MANAGEMENT: >STATE:1490142029,WAIT,,,

[plantronics]

Hello,

I have installed a vpn with openvpn on a debian which serves me as server and I have a windows that serves me as client.

On windows i get this log :

Code: Select all

Wed Mar 22 04:20:28 2017 NOTE: --user option is not implemented on Windows
Wed Mar 22 04:20:28 2017 NOTE: --group option is not implemented on Windows
Wed Mar 22 04:20:28 2017 OpenVPN 2.3.14 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Feb  1 2017
Wed Mar 22 04:20:28 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Mar 22 04:20:28 2017 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.09
Wed Mar 22 04:20:28 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Mar 22 04:20:28 2017 Need hold release from management interface, waiting...
Wed Mar 22 04:20:29 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Mar 22 04:20:29 2017 MANAGEMENT: CMD 'state on'
Wed Mar 22 04:20:29 2017 MANAGEMENT: CMD 'log all on'
Wed Mar 22 04:20:29 2017 MANAGEMENT: CMD 'hold off'
Wed Mar 22 04:20:29 2017 MANAGEMENT: CMD 'hold release'
Wed Mar 22 04:20:29 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Mar 22 04:20:29 2017 UDPv4 link local: [undef]
Wed Mar 22 04:20:29 2017 UDPv4 link remote: [AF_INET] 192.168.5.5:443
Wed Mar 22 04:20:29 2017 MANAGEMENT: >STATE:1490142029,WAIT,,,

I put its files in the folder C:\Program Files\OpenVPN\config : client.crt, client.key, client.ovpn, ca.crt

On debian I have successfully installed openvpn

service openvpn status

Code: Select all

Activate: active (exited)
starting openvpn service...
started openvpn serivce...

server.conf

Code: Select all

port 443
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key 
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3

i added this in the file /etc/ufw/before.rules

Code: Select all

# START OPENVPN RULES
# NAT table rules
*nat
: POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to eth0
-A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE
COMMIT
# END OPENVPN RULES

I typed these commands :
ufw allow 443/udp
ufw status

Code: Select all

To Action From
22 ALLOW Anywhere
443/udp ALLOW Anywhere
22 (v6) ALLOW Anywhere (v6)
443/udp (v6) ALLOW Anywhere (v6)

client.ovpn

Code: Select all

client
dev tun
proto udp
remote 192.168.5.5:443
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
comp-lzo
verb 3

On debian when i do netstat -uap | grep 'openvpn' : return nothing, i think port 443 is not open

[GeeksWithGlasses]

Hi Plantronic,
Hopefully you have this sorted being quite a delay in any response.

You had a misconfiguration in Server/Client configuration with using port 443 proto udp.

For future readers port 443 used for https (TCP) is configured however recommendation should be to use protocol (UDP) with port 1194. Server/Client config should be using (UDP) which is port 1194 instead of 443 and firewall rules changed to suit.

Regards,

Mark

[TinCanTech]

OpenVPN can use any port or protocol that you like.

There is no error to use UDP 443.

The details above only show a partial snippet of the client log which is not sufficient to diagnose what-ever issue this was back in 2017.

And now nobody cares ..