Window 7 TLS issue

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
jlg89
OpenVpn Newbie
Posts: 16
Joined: Sat Aug 14, 2010 2:20 pm

Window 7 TLS issue

Post by jlg89 » Sat Aug 14, 2010 5:23 pm

I have a working OpenVPN 2.1.1 server running on Mac OS X Server 10.5.8. No problems connecting from various clients, including Mac OS X 10.5/10.6, WinXP, iPhone, etc.

I cannot, however, get OpenVPN Client 2.1.1 on Windows 7 to connect. I have set OpenVPN Client to run as administrator, and added OpenVPN Client to the list of apps allowed through the firewall.

Any ideas, suggestions, encouragement, and even disparaging but helpful comments, would be gratefully appreciated.

Server config:
(Note: A second OpenVPN instance is running with identical config except that it uses "proto tcp" and "port 443"; both instances are defined on the client)

Code: Select all

local [server ip]
port 1194
proto udp
dev tun
ca cert/ca.crt
cert cert/server.crt
key cert/server.key  # This file should be kept secret
dh cert/dh2048.pem
server 10.0.88.0 255.255.255.0
push "redirect-gateway"
push "dhcp-option DNS 10.0.88.1"
keepalive 10 120
tls-auth cert/ta.key 0  # This file is secret
comp-lzo
max-clients 20
user nobody
group nobody
persist-key
persist-tun
status openvpn3-status.log
verb 4
mute 10
client-config-dir /usr/local/etc/openvpn/clients
Client config:

Code: Select all

client
dev tun

<connection>
remote 69.39.49.201 1194 udp
</connection>

<connection>
remote 69.39.49.201 443 tcp
</connection> 

resolv-retry infinite
nobind
persist-key
persist-tun

<ca>
[ca cert]
</ca>

<cert>
[valid cert, works on all other platforms]
</cert>

<key>
[valid private key, works on all other platforms]
</key>

<tls-auth>
[tls key, verified that it matches the server key]
</tls-auth>

ns-cert-type server
comp-lzo
verb 6
#mute 10

Server log:

Sat Aug 14 12:05:09 2010 us=836268 Authenticate/Decrypt packet error: packet HMAC authentication failed
Sat Aug 14 12:05:09 2010 us=836360 TLS Error: incoming packet authentication failed from 75.109.159.167:1194
Sat Aug 14 12:05:11 2010 us=868569 Authenticate/Decrypt packet error: packet HMAC authentication failed
Sat Aug 14 12:05:11 2010 us=868648 TLS Error: incoming packet authentication failed from 75.109.159.167:1194
Sat Aug 14 12:05:15 2010 us=880825 Authenticate/Decrypt packet error: packet HMAC authentication failed
Sat Aug 14 12:05:15 2010 us=880920 TLS Error: incoming packet authentication failed from 75.109.159.167:1194
Sat Aug 14 12:05:24 2010 us=303989 Authenticate/Decrypt packet error: packet HMAC authentication failed
Sat Aug 14 12:05:24 2010 us=304101 TLS Error: incoming packet authentication failed from 75.109.159.167:1194
Sat Aug 14 12:05:40 2010 us=655254 Authenticate/Decrypt packet error: packet HMAC authentication failed
Sat Aug 14 12:05:40 2010 us=655319 TLS Error: incoming packet authentication failed from 75.109.159.167:1194
Sat Aug 14 12:06:11 2010 us=945857 MULTI: multi_create_instance called
Sat Aug 14 12:06:11 2010 us=946091 Re-using SSL/TLS context
Sat Aug 14 12:06:11 2010 us=946142 LZO compression initialized
Sat Aug 14 12:06:11 2010 us=946286 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ]
Sat Aug 14 12:06:11 2010 us=946411 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Aug 14 12:06:11 2010 us=946494 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Sat Aug 14 12:06:11 2010 us=946514 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Sat Aug 14 12:06:11 2010 us=946552 Local Options hash (VER=V4): 'bd577cd1'
Sat Aug 14 12:06:11 2010 us=946589 Expected Remote Options hash (VER=V4): 'ee93268d'
Sat Aug 14 12:06:11 2010 us=946691 TCP connection established with 75.109.159.167:13080
Sat Aug 14 12:06:11 2010 us=946751 Socket Buffers: R=[66608->65536] S=[66608->65536]
Sat Aug 14 12:06:11 2010 us=946786 TCPv4_SERVER link local: [undef]
Sat Aug 14 12:06:11 2010 us=946808 TCPv4_SERVER link remote: 75.109.159.167:13080
Sat Aug 14 12:06:11 2010 us=969972 75.109.159.167:13080 TLS: Initial packet from 75.109.159.167:13080, sid=0e9ded09 f8fb3630
Sat Aug 14 12:06:11 2010 us=970050 75.109.159.167:13080 Authenticate/Decrypt packet error: packet HMAC authentication failed
Sat Aug 14 12:06:11 2010 us=970136 75.109.159.167:13080 TLS Error: incoming packet authentication failed from 75.109.159.167:13080
Sat Aug 14 12:06:11 2010 us=970204 75.109.159.167:13080 Fatal TLS error (check_tls_errors_co), restarting
Sat Aug 14 12:06:11 2010 us=970237 75.109.159.167:13080 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Aug 14 12:06:11 2010 us=970458 TCP/UDP: Closing socket

Client log:

Sat Aug 14 12:05:04 2010 us=453000 Current Parameter Settings:
Sat Aug 14 12:05:04 2010 us=453000 config = 'stdin'
Sat Aug 14 12:05:04 2010 us=468000 mode = 0
Sat Aug 14 12:05:04 2010 us=468000 show_ciphers = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 show_digests = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 show_engines = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 genkey = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 key_pass_file = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 show_tls_ciphers = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 Connection profiles [default]:
Sat Aug 14 12:05:04 2010 us=468000 proto = udp
Sat Aug 14 12:05:04 2010 us=468000 local = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 local_port = 1194
Sat Aug 14 12:05:04 2010 us=468000 remote = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 remote_port = 1194
Sat Aug 14 12:05:04 2010 us=468000 remote_float = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 bind_defined = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 bind_local = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 connect_retry_seconds = 5
Sat Aug 14 12:05:04 2010 us=468000 connect_timeout = 10
Sat Aug 14 12:05:04 2010 us=468000 connect_retry_max = 0
Sat Aug 14 12:05:04 2010 us=468000 socks_proxy_server = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 socks_proxy_port = 0
Sat Aug 14 12:05:04 2010 us=468000 socks_proxy_retry = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 Connection profiles [0]:
Sat Aug 14 12:05:04 2010 us=468000 proto = udp
Sat Aug 14 12:05:04 2010 us=468000 local = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 local_port = 1194
Sat Aug 14 12:05:04 2010 us=468000 remote = '[server ip]'
Sat Aug 14 12:05:04 2010 us=468000 remote_port = 1194
Sat Aug 14 12:05:04 2010 us=468000 remote_float = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 bind_defined = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 bind_local = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 connect_retry_seconds = 5
Sat Aug 14 12:05:04 2010 us=468000 connect_timeout = 10
Sat Aug 14 12:05:04 2010 us=468000 connect_retry_max = 0
Sat Aug 14 12:05:04 2010 us=468000 socks_proxy_server = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 socks_proxy_port = 0
Sat Aug 14 12:05:04 2010 us=468000 socks_proxy_retry = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 Connection profiles [1]:
Sat Aug 14 12:05:04 2010 us=468000 proto = tcp-client
Sat Aug 14 12:05:04 2010 us=468000 local = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 local_port = 0
Sat Aug 14 12:05:04 2010 us=468000 remote = '[server ip]'
Sat Aug 14 12:05:04 2010 us=468000 remote_port = 443
Sat Aug 14 12:05:04 2010 us=468000 remote_float = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 bind_defined = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 bind_local = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 connect_retry_seconds = 5
Sat Aug 14 12:05:04 2010 us=468000 connect_timeout = 10
Sat Aug 14 12:05:04 2010 us=468000 connect_retry_max = 0
Sat Aug 14 12:05:04 2010 us=468000 socks_proxy_server = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 socks_proxy_port = 0
Sat Aug 14 12:05:04 2010 us=468000 socks_proxy_retry = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 Connection profiles [2]:
Sat Aug 14 12:05:04 2010 us=468000 proto = tcp-client
Sat Aug 14 12:05:04 2010 us=468000 local = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 local_port = 0
Sat Aug 14 12:05:04 2010 us=468000 remote = '[server ip]'
Sat Aug 14 12:05:04 2010 us=468000 remote_port = 443
Sat Aug 14 12:05:04 2010 us=468000 remote_float = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 bind_defined = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 bind_local = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 connect_retry_seconds = 5
Sat Aug 14 12:05:04 2010 us=468000 connect_timeout = 10
Sat Aug 14 12:05:04 2010 us=468000 connect_retry_max = 0
Sat Aug 14 12:05:04 2010 us=468000 socks_proxy_server = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 socks_proxy_port = 0
Sat Aug 14 12:05:04 2010 us=468000 socks_proxy_retry = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 Connection profiles END
Sat Aug 14 12:05:04 2010 us=468000 remote_random = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 ipchange = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 dev = 'tun'
Sat Aug 14 12:05:04 2010 us=468000 dev_type = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 dev_node = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 lladdr = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 topology = 1
Sat Aug 14 12:05:04 2010 us=468000 tun_ipv6 = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 ifconfig_local = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 ifconfig_remote_netmask = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 ifconfig_noexec = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 ifconfig_nowarn = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 shaper = 0
Sat Aug 14 12:05:04 2010 us=468000 tun_mtu = 1500
Sat Aug 14 12:05:04 2010 us=468000 tun_mtu_defined = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 link_mtu = 1500
Sat Aug 14 12:05:04 2010 us=468000 link_mtu_defined = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 tun_mtu_extra = 0
Sat Aug 14 12:05:04 2010 us=468000 tun_mtu_extra_defined = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 fragment = 0
Sat Aug 14 12:05:04 2010 us=468000 mtu_discover_type = -1
Sat Aug 14 12:05:04 2010 us=468000 mtu_test = 0
Sat Aug 14 12:05:04 2010 us=468000 mlock = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 keepalive_ping = 0
Sat Aug 14 12:05:04 2010 us=468000 keepalive_timeout = 0
Sat Aug 14 12:05:04 2010 us=468000 inactivity_timeout = 0
Sat Aug 14 12:05:04 2010 us=468000 ping_send_timeout = 0
Sat Aug 14 12:05:04 2010 us=468000 ping_rec_timeout = 0
Sat Aug 14 12:05:04 2010 us=468000 ping_rec_timeout_action = 0
Sat Aug 14 12:05:04 2010 us=468000 ping_timer_remote = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 remap_sigusr1 = 0
Sat Aug 14 12:05:04 2010 us=468000 explicit_exit_notification = 0
Sat Aug 14 12:05:04 2010 us=468000 persist_tun = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 persist_local_ip = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 persist_remote_ip = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 persist_key = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 mssfix = 1450
Sat Aug 14 12:05:04 2010 us=468000 resolve_retry_seconds = 1000000000
Sat Aug 14 12:05:04 2010 us=468000 username = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 groupname = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 chroot_dir = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 cd_dir = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 writepid = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 up_script = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 down_script = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 down_pre = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 up_restart = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 up_delay = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 daemon = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 inetd = 0
Sat Aug 14 12:05:04 2010 us=468000 log = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 suppress_timestamps = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 nice = 0
Sat Aug 14 12:05:04 2010 us=468000 verbosity = 6
Sat Aug 14 12:05:04 2010 us=468000 mute = 0
Sat Aug 14 12:05:04 2010 us=468000 gremlin = 0
Sat Aug 14 12:05:04 2010 us=468000 status_file = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 status_file_version = 1
Sat Aug 14 12:05:04 2010 us=468000 status_file_update_freq = 60
Sat Aug 14 12:05:04 2010 us=468000 occ = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 rcvbuf = 0
Sat Aug 14 12:05:04 2010 us=468000 sndbuf = 0
Sat Aug 14 12:05:04 2010 us=468000 sockflags = 0
Sat Aug 14 12:05:04 2010 us=468000 fast_io = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 lzo = 7
Sat Aug 14 12:05:04 2010 us=468000 route_script = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 route_default_gateway = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 route_default_metric = 0
Sat Aug 14 12:05:04 2010 us=468000 route_noexec = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 route_delay = 5
Sat Aug 14 12:05:04 2010 us=468000 route_delay_window = 30
Sat Aug 14 12:05:04 2010 us=468000 route_delay_defined = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 route_nopull = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 route_gateway_via_dhcp = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 max_routes = 100
Sat Aug 14 12:05:04 2010 us=468000 allow_pull_fqdn = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 management_addr = '127.0.0.1'
Sat Aug 14 12:05:04 2010 us=468000 management_port = 58568
Sat Aug 14 12:05:04 2010 us=468000 management_user_pass = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 management_log_history_cache = 250
Sat Aug 14 12:05:04 2010 us=468000 management_echo_buffer_size = 100
Sat Aug 14 12:05:04 2010 us=468000 management_write_peer_info_file = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 management_client_user = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 management_client_group = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 management_flags = 38
Sat Aug 14 12:05:04 2010 us=468000 shared_secret_file = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 key_direction = 0
Sat Aug 14 12:05:04 2010 us=468000 ciphername_defined = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 ciphername = 'BF-CBC'
Sat Aug 14 12:05:04 2010 us=468000 authname_defined = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 authname = 'SHA1'
Sat Aug 14 12:05:04 2010 us=468000 prng_hash = 'SHA1'
Sat Aug 14 12:05:04 2010 us=468000 prng_nonce_secret_len = 16
Sat Aug 14 12:05:04 2010 us=468000 keysize = 0
Sat Aug 14 12:05:04 2010 us=468000 engine = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 replay = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 mute_replay_warnings = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 replay_window = 64
Sat Aug 14 12:05:04 2010 us=468000 replay_time = 15
Sat Aug 14 12:05:04 2010 us=468000 packet_id_file = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 use_iv = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 test_crypto = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 tls_server = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 tls_client = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 key_method = 2
Sat Aug 14 12:05:04 2010 us=468000 ca_file = '[[INLINE]]'
Sat Aug 14 12:05:04 2010 us=468000 ca_path = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 dh_file = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 cert_file = '[[INLINE]]'
Sat Aug 14 12:05:04 2010 us=468000 priv_key_file = '[[INLINE]]'
Sat Aug 14 12:05:04 2010 us=468000 pkcs12_file = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 cryptoapi_cert = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 cipher_list = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 tls_verify = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 tls_remote = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 crl_file = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 ns_cert_type = 64
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku[i] = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku[i] = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku[i] = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku[i] = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku[i] = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_ku[i] = 0
Sat Aug 14 12:05:04 2010 us=468000 remote_cert_eku = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 tls_timeout = 2
Sat Aug 14 12:05:04 2010 us=468000 renegotiate_bytes = 0
Sat Aug 14 12:05:04 2010 us=468000 renegotiate_packets = 0
Sat Aug 14 12:05:04 2010 us=468000 renegotiate_seconds = 3600
Sat Aug 14 12:05:04 2010 us=468000 handshake_window = 60
Sat Aug 14 12:05:04 2010 us=468000 transition_window = 3600
Sat Aug 14 12:05:04 2010 us=468000 single_session = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 push_peer_info = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 tls_exit = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 tls_auth_file = '[[INLINE]]'
Sat Aug 14 12:05:04 2010 us=468000 client = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 pull = ENABLED
Sat Aug 14 12:05:04 2010 us=468000 auth_user_pass_file = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 show_net_up = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 route_method = 0
Sat Aug 14 12:05:04 2010 us=468000 ip_win32_defined = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 ip_win32_type = 3
Sat Aug 14 12:05:04 2010 us=468000 dhcp_masq_offset = 0
Sat Aug 14 12:05:04 2010 us=468000 dhcp_lease_time = 31536000
Sat Aug 14 12:05:04 2010 us=468000 tap_sleep = 0
Sat Aug 14 12:05:04 2010 us=468000 dhcp_options = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 dhcp_renew = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 dhcp_pre_release = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 dhcp_release = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 domain = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 netbios_scope = '[UNDEF]'
Sat Aug 14 12:05:04 2010 us=468000 netbios_node_type = 0
Sat Aug 14 12:05:04 2010 us=468000 disable_nbt = DISABLED
Sat Aug 14 12:05:04 2010 us=468000 OpenVPNAS 2.1.1oOAS Win32-MSVC++ [SSL] [LZO2] built on Jul 29 2010
Sat Aug 14 12:05:04 2010 us=500000 MANAGEMENT: Connected to management server at 127.0.0.1:58568
Sat Aug 14 12:05:04 2010 us=515000 MANAGEMENT: CMD 'log on'
Sat Aug 14 12:05:04 2010 us=515000 MANAGEMENT: CMD 'state on'
Sat Aug 14 12:05:04 2010 us=515000 MANAGEMENT: CMD 'echo on'
Sat Aug 14 12:05:04 2010 us=515000 MANAGEMENT: CMD 'bytecount 5'
Sat Aug 14 12:05:04 2010 us=515000 MANAGEMENT: CMD 'hold off'
Sat Aug 14 12:05:04 2010 us=515000 MANAGEMENT: CMD 'hold release'
Sat Aug 14 12:05:04 2010 us=515000 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Sat Aug 14 12:05:04 2010 us=515000 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Aug 14 12:05:05 2010 Control Channel Authentication: tls-auth using INLINE static key file
Sat Aug 14 12:05:05 2010 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Aug 14 12:05:05 2010 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Aug 14 12:05:05 2010 LZO compression initialized
Sat Aug 14 12:05:05 2010 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Sat Aug 14 12:05:05 2010 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Aug 14 12:05:05 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Aug 14 12:05:05 2010 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Sat Aug 14 12:05:05 2010 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Sat Aug 14 12:05:05 2010 Local Options hash (VER=V4): '02af3434'
Sat Aug 14 12:05:05 2010 Expected Remote Options hash (VER=V4): '3f08d474'
Sat Aug 14 12:05:05 2010 UDPv4 link local (bound): [undef]:1194
Sat Aug 14 12:05:05 2010 UDPv4 link remote: [server ip]:1194
Sat Aug 14 12:05:05 2010 MANAGEMENT: >STATE:1281805505,WAIT,,,
Sat Aug 14 12:05:05 2010 UDPv4 WRITE [42] to [server ip]:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Sat Aug 14 12:05:07 2010 us=31000 UDPv4 WRITE [42] to [server ip]:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Sat Aug 14 12:05:11 2010 us=93000 UDPv4 WRITE [42] to [server ip]:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #3 ] [ ] pid=0 DATA len=0
Sat Aug 14 12:05:19 2010 us=468000 UDPv4 WRITE [42] to [server ip]:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #4 ] [ ] pid=0 DATA len=0
Sat Aug 14 12:05:35 2010 us=781000 UDPv4 WRITE [42] to [server ip]:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #5 ] [ ] pid=0 DATA len=0
Sat Aug 14 12:06:05 2010 us=62000 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Aug 14 12:06:05 2010 us=62000 TLS Error: TLS handshake failed
Sat Aug 14 12:06:05 2010 us=62000 TCP/UDP: Closing socket
Sat Aug 14 12:06:05 2010 us=62000 SIGUSR1[soft,tls-error] received, process restarting
Sat Aug 14 12:06:05 2010 us=62000 MANAGEMENT: >STATE:1281805565,RECONNECTING,tls-error,,
Sat Aug 14 12:06:05 2010 us=62000 Restart pause, 2 second(s)
Sat Aug 14 12:06:07 2010 us=62000 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Aug 14 12:06:07 2010 us=62000 Re-using SSL/TLS context
Sat Aug 14 12:06:07 2010 us=62000 LZO compression initialized
Sat Aug 14 12:06:07 2010 us=62000 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ]
Sat Aug 14 12:06:07 2010 us=62000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Aug 14 12:06:07 2010 us=62000 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Aug 14 12:06:07 2010 us=62000 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Sat Aug 14 12:06:07 2010 us=62000 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Sat Aug 14 12:06:07 2010 us=62000 Local Options hash (VER=V4): '863ad621'
Sat Aug 14 12:06:07 2010 us=62000 Expected Remote Options hash (VER=V4): '64e96fc1'
Sat Aug 14 12:06:07 2010 us=62000 Attempting to establish TCP connection with [server ip]:443
Sat Aug 14 12:06:07 2010 us=62000 MANAGEMENT: >STATE:1281805567,TCP_CONNECT,,,
Sat Aug 14 12:06:07 2010 us=156000 TCP connection established with [server ip]:443
Sat Aug 14 12:06:07 2010 us=156000 TCPv4_CLIENT link local: [undef]
Sat Aug 14 12:06:07 2010 us=156000 TCPv4_CLIENT link remote: [server ip]:443
Sat Aug 14 12:06:07 2010 us=156000 MANAGEMENT: >STATE:1281805567,WAIT,,,
Sat Aug 14 12:06:07 2010 us=156000 TCPv4_CLIENT WRITE [42] to [server ip]:443: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Sat Aug 14 12:06:07 2010 us=250000 Connection reset, restarting [0]
Sat Aug 14 12:06:07 2010 us=250000 TCP/UDP: Closing socket
Sat Aug 14 12:06:07 2010 us=250000 SIGUSR1[soft,connection-reset] received, process restarting
Sat Aug 14 12:06:07 2010 us=250000 MANAGEMENT: >STATE:1281805567,RECONNECTING,connection-reset,,
Sat Aug 14 12:06:07 2010 us=250000 Restart pause, 5 second(s)
Sat Aug 14 12:06:12 2010 us=250000 MANAGEMENT: CMD 'http-proxy-fallback-disable'
Sat Aug 14 12:06:13 2010 us=250000 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Sat Aug 14 12:06:13 2010 us=250000 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Aug 14 12:06:13 2010 us=250000 Re-using SSL/TLS context
Sat Aug 14 12:06:13 2010 us=250000 LZO compression initialized
Sat Aug 14 12:06:13 2010 us=250000 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Sat Aug 14 12:06:13 2010 us=250000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Aug 14 12:06:13 2010 us=250000 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Aug 14 12:06:13 2010 us=250000 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Sat Aug 14 12:06:13 2010 us=250000 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Sat Aug 14 12:06:13 2010 us=250000 Local Options hash (VER=V4): '02af3434'
Sat Aug 14 12:06:13 2010 us=250000 Expected Remote Options hash (VER=V4): '3f08d474'
Sat Aug 14 12:06:13 2010 us=250000 UDPv4 link local (bound): [undef]:1194
Sat Aug 14 12:06:13 2010 us=250000 UDPv4 link remote: [server ip]:1194
Sat Aug 14 12:06:13 2010 us=250000 MANAGEMENT: >STATE:1281805573,WAIT,,,
Sat Aug 14 12:06:13 2010 us=250000 UDPv4 WRITE [42] to [server ip]:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Sat Aug 14 12:06:15 2010 us=375000 UDPv4 WRITE [42] to [server ip]:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Sat Aug 14 12:06:19 2010 us=625000 UDPv4 WRITE [42] to [server ip]:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #3 ] [ ] pid=0 DATA len=0
Sat Aug 14 12:06:27 2010 us=343000 UDPv4 WRITE [42] to [server ip]:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #4 ] [ ] pid=0 DATA len=0
Sat Aug 14 12:06:31 2010 us=953000 MANAGEMENT: CMD 'exit'
Sat Aug 14 12:06:31 2010 us=953000 MANAGEMENT: Client disconnected
Sat Aug 14 12:06:31 2010 us=953000 MANAGEMENT: Triggering management exit
Sat Aug 14 12:06:31 2010 us=953000 TCP/UDP: Closing socket
Sat Aug 14 12:06:31 2010 us=953000 SIGTERM[soft,management-exit] received, process exiting
Sat Aug 14 12:06:31 2010 us=968000 MANAGEMENT: >STATE:1281805591,EXITING,management-exit,,
Top
jlg89
OpenVpn Newbie
Posts: 16
Joined: Sat Aug 14, 2010 2:20 pm

Re: Window 7 TLS issue

Post by jlg89 » Mon Aug 16, 2010 10:00 pm

Just installed 2.1.2, and everything works now.

The 2.1.2 installer gave me the "OpenVPN GUI" front-end (which apparently works), instead of the "OpenVPN Client" front-end (which apparently doesn't).
Top
Post Reply

Return to “Configuration”