tue Jan 19 19:32:49 2016 us=952833 Restart pause, 2 second(s)
Tue Jan 19 19:32:51 2016 us=953033 Re-using SSL/TLS context
Tue Jan 19 19:32:51 2016 us=953033 LZO compression initialized
Tue Jan 19 19:32:51 2016 us=953033 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Jan 19 19:32:51 2016 us=954033 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Jan 19 19:32:51 2016 us=954033 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Tue Jan 19 19:32:51 2016 us=954033 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Jan 19 19:32:51 2016 us=954033 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Jan 19 19:32:51 2016 us=954033 Local Options hash (VER=V4): '41690919'
Tue Jan 19 19:32:51 2016 us=954033 Expected Remote Options hash (VER=V4): '530fdded'
Tue Jan 19 19:32:51 2016 us=954033 UDPv4 link local: [undef]
Tue Jan 19 19:32:51 2016 us=954033 UDPv4 link remote: [AF_INET]51.255.210.231:53
Tue Jan 19 19:32:51 2016 us=954033 MANAGEMENT: >STATE:1453228371,WAIT,,,
Tue Jan 19 19:32:52 2016 us=574095 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:32:53 2016 us=785216 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:32:57 2016 us=300568 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:33:05 2016 us=65344 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:33:21 2016 us=297967 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:33:52 2016 us=37 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jan 19 19:33:52 2016 us=37 TLS Error: TLS handshake failed
Tue Jan 19 19:33:52 2016 us=37 TCP/UDP: Closing socket
Tue Jan 19 19:33:52 2016 us=37 SIGUSR1[soft,tls-error] received, process restarting
Tue Jan 19 19:33:52 2016 us=37 MANAGEMENT: >STATE:1453228432,RECONNECTING,tls-error,,
Tue Jan 19 19:33:52 2016 us=37 Restart pause, 2 second(s)
Tue Jan 19 19:33:54 2016 us=237 Re-using SSL/TLS context
Tue Jan 19 19:33:54 2016 us=237 LZO compression initialized
Tue Jan 19 19:33:54 2016 us=237 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Jan 19 19:33:54 2016 us=237 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Jan 19 19:33:54 2016 us=237 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Tue Jan 19 19:33:54 2016 us=237 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Jan 19 19:33:54 2016 us=1237 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Jan 19 19:33:54 2016 us=1237 Local Options hash (VER=V4): '41690919'
Tue Jan 19 19:33:54 2016 us=1237 Expected Remote Options hash (VER=V4): '530fdded'
Tue Jan 19 19:33:54 2016 us=1237 UDPv4 link local: [undef]
Tue Jan 19 19:33:54 2016 us=1237 UDPv4 link remote: [AF_INET]51.255.210.231:53
Tue Jan 19 19:33:54 2016 us=1237 MANAGEMENT: >STATE:1453228434,WAIT,,,
Tue Jan 19 19:34:55 2016 us=28339 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jan 19 19:34:55 2016 us=28339 TLS Error: TLS handshake failed
Tue Jan 19 19:34:55 2016 us=28339 TCP/UDP: Closing socket
Tue Jan 19 19:34:55 2016 us=29339 SIGUSR1[soft,tls-error] received, process restarting
Tue Jan 19 19:34:55 2016 us=29339 MANAGEMENT: >STATE:1453228495,RECONNECTING,tls-error,,
Tue Jan 19 19:34:55 2016 us=29339 Restart pause, 2 second(s)
Tue Jan 19 19:34:57 2016 us=29539 Re-using SSL/TLS context
Tue Jan 19 19:34:57 2016 us=29539 LZO compression initialized
Tue Jan 19 19:34:57 2016 us=29539 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Jan 19 19:34:57 2016 us=30539 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Jan 19 19:34:57 2016 us=30539 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Tue Jan 19 19:34:57 2016 us=30539 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Jan 19 19:34:57 2016 us=30539 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Jan 19 19:34:57 2016 us=30539 Local Options hash (VER=V4): '41690919'
Tue Jan 19 19:34:57 2016 us=30539 Expected Remote Options hash (VER=V4): '530fdded'
Tue Jan 19 19:34:57 2016 us=30539 UDPv4 link local: [undef]
Tue Jan 19 19:34:57 2016 us=30539 UDPv4 link remote: [AF_INET]51.255.210.231:53
Tue Jan 19 19:34:57 2016 us=30539 MANAGEMENT: >STATE:1453228497,WAIT,,,
Tue Jan 19 19:34:57 2016 us=85545 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:34:59 2016 us=525789 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:35:03 2016 us=124149 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:35:11 2016 us=589995 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:35:27 2016 us=820618 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:35:57 2016 us=920628 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jan 19 19:35:57 2016 us=920628 TLS Error: TLS handshake failed
Tue Jan 19 19:35:57 2016 us=921628 TCP/UDP: Closing socket
Tue Jan 19 19:35:57 2016 us=921628 SIGUSR1[soft,tls-error] received, process restarting
Tue Jan 19 19:35:57 2016 us=921628 MANAGEMENT: >STATE:1453228557,RECONNECTING,tls-error,,
Tue Jan 19 19:35:57 2016 us=921628 Restart pause, 2 second(s)
Tue Jan 19 19:35:59 2016 us=921828 Re-using SSL/TLS context
Tue Jan 19 19:35:59 2016 us=921828 LZO compression initialized
Tue Jan 19 19:35:59 2016 us=921828 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Jan 19 19:35:59 2016 us=922828 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Jan 19 19:35:59 2016 us=922828 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Tue Jan 19 19:35:59 2016 us=922828 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Jan 19 19:35:59 2016 us=922828 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Jan 19 19:35:59 2016 us=922828 Local Options hash (VER=V4): '41690919'
Tue Jan 19 19:35:59 2016 us=922828 Expected Remote Options hash (VER=V4): '530fdded'
Tue Jan 19 19:35:59 2016 us=922828 UDPv4 link local: [undef]
Tue Jan 19 19:35:59 2016 us=922828 UDPv4 link remote: [AF_INET]51.255.210.231:53
Tue Jan 19 19:35:59 2016 us=922828 MANAGEMENT: >STATE:1453228559,WAIT,,,
Tue Jan 19 19:35:59 2016 us=974833 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:36:01 2016 us=157951 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:36:05 2016 us=794415 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Tue Jan 19 19:36:13 2016 us=661202 TLS Error: client->client or server->server connection attempted from [AF_INET]51.255.210.231:53
Thank you :)

johncarter
OpenVpn Newbie
Posts: 3
Joined: Wed Jan 13, 2016 5:05 pm

Re: TLS Error: client->client or server->server connection a

Post by johncarter » Thu Jan 21, 2016 12:40 am

There wasn't any error in confiuration files.
Strangely I've rebooted the machine and now all it works...

User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: TLS Error: client->client or server->server connection a

Post by Traffic » Wed Jan 27, 2016 1:58 pm

It is annoying when things like this happen .. but thanks for letting us know your solution 8-)

Locked