Can't [openvpn /etc/openvpn/server.conf] start

Jolly^Guy · Post by **Jolly^Guy** » Fri Sep 14, 2012 1:14 pm

Hello,
am new member and this is my 1st time here
Will go into the issue directly

I installed openvpn on my CentOS 6.2 x86_64
am going fine & I did anything until I reach this step :

Code: Select all

# openvpn /etc/openvpn/server.conf &

It say :

Code: Select all

[root@news openvpn]# openvpn /etc/openvpn/server.conf &
[1] 29481
[root@news openvpn]# Fri Sep 14 09:06:37 2012 OpenVPN 2.2.2 x86_64-unknown-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Apr  5 2012
Fri Sep 14 09:06:37 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Sep 14 09:06:37 2012 PLUGIN_INIT: POST /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so '[/usr/share/openvpn/plugin/lib/openvpn-auth-pam.so] [/etc/pam.d/login]' intercepted=PLUGIN_AUTH_USER_PASS_VERIFY
Fri Sep 14 09:06:37 2012 Cannot open /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem for DH parameters: error:02001002:system library:fopen:No such file or directory: error:2006D080:BIO routines:BIO_new_file:no such file
Fri Sep 14 09:06:37 2012 Exiting

here is my server.conf

Code: Select all

[root@news openvpn]# cat server.conf
local 96.31.66.225 #- your_server_ip goes here
port 1194 #- port
proto udp #- protocol
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login
client-cert-not-required
username-as-common-name
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status 1194.log
verb 3

I hope I have been able to explain the details of my problem if you want more details I'm ready
What's the problem ! ? what's the wrong ?
I used dedicated server with centOS 6.2 x86_64

Post by **maikcat** » Mon Sep 17, 2012 9:42 am

hi there,

Fri Sep 14 09:06:37 2012 Cannot open /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem for DH parameters: error:02001002:system library:fopen:No such file or directory: error:2006D080:BIO routines:BIO_new_file:no such file

did you create dh parameter file using build-dh script?
or if you did ,check its permissions/folder location.

regards

Michael.

Jolly^Guy · Post by **Jolly^Guy** » Mon Sep 17, 2012 9:59 pm

now openvpn start fine :

Code: Select all

Starting openvpn:                                          [  OK  ]

here is server config :

Code: Select all

[root@news ~]# cat /etc/openvpn/server.conf
local my.ip.here.0
port 2507
proto udp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
auth-user-pass-verify auth-pam.pl via-file
server 10.9.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status server-tcp.log
verb 3

I delete my real ip

here is my local PC config file (my.ovpn) :

Code: Select all

client
dev tun
proto tcp
remote my.server.ip.0 PORT
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ca ca.crt
auth-user-pass
comp-lzo
verb 3
route-method exe
route-delay 2

I downloaded the the certifcated and keys from remote server [/etc/openvpn/easy-rsa/2.0/keys
] to [C:\Program Files\OpenVPN\config\BestVPN] where the my.ovpn

where i start my.ovpn I got message :

Code: Select all

Tue Sep 18 00:36:50 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built
on Dec 15 2011
Enter Auth Username:m.aljaaly
Enter Auth Password:
Tue Sep 18 00:36:59 2012 WARNING: No server certificate verification method has
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep 18 00:36:59 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Tue Sep 18 00:36:59 2012 LZO compression initialized
Tue Sep 18 00:36:59 2012 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:
0 EL:0 ]
Tue Sep 18 00:36:59 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 18 00:36:59 2012 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:
32 EL:0 AF:3/1 ]
Tue Sep 18 00:36:59 2012 Local Options hash (VER=V4): '2547efd2'
Tue Sep 18 00:36:59 2012 Expected Remote Options hash (VER=V4): '77cf0943'
Tue Sep 18 00:36:59 2012 Attempting to establish TCP connection with 96.31.66.22
1:2507
Tue Sep 18 00:37:18 2012 TCP: connect to my.server.ip.0:PORT failed, will try agai
n in 5 seconds: Connection timed out (WSAETIMEDOUT)

what's the wrong! I need your help

Post by **maikcat** » Tue Sep 18, 2012 6:24 am

hi there

server conf

Code: Select all

proto udp

client.conf

Code: Select all

proto tcp

protocol must be the SAME for both client/server

regards

Michael.

Jolly^Guy · Post by **Jolly^Guy** » Tue Sep 18, 2012 6:53 am

Hello,
I changed

Code: Select all

proto udp

to my.opvn and I got :

Code: Select all

Tue Sep 18 09:34:21 2012 TLS: Initial packet from 96.31.66.221:2507, sid=d59e008
3 b977d1b9
Tue Sep 18 09:34:23 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Best-I
T/OU=IT/CN=BestITserv/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:34:23 2012 VERIFY OK: depth=0, /C=US/ST=CASA/L=SanFrancisco/O=Best
-IT/OU=IT/CN=server/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:35:21 2012 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Tue Sep 18 09:35:21 2012 TLS Error: TLS handshake failed
Tue Sep 18 09:35:21 2012 TCP/UDP: Closing socket
Tue Sep 18 09:35:21 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Sep 18 09:35:21 2012 Restart pause, 2 second(s)
Tue Sep 18 09:35:23 2012 WARNING: No server certificate verification method has
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep 18 09:35:23 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Tue Sep 18 09:35:23 2012 Re-using SSL/TLS context
Tue Sep 18 09:35:23 2012 LZO compression initialized
Tue Sep 18 09:35:23 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:
0 EL:0 ]
Tue Sep 18 09:35:23 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 18 09:35:23 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:
32 EL:0 AF:3/1 ]
Tue Sep 18 09:35:23 2012 Local Options hash (VER=V4): 'd3a7571a'
Tue Sep 18 09:35:23 2012 Expected Remote Options hash (VER=V4): '5b1533a2'
Tue Sep 18 09:35:23 2012 UDPv4 link local: [undef]
Tue Sep 18 09:35:23 2012 UDPv4 link remote: 96.31.66.221:2507
Tue Sep 18 09:35:23 2012 TLS: Initial packet from 96.31.66.221:2507, sid=5a51e83
d 199f2e56
Tue Sep 18 09:35:25 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Best-I
T/OU=IT/CN=BestITserv/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:35:25 2012 VERIFY OK: depth=0, /C=US/ST=CASA/L=SanFrancisco/O=Best
-IT/OU=IT/CN=server/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:36:23 2012 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Tue Sep 18 09:36:23 2012 TLS Error: TLS handshake failed
Tue Sep 18 09:36:23 2012 TCP/UDP: Closing socket
Tue Sep 18 09:36:23 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Sep 18 09:36:23 2012 Restart pause, 2 second(s)
Tue Sep 18 09:36:25 2012 WARNING: No server certificate verification method has
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep 18 09:36:25 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Tue Sep 18 09:36:25 2012 Re-using SSL/TLS context
Tue Sep 18 09:36:25 2012 LZO compression initialized
Tue Sep 18 09:36:25 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:
0 EL:0 ]
Tue Sep 18 09:36:25 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 18 09:36:25 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:
32 EL:0 AF:3/1 ]
Tue Sep 18 09:36:25 2012 Local Options hash (VER=V4): 'd3a7571a'
Tue Sep 18 09:36:25 2012 Expected Remote Options hash (VER=V4): '5b1533a2'
Tue Sep 18 09:36:25 2012 UDPv4 link local: [undef]
Tue Sep 18 09:36:25 2012 UDPv4 link remote: 96.31.66.221:2507
Tue Sep 18 09:36:27 2012 TLS: Initial packet from 96.31.66.221:2507, sid=771328b
b aa0ddaf6
Tue Sep 18 09:36:37 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Best-I
T/OU=IT/CN=BestITserv/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:36:37 2012 VERIFY OK: depth=0, /C=US/ST=CASA/L=SanFrancisco/O=Best
-IT/OU=IT/CN=server/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:37:25 2012 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Tue Sep 18 09:37:25 2012 TLS Error: TLS handshake failed
Tue Sep 18 09:37:25 2012 TCP/UDP: Closing socket
Tue Sep 18 09:37:25 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Sep 18 09:37:25 2012 Restart pause, 2 second(s)
Tue Sep 18 09:37:27 2012 WARNING: No server certificate verification method has
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep 18 09:37:27 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Tue Sep 18 09:37:28 2012 Re-using SSL/TLS context
Tue Sep 18 09:37:28 2012 LZO compression initialized
Tue Sep 18 09:37:28 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:
0 EL:0 ]
Tue Sep 18 09:37:28 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 18 09:37:28 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:
32 EL:0 AF:3/1 ]
Tue Sep 18 09:37:28 2012 Local Options hash (VER=V4): 'd3a7571a'
Tue Sep 18 09:37:28 2012 Expected Remote Options hash (VER=V4): '5b1533a2'
Tue Sep 18 09:37:28 2012 UDPv4 link local: [undef]
Tue Sep 18 09:37:28 2012 UDPv4 link remote: 96.31.66.221:2507
Tue Sep 18 09:37:28 2012 TLS: Initial packet from 96.31.66.221:2507, sid=c9d4020
d 00baed0e
Tue Sep 18 09:37:29 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Best-I
T/OU=IT/CN=BestITserv/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:37:29 2012 VERIFY OK: depth=0, /C=US/ST=CASA/L=SanFrancisco/O=Best
-IT/OU=IT/CN=server/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:38:28 2012 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Tue Sep 18 09:38:28 2012 TLS Error: TLS handshake failed
Tue Sep 18 09:38:28 2012 TCP/UDP: Closing socket
Tue Sep 18 09:38:28 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Sep 18 09:38:28 2012 Restart pause, 2 second(s)
Tue Sep 18 09:38:30 2012 WARNING: No server certificate verification method has
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep 18 09:38:30 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Tue Sep 18 09:38:30 2012 Re-using SSL/TLS context
Tue Sep 18 09:38:30 2012 LZO compression initialized
Tue Sep 18 09:38:30 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:
0 EL:0 ]
Tue Sep 18 09:38:30 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 18 09:38:30 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:
32 EL:0 AF:3/1 ]
Tue Sep 18 09:38:30 2012 Local Options hash (VER=V4): 'd3a7571a'
Tue Sep 18 09:38:30 2012 Expected Remote Options hash (VER=V4): '5b1533a2'
Tue Sep 18 09:38:30 2012 UDPv4 link local: [undef]
Tue Sep 18 09:38:30 2012 UDPv4 link remote: 96.31.66.221:2507
Tue Sep 18 09:38:31 2012 TLS: Initial packet from 96.31.66.221:2507, sid=d1081f1
1 593bd5ba
Tue Sep 18 09:38:32 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Best-I
T/OU=IT/CN=BestITserv/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:38:32 2012 VERIFY OK: depth=0, /C=US/ST=CASA/L=SanFrancisco/O=Best
-IT/OU=IT/CN=server/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:39:30 2012 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Tue Sep 18 09:39:30 2012 TLS Error: TLS handshake failed
Tue Sep 18 09:39:30 2012 TCP/UDP: Closing socket
Tue Sep 18 09:39:30 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Sep 18 09:39:30 2012 Restart pause, 2 second(s)
Tue Sep 18 09:39:32 2012 WARNING: No server certificate verification method has
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep 18 09:39:32 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Tue Sep 18 09:39:32 2012 Re-using SSL/TLS context
Tue Sep 18 09:39:32 2012 LZO compression initialized
Tue Sep 18 09:39:32 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:
0 EL:0 ]
Tue Sep 18 09:39:32 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 18 09:39:32 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:
32 EL:0 AF:3/1 ]
Tue Sep 18 09:39:32 2012 Local Options hash (VER=V4): 'd3a7571a'
Tue Sep 18 09:39:32 2012 Expected Remote Options hash (VER=V4): '5b1533a2'
Tue Sep 18 09:39:32 2012 UDPv4 link local: [undef]
Tue Sep 18 09:39:32 2012 UDPv4 link remote: 96.31.66.221:2507
Tue Sep 18 09:39:33 2012 TLS: Initial packet from 96.31.66.221:2507, sid=1e3ac51
1 a0bf50ed
Tue Sep 18 09:39:39 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Best-I
T/OU=IT/CN=BestITserv/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:39:39 2012 VERIFY OK: depth=0, /C=US/ST=CASA/L=SanFrancisco/O=Best
-IT/OU=IT/CN=server/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:40:32 2012 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Tue Sep 18 09:40:32 2012 TLS Error: TLS handshake failed
Tue Sep 18 09:40:32 2012 TCP/UDP: Closing socket
Tue Sep 18 09:40:32 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Sep 18 09:40:32 2012 Restart pause, 2 second(s)
Tue Sep 18 09:40:34 2012 WARNING: No server certificate verification method has
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep 18 09:40:34 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Tue Sep 18 09:40:34 2012 Re-using SSL/TLS context
Tue Sep 18 09:40:34 2012 LZO compression initialized
Tue Sep 18 09:40:34 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:
0 EL:0 ]
Tue Sep 18 09:40:34 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 18 09:40:34 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:
32 EL:0 AF:3/1 ]
Tue Sep 18 09:40:34 2012 Local Options hash (VER=V4): 'd3a7571a'
Tue Sep 18 09:40:34 2012 Expected Remote Options hash (VER=V4): '5b1533a2'
Tue Sep 18 09:40:34 2012 UDPv4 link local: [undef]
Tue Sep 18 09:40:34 2012 UDPv4 link remote: 96.31.66.221:2507
Tue Sep 18 09:40:35 2012 TLS: Initial packet from 96.31.66.221:2507, sid=24573a3
9 f89e3f1f
Tue Sep 18 09:40:36 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Best-I
T/OU=IT/CN=BestITserv/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:40:36 2012 VERIFY OK: depth=0, /C=US/ST=CASA/L=SanFrancisco/O=Best
-IT/OU=IT/CN=server/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:41:34 2012 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Tue Sep 18 09:41:34 2012 TLS Error: TLS handshake failed
Tue Sep 18 09:41:34 2012 TCP/UDP: Closing socket
Tue Sep 18 09:41:34 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Sep 18 09:41:34 2012 Restart pause, 2 second(s)
Tue Sep 18 09:41:36 2012 WARNING: No server certificate verification method has
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep 18 09:41:36 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Tue Sep 18 09:41:36 2012 Re-using SSL/TLS context
Tue Sep 18 09:41:36 2012 LZO compression initialized
Tue Sep 18 09:41:36 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:
0 EL:0 ]
Tue Sep 18 09:41:36 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 18 09:41:36 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:
32 EL:0 AF:3/1 ]
Tue Sep 18 09:41:36 2012 Local Options hash (VER=V4): 'd3a7571a'
Tue Sep 18 09:41:36 2012 Expected Remote Options hash (VER=V4): '5b1533a2'
Tue Sep 18 09:41:36 2012 UDPv4 link local: [undef]
Tue Sep 18 09:41:36 2012 UDPv4 link remote: 96.31.66.221:2507
Tue Sep 18 09:41:37 2012 TLS: Initial packet from 96.31.66.221:2507, sid=a8b667e
c 4a640014
Tue Sep 18 09:41:38 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Best-I
T/OU=IT/CN=BestITserv/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:41:38 2012 VERIFY OK: depth=0, /C=US/ST=CASA/L=SanFrancisco/O=Best
-IT/OU=IT/CN=server/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:42:36 2012 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Tue Sep 18 09:42:36 2012 TLS Error: TLS handshake failed
Tue Sep 18 09:42:36 2012 TCP/UDP: Closing socket
Tue Sep 18 09:42:36 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Sep 18 09:42:36 2012 Restart pause, 2 second(s)
Tue Sep 18 09:42:38 2012 WARNING: No server certificate verification method has
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep 18 09:42:38 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Tue Sep 18 09:42:38 2012 Re-using SSL/TLS context
Tue Sep 18 09:42:38 2012 LZO compression initialized
Tue Sep 18 09:42:38 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:
0 EL:0 ]
Tue Sep 18 09:42:38 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 18 09:42:38 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:
32 EL:0 AF:3/1 ]
Tue Sep 18 09:42:38 2012 Local Options hash (VER=V4): 'd3a7571a'
Tue Sep 18 09:42:38 2012 Expected Remote Options hash (VER=V4): '5b1533a2'
Tue Sep 18 09:42:38 2012 UDPv4 link local: [undef]
Tue Sep 18 09:42:38 2012 UDPv4 link remote: 96.31.66.221:2507
Tue Sep 18 09:42:38 2012 TLS: Initial packet from 96.31.66.221:2507, sid=1ca35fc
b 268cf98e
Tue Sep 18 09:42:40 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Best-I
T/OU=IT/CN=BestITserv/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:42:40 2012 VERIFY OK: depth=0, /C=US/ST=CASA/L=SanFrancisco/O=Best
-IT/OU=IT/CN=server/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:43:38 2012 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Tue Sep 18 09:43:38 2012 TLS Error: TLS handshake failed
Tue Sep 18 09:43:38 2012 TCP/UDP: Closing socket
Tue Sep 18 09:43:38 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Sep 18 09:43:38 2012 Restart pause, 2 second(s)
Tue Sep 18 09:43:40 2012 WARNING: No server certificate verification method has
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep 18 09:43:40 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Tue Sep 18 09:43:40 2012 Re-using SSL/TLS context
Tue Sep 18 09:43:40 2012 LZO compression initialized
Tue Sep 18 09:43:40 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:
0 EL:0 ]
Tue Sep 18 09:43:40 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 18 09:43:40 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:
32 EL:0 AF:3/1 ]
Tue Sep 18 09:43:40 2012 Local Options hash (VER=V4): 'd3a7571a'
Tue Sep 18 09:43:40 2012 Expected Remote Options hash (VER=V4): '5b1533a2'
Tue Sep 18 09:43:40 2012 UDPv4 link local: [undef]
Tue Sep 18 09:43:40 2012 UDPv4 link remote: 96.31.66.221:2507
Tue Sep 18 09:43:40 2012 TLS: Initial packet from 96.31.66.221:2507, sid=c9a9089
1 a63983ce
Tue Sep 18 09:43:42 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Best-I
T/OU=IT/CN=BestITserv/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:43:42 2012 VERIFY OK: depth=0, /C=US/ST=CASA/L=SanFrancisco/O=Best
-IT/OU=IT/CN=server/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:44:40 2012 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Tue Sep 18 09:44:40 2012 TLS Error: TLS handshake failed
Tue Sep 18 09:44:40 2012 TCP/UDP: Closing socket
Tue Sep 18 09:44:40 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Sep 18 09:44:40 2012 Restart pause, 2 second(s)
Tue Sep 18 09:44:42 2012 WARNING: No server certificate verification method has
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep 18 09:44:42 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Tue Sep 18 09:44:42 2012 Re-using SSL/TLS context
Tue Sep 18 09:44:42 2012 LZO compression initialized
Tue Sep 18 09:44:42 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:
0 EL:0 ]
Tue Sep 18 09:44:42 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 18 09:44:42 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:
32 EL:0 AF:3/1 ]
Tue Sep 18 09:44:42 2012 Local Options hash (VER=V4): 'd3a7571a'
Tue Sep 18 09:44:42 2012 Expected Remote Options hash (VER=V4): '5b1533a2'
Tue Sep 18 09:44:42 2012 UDPv4 link local: [undef]
Tue Sep 18 09:44:42 2012 UDPv4 link remote: 96.31.66.221:2507
Tue Sep 18 09:44:42 2012 TLS: Initial packet from 96.31.66.221:2507, sid=a14407c
9 0ca02af4
Tue Sep 18 09:44:44 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Best-I
T/OU=IT/CN=BestITserv/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:44:44 2012 VERIFY OK: depth=0, /C=US/ST=CASA/L=SanFrancisco/O=Best
-IT/OU=IT/CN=server/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 09:45:42 2012 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Tue Sep 18 09:45:42 2012 TLS Error: TLS handshake failed
Tue Sep 18 09:45:42 2012 TCP/UDP: Closing socket
Tue Sep 18 09:45:42 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Sep 18 09:45:42 2012 Restart pause, 2 second(s)
Tue Sep 18 09:45:44 2012 WARNING: No server certificate verification method has
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep 18 09:45:44 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Tue Sep 18 09:45:44 2012 Re-using SSL/TLS context
Tue Sep 18 09:45:44 2012 LZO compression initialized
Tue Sep 18 09:45:44 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:
0 EL:0 ]
Tue Sep 18 09:45:44 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 18 09:45:44 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:
32 EL:0 AF:3/1 ]
Tue Sep 18 09:45:44 2012 Local Options hash (VER=V4): 'd3a7571a'
Tue Sep 18 09:45:44 2012 Expected Remote Options hash (VER=V4): '5b1533a2'
Tue Sep 18 09:45:44 2012 UDPv4 link local: [undef]
Tue Sep 18 09:45:44 2012 UDPv4 link remote: 96.31.66.221:2507
Tue Sep 18 09:45:44 2012 TLS: Initial packet from 96.31.66.221:2507, sid=7b9ffc1
e 197b2765

I tried to disable local firewall and I got the same message

Post by **maikcat** » Tue Sep 18, 2012 8:01 am

can you switch over to tcp for testing?

Michael.

Jolly^Guy · Post by **Jolly^Guy** » Tue Sep 18, 2012 9:28 am

after I switched to tcp protocol & restarting openvpn i got :

Code: Select all

Tue Sep 18 12:17:54 2012 Local Options hash (VER=V4): '2547efd2'
Tue Sep 18 12:17:54 2012 Expected Remote Options hash (VER=V4): '77cf0943'
Tue Sep 18 12:17:54 2012 Attempting to establish TCP connection with 96.31.66.22
1:2507
Tue Sep 18 12:17:54 2012 TCP connection established with 96.31.66.221:2507
Tue Sep 18 12:17:54 2012 TCPv4_CLIENT link local: [undef]
Tue Sep 18 12:17:54 2012 TCPv4_CLIENT link remote: 96.31.66.221:2507
Tue Sep 18 12:17:55 2012 TLS: Initial packet from 96.31.66.221:2507, sid=319b472
2 275963e4
Tue Sep 18 12:17:59 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Best-I
T/OU=IT/CN=BestITserv/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 12:17:59 2012 VERIFY OK: depth=0, /C=US/ST=CASA/L=SanFrancisco/O=Best
-IT/OU=IT/CN=server/name=Mohammed/emailAddress=m.hamidawad@msn.com
Tue Sep 18 12:18:01 2012 Connection reset, restarting [0]
Tue Sep 18 12:18:01 2012 TCP/UDP: Closing socket
Tue Sep 18 12:18:01 2012 SIGUSR1[soft,connection-reset] received, process restar
ting
Tue Sep 18 12:18:01 2012 Restart pause, 5 second(s)

Post by **maikcat** » Tue Sep 18, 2012 12:59 pm

can you repost the configs used as well server logs?

Michael.

Jolly^Guy · Post by **Jolly^Guy** » Tue Sep 18, 2012 1:21 pm

Code: Select all

[root@news openvpn]# cat server-tcp.log
OpenVPN CLIENT LIST
Updated,Tue Sep 18 09:13:58 2012
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
GLOBAL STATS
Max bcast/mcast queue length,0
END

Code: Select all

[root@news openvpn]# cat server.conf
local 96.31.66.221
port 2507
proto tcp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
auth-user-pass-verify auth-pam.pl via-file
server 10.9.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status server-tcp.log
verb 3

Post by **maikcat** » Tue Sep 18, 2012 1:39 pm

[root@news openvpn]# cat server-tcp.log
OpenVPN CLIENT LIST
Updated,Tue Sep 18 09:13:58 2012
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
GLOBAL STATS
Max bcast/mcast queue length,0
END

this is the status file NOT the log...

use the log directive to create a verb 4 log & post it.

Michael.

Jolly^Guy · Post by **Jolly^Guy** » Tue Sep 18, 2012 8:49 pm

here is

Code: Select all

Tue Sep 18 16:25:46 2012 OpenVPN 2.2.2 x86_64-unknown-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Apr  5 2012
Tue Sep 18 16:25:46 2012 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Sep 18 16:25:46 2012 Diffie-Hellman initialized with 1024 bit key
Tue Sep 18 16:25:46 2012 TLS-Auth MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:25:46 2012 Socket Buffers: R=[87380->131072] S=[65535->131072]
Tue Sep 18 16:25:46 2012 ROUTE default_gateway=96.31.66.1
Tue Sep 18 16:25:46 2012 TUN/TAP device tun1 opened
Tue Sep 18 16:25:46 2012 TUN/TAP TX queue length set to 100
Tue Sep 18 16:25:46 2012 /sbin/ip link set dev tun1 up mtu 1500
Tue Sep 18 16:25:46 2012 /sbin/ip addr add dev tun1 local 10.9.0.1 peer 10.9.0.2
Tue Sep 18 16:25:46 2012 /sbin/ip route add 10.9.0.0/24 via 10.9.0.2
Tue Sep 18 16:25:46 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:25:46 2012 Listening for incoming TCP connection on 96.31.66.221:2507
Tue Sep 18 16:25:46 2012 TCPv4_SERVER link local (bound): 96.31.66.221:2507
Tue Sep 18 16:25:46 2012 TCPv4_SERVER link remote: [undef]
Tue Sep 18 16:25:46 2012 MULTI: multi_init called, r=256 v=256
Tue Sep 18 16:25:46 2012 IFCONFIG POOL: base=10.9.0.4 size=62
Tue Sep 18 16:25:46 2012 IFCONFIG POOL LIST
Tue Sep 18 16:25:46 2012 MULTI: TCP INIT maxclients=1024 maxevents=1028
Tue Sep 18 16:25:46 2012 Initialization Sequence Completed
Tue Sep 18 16:26:17 2012 MULTI: multi_create_instance called
Tue Sep 18 16:26:17 2012 Re-using SSL/TLS context
Tue Sep 18 16:26:17 2012 LZO compression initialized
Tue Sep 18 16:26:17 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:26:17 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:26:17 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:26:17 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:26:17 2012 TCP connection established with 41.223.160.134:10275
Tue Sep 18 16:26:17 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:26:17 2012 TCPv4_SERVER link remote: 41.223.160.134:10275
Tue Sep 18 16:26:17 2012 41.223.160.134:10275 TLS: Initial packet from 41.223.160.134:10275, sid=36335113 a04df064
Tue Sep 18 16:26:24 2012 41.223.160.134:10275 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:26:24 2012 41.223.160.134:10275 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:26:24 2012 41.223.160.134:10275 TLS Error: TLS handshake failed
Tue Sep 18 16:26:24 2012 41.223.160.134:10275 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:26:24 2012 41.223.160.134:10275 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:26:24 2012 TCP/UDP: Closing socket
Tue Sep 18 16:26:29 2012 MULTI: multi_create_instance called
Tue Sep 18 16:26:29 2012 Re-using SSL/TLS context
Tue Sep 18 16:26:29 2012 LZO compression initialized
Tue Sep 18 16:26:29 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:26:29 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:26:29 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:26:29 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:26:29 2012 TCP connection established with 41.223.160.134:61182
Tue Sep 18 16:26:29 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:26:29 2012 TCPv4_SERVER link remote: 41.223.160.134:61182
Tue Sep 18 16:26:29 2012 41.223.160.134:61182 TLS: Initial packet from 41.223.160.134:61182, sid=c1b29ac7 0431a0d0
Tue Sep 18 16:26:35 2012 41.223.160.134:61182 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:26:35 2012 41.223.160.134:61182 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:26:35 2012 41.223.160.134:61182 TLS Error: TLS handshake failed
Tue Sep 18 16:26:35 2012 41.223.160.134:61182 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:26:35 2012 41.223.160.134:61182 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:26:35 2012 TCP/UDP: Closing socket
Tue Sep 18 16:26:41 2012 MULTI: multi_create_instance called
Tue Sep 18 16:26:41 2012 Re-using SSL/TLS context
Tue Sep 18 16:26:41 2012 LZO compression initialized
Tue Sep 18 16:26:41 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:26:41 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:26:41 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:26:41 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:26:41 2012 TCP connection established with 41.223.160.134:22747
Tue Sep 18 16:26:41 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:26:41 2012 TCPv4_SERVER link remote: 41.223.160.134:22747
Tue Sep 18 16:26:42 2012 41.223.160.134:22747 TLS: Initial packet from 41.223.160.134:22747, sid=87897748 b433d52c
Tue Sep 18 16:26:48 2012 41.223.160.134:22747 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:26:48 2012 41.223.160.134:22747 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:26:48 2012 41.223.160.134:22747 TLS Error: TLS handshake failed
Tue Sep 18 16:26:48 2012 41.223.160.134:22747 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:26:48 2012 41.223.160.134:22747 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:26:48 2012 TCP/UDP: Closing socket
Tue Sep 18 16:26:54 2012 MULTI: multi_create_instance called
Tue Sep 18 16:26:54 2012 Re-using SSL/TLS context
Tue Sep 18 16:26:54 2012 LZO compression initialized
Tue Sep 18 16:26:54 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:26:54 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:26:54 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:26:54 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:26:54 2012 TCP connection established with 41.223.160.134:35445
Tue Sep 18 16:26:54 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:26:54 2012 TCPv4_SERVER link remote: 41.223.160.134:35445
Tue Sep 18 16:26:54 2012 41.223.160.134:35445 TLS: Initial packet from 41.223.160.134:35445, sid=b0b2c849 214ab07a
Tue Sep 18 16:27:03 2012 41.223.160.134:35445 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:27:03 2012 41.223.160.134:35445 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:27:03 2012 41.223.160.134:35445 TLS Error: TLS handshake failed
Tue Sep 18 16:27:03 2012 41.223.160.134:35445 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:27:03 2012 41.223.160.134:35445 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:27:03 2012 TCP/UDP: Closing socket
Tue Sep 18 16:27:09 2012 MULTI: multi_create_instance called
Tue Sep 18 16:27:09 2012 Re-using SSL/TLS context
Tue Sep 18 16:27:09 2012 LZO compression initialized
Tue Sep 18 16:27:09 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:27:09 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:27:09 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:27:09 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:27:09 2012 TCP connection established with 41.223.160.134:32441
Tue Sep 18 16:27:09 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:27:09 2012 TCPv4_SERVER link remote: 41.223.160.134:32441
Tue Sep 18 16:27:09 2012 41.223.160.134:32441 TLS: Initial packet from 41.223.160.134:32441, sid=4efc4ab4 d791b6a3
Tue Sep 18 16:27:16 2012 41.223.160.134:32441 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:27:16 2012 41.223.160.134:32441 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:27:16 2012 41.223.160.134:32441 TLS Error: TLS handshake failed
Tue Sep 18 16:27:16 2012 41.223.160.134:32441 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:27:16 2012 41.223.160.134:32441 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:27:16 2012 TCP/UDP: Closing socket
Tue Sep 18 16:27:23 2012 MULTI: multi_create_instance called
Tue Sep 18 16:27:23 2012 Re-using SSL/TLS context
Tue Sep 18 16:27:23 2012 LZO compression initialized
Tue Sep 18 16:27:23 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:27:23 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:27:23 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:27:23 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:27:23 2012 TCP connection established with 41.223.160.134:23806
Tue Sep 18 16:27:23 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:27:23 2012 TCPv4_SERVER link remote: 41.223.160.134:23806
Tue Sep 18 16:27:23 2012 41.223.160.134:23806 TLS: Initial packet from 41.223.160.134:23806, sid=12163189 2406c42c
Tue Sep 18 16:27:31 2012 41.223.160.134:23806 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:27:31 2012 41.223.160.134:23806 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:27:31 2012 41.223.160.134:23806 TLS Error: TLS handshake failed
Tue Sep 18 16:27:31 2012 41.223.160.134:23806 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:27:31 2012 41.223.160.134:23806 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:27:31 2012 TCP/UDP: Closing socket
Tue Sep 18 16:27:36 2012 MULTI: multi_create_instance called
Tue Sep 18 16:27:36 2012 Re-using SSL/TLS context
Tue Sep 18 16:27:36 2012 LZO compression initialized
Tue Sep 18 16:27:36 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:27:36 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:27:36 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:27:36 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:27:36 2012 TCP connection established with 41.223.160.134:42513
Tue Sep 18 16:27:36 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:27:36 2012 TCPv4_SERVER link remote: 41.223.160.134:42513
Tue Sep 18 16:27:36 2012 41.223.160.134:42513 TLS: Initial packet from 41.223.160.134:42513, sid=1a11f407 55d85ef7
Tue Sep 18 16:27:44 2012 41.223.160.134:42513 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:27:44 2012 41.223.160.134:42513 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:27:44 2012 41.223.160.134:42513 TLS Error: TLS handshake failed
Tue Sep 18 16:27:44 2012 41.223.160.134:42513 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:27:44 2012 41.223.160.134:42513 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:27:44 2012 TCP/UDP: Closing socket
Tue Sep 18 16:27:49 2012 MULTI: multi_create_instance called
Tue Sep 18 16:27:49 2012 Re-using SSL/TLS context
Tue Sep 18 16:27:49 2012 LZO compression initialized
Tue Sep 18 16:27:49 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:27:49 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:27:49 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:27:49 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:27:49 2012 TCP connection established with 41.223.160.134:61886
Tue Sep 18 16:27:49 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:27:49 2012 TCPv4_SERVER link remote: 41.223.160.134:61886
Tue Sep 18 16:27:49 2012 41.223.160.134:61886 TLS: Initial packet from 41.223.160.134:61886, sid=d972ab83 3abdae23
Tue Sep 18 16:27:57 2012 41.223.160.134:61886 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:27:57 2012 41.223.160.134:61886 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:27:57 2012 41.223.160.134:61886 TLS Error: TLS handshake failed
Tue Sep 18 16:27:57 2012 41.223.160.134:61886 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:27:57 2012 41.223.160.134:61886 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:27:57 2012 TCP/UDP: Closing socket
Tue Sep 18 16:28:03 2012 MULTI: multi_create_instance called
Tue Sep 18 16:28:03 2012 Re-using SSL/TLS context
Tue Sep 18 16:28:03 2012 LZO compression initialized
Tue Sep 18 16:28:03 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:28:03 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:28:03 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:28:03 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:28:03 2012 TCP connection established with 41.223.160.134:29736
Tue Sep 18 16:28:03 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:28:03 2012 TCPv4_SERVER link remote: 41.223.160.134:29736
Tue Sep 18 16:28:03 2012 41.223.160.134:29736 TLS: Initial packet from 41.223.160.134:29736, sid=497f9b4a 8b3e922d
Tue Sep 18 16:28:11 2012 41.223.160.134:29736 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:28:11 2012 41.223.160.134:29736 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:28:11 2012 41.223.160.134:29736 TLS Error: TLS handshake failed
Tue Sep 18 16:28:11 2012 41.223.160.134:29736 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:28:11 2012 41.223.160.134:29736 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:28:11 2012 TCP/UDP: Closing socket
Tue Sep 18 16:28:17 2012 MULTI: multi_create_instance called
Tue Sep 18 16:28:17 2012 Re-using SSL/TLS context
Tue Sep 18 16:28:17 2012 LZO compression initialized
Tue Sep 18 16:28:17 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:28:17 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:28:17 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:28:17 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:28:17 2012 TCP connection established with 41.223.160.134:33277
Tue Sep 18 16:28:17 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:28:17 2012 TCPv4_SERVER link remote: 41.223.160.134:33277
Tue Sep 18 16:28:17 2012 41.223.160.134:33277 TLS: Initial packet from 41.223.160.134:33277, sid=fe414698 b5f67bec
Tue Sep 18 16:28:25 2012 41.223.160.134:33277 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:28:25 2012 41.223.160.134:33277 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:28:25 2012 41.223.160.134:33277 TLS Error: TLS handshake failed
Tue Sep 18 16:28:25 2012 41.223.160.134:33277 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:28:25 2012 41.223.160.134:33277 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:28:25 2012 TCP/UDP: Closing socket
Tue Sep 18 16:28:30 2012 MULTI: multi_create_instance called
Tue Sep 18 16:28:30 2012 Re-using SSL/TLS context
Tue Sep 18 16:28:30 2012 LZO compression initialized
Tue Sep 18 16:28:30 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:28:30 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:28:30 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:28:30 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:28:30 2012 TCP connection established with 41.223.160.134:61249
Tue Sep 18 16:28:30 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:28:30 2012 TCPv4_SERVER link remote: 41.223.160.134:61249
Tue Sep 18 16:28:30 2012 41.223.160.134:61249 TLS: Initial packet from 41.223.160.134:61249, sid=1e710a9c f2e030ef
Tue Sep 18 16:28:39 2012 41.223.160.134:61249 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:28:39 2012 41.223.160.134:61249 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:28:39 2012 41.223.160.134:61249 TLS Error: TLS handshake failed
Tue Sep 18 16:28:39 2012 41.223.160.134:61249 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:28:39 2012 41.223.160.134:61249 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:28:39 2012 TCP/UDP: Closing socket
Tue Sep 18 16:28:44 2012 MULTI: multi_create_instance called
Tue Sep 18 16:28:44 2012 Re-using SSL/TLS context
Tue Sep 18 16:28:44 2012 LZO compression initialized
Tue Sep 18 16:28:44 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:28:44 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:28:44 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:28:44 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:28:44 2012 TCP connection established with 41.223.160.134:23071
Tue Sep 18 16:28:44 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:28:44 2012 TCPv4_SERVER link remote: 41.223.160.134:23071
Tue Sep 18 16:28:44 2012 41.223.160.134:23071 TLS: Initial packet from 41.223.160.134:23071, sid=7c438fe9 b09a21ca
Tue Sep 18 16:28:55 2012 41.223.160.134:23071 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:28:55 2012 41.223.160.134:23071 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:28:55 2012 41.223.160.134:23071 TLS Error: TLS handshake failed
Tue Sep 18 16:28:55 2012 41.223.160.134:23071 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:28:55 2012 41.223.160.134:23071 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:28:55 2012 TCP/UDP: Closing socket
Tue Sep 18 16:29:01 2012 MULTI: multi_create_instance called
Tue Sep 18 16:29:01 2012 Re-using SSL/TLS context
Tue Sep 18 16:29:01 2012 LZO compression initialized
Tue Sep 18 16:29:01 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:29:01 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:29:01 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:29:01 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:29:01 2012 TCP connection established with 41.223.160.134:55174
Tue Sep 18 16:29:01 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:29:01 2012 TCPv4_SERVER link remote: 41.223.160.134:55174
Tue Sep 18 16:29:01 2012 41.223.160.134:55174 TLS: Initial packet from 41.223.160.134:55174, sid=820ead0a 6fe40e51
Tue Sep 18 16:29:09 2012 41.223.160.134:55174 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:29:09 2012 41.223.160.134:55174 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:29:09 2012 41.223.160.134:55174 TLS Error: TLS handshake failed
Tue Sep 18 16:29:09 2012 41.223.160.134:55174 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:29:09 2012 41.223.160.134:55174 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:29:09 2012 TCP/UDP: Closing socket
Tue Sep 18 16:29:14 2012 MULTI: multi_create_instance called
Tue Sep 18 16:29:14 2012 Re-using SSL/TLS context
Tue Sep 18 16:29:14 2012 LZO compression initialized
Tue Sep 18 16:29:14 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:29:14 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:29:14 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:29:14 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:29:14 2012 TCP connection established with 41.223.160.134:50443
Tue Sep 18 16:29:14 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:29:14 2012 TCPv4_SERVER link remote: 41.223.160.134:50443
Tue Sep 18 16:29:14 2012 41.223.160.134:50443 TLS: Initial packet from 41.223.160.134:50443, sid=aa1c491b f71b2d0d
Tue Sep 18 16:29:21 2012 41.223.160.134:50443 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:29:21 2012 41.223.160.134:50443 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:29:21 2012 41.223.160.134:50443 TLS Error: TLS handshake failed
Tue Sep 18 16:29:21 2012 41.223.160.134:50443 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:29:21 2012 41.223.160.134:50443 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:29:21 2012 TCP/UDP: Closing socket
Tue Sep 18 16:29:26 2012 MULTI: multi_create_instance called
Tue Sep 18 16:29:26 2012 Re-using SSL/TLS context
Tue Sep 18 16:29:26 2012 LZO compression initialized
Tue Sep 18 16:29:26 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:29:26 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:29:26 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:29:26 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:29:26 2012 TCP connection established with 41.223.160.134:32304
Tue Sep 18 16:29:26 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:29:26 2012 TCPv4_SERVER link remote: 41.223.160.134:32304
Tue Sep 18 16:29:26 2012 41.223.160.134:32304 TLS: Initial packet from 41.223.160.134:32304, sid=e5c05341 48e4505d
Tue Sep 18 16:29:35 2012 41.223.160.134:32304 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:29:35 2012 41.223.160.134:32304 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:29:35 2012 41.223.160.134:32304 TLS Error: TLS handshake failed
Tue Sep 18 16:29:35 2012 41.223.160.134:32304 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:29:35 2012 41.223.160.134:32304 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:29:35 2012 TCP/UDP: Closing socket
Tue Sep 18 16:29:40 2012 MULTI: multi_create_instance called
Tue Sep 18 16:29:40 2012 Re-using SSL/TLS context
Tue Sep 18 16:29:40 2012 LZO compression initialized
Tue Sep 18 16:29:40 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:29:40 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:29:40 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:29:40 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:29:40 2012 TCP connection established with 41.223.160.134:22697
Tue Sep 18 16:29:40 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:29:40 2012 TCPv4_SERVER link remote: 41.223.160.134:22697
Tue Sep 18 16:29:40 2012 41.223.160.134:22697 TLS: Initial packet from 41.223.160.134:22697, sid=1357c0a8 f6309cdb
Tue Sep 18 16:29:47 2012 41.223.160.134:22697 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:29:47 2012 41.223.160.134:22697 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:29:47 2012 41.223.160.134:22697 TLS Error: TLS handshake failed
Tue Sep 18 16:29:47 2012 41.223.160.134:22697 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:29:47 2012 41.223.160.134:22697 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:29:47 2012 TCP/UDP: Closing socket
Tue Sep 18 16:29:53 2012 MULTI: multi_create_instance called
Tue Sep 18 16:29:53 2012 Re-using SSL/TLS context
Tue Sep 18 16:29:53 2012 LZO compression initialized
Tue Sep 18 16:29:53 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:29:53 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:29:53 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:29:53 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:29:53 2012 TCP connection established with 41.223.160.134:49998
Tue Sep 18 16:29:53 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:29:53 2012 TCPv4_SERVER link remote: 41.223.160.134:49998
Tue Sep 18 16:29:53 2012 41.223.160.134:49998 TLS: Initial packet from 41.223.160.134:49998, sid=b55ca4ee 5bb9d102
Tue Sep 18 16:30:00 2012 41.223.160.134:49998 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:30:00 2012 41.223.160.134:49998 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:30:00 2012 41.223.160.134:49998 TLS Error: TLS handshake failed
Tue Sep 18 16:30:00 2012 41.223.160.134:49998 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:30:00 2012 41.223.160.134:49998 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:30:00 2012 TCP/UDP: Closing socket
Tue Sep 18 16:30:05 2012 MULTI: multi_create_instance called
Tue Sep 18 16:30:05 2012 Re-using SSL/TLS context
Tue Sep 18 16:30:05 2012 LZO compression initialized
Tue Sep 18 16:30:05 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:30:05 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:30:05 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:30:05 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:30:05 2012 TCP connection established with 41.223.160.134:20508
Tue Sep 18 16:30:05 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:30:05 2012 TCPv4_SERVER link remote: 41.223.160.134:20508
Tue Sep 18 16:30:05 2012 41.223.160.134:20508 TLS: Initial packet from 41.223.160.134:20508, sid=30fa22ce 347448aa
Tue Sep 18 16:30:13 2012 41.223.160.134:20508 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:30:13 2012 41.223.160.134:20508 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:30:13 2012 41.223.160.134:20508 TLS Error: TLS handshake failed
Tue Sep 18 16:30:13 2012 41.223.160.134:20508 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:30:13 2012 41.223.160.134:20508 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:30:13 2012 TCP/UDP: Closing socket
Tue Sep 18 16:30:19 2012 MULTI: multi_create_instance called
Tue Sep 18 16:30:19 2012 Re-using SSL/TLS context
Tue Sep 18 16:30:19 2012 LZO compression initialized
Tue Sep 18 16:30:19 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:30:19 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:30:19 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:30:19 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:30:19 2012 TCP connection established with 41.223.160.134:13681
Tue Sep 18 16:30:19 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:30:19 2012 TCPv4_SERVER link remote: 41.223.160.134:13681
Tue Sep 18 16:30:19 2012 41.223.160.134:13681 TLS: Initial packet from 41.223.160.134:13681, sid=5951c1ef b2b36445
Tue Sep 18 16:30:25 2012 41.223.160.134:13681 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:30:25 2012 41.223.160.134:13681 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:30:25 2012 41.223.160.134:13681 TLS Error: TLS handshake failed
Tue Sep 18 16:30:25 2012 41.223.160.134:13681 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:30:25 2012 41.223.160.134:13681 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:30:25 2012 TCP/UDP: Closing socket
Tue Sep 18 16:30:31 2012 MULTI: multi_create_instance called
Tue Sep 18 16:30:31 2012 Re-using SSL/TLS context
Tue Sep 18 16:30:31 2012 LZO compression initialized
Tue Sep 18 16:30:31 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:30:31 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:30:31 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:30:31 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:30:31 2012 TCP connection established with 41.223.160.134:42686
Tue Sep 18 16:30:31 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:30:31 2012 TCPv4_SERVER link remote: 41.223.160.134:42686
Tue Sep 18 16:30:31 2012 41.223.160.134:42686 TLS: Initial packet from 41.223.160.134:42686, sid=7c103522 7fc60d95
Tue Sep 18 16:30:38 2012 41.223.160.134:42686 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:30:38 2012 41.223.160.134:42686 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:30:38 2012 41.223.160.134:42686 TLS Error: TLS handshake failed
Tue Sep 18 16:30:38 2012 41.223.160.134:42686 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:30:38 2012 41.223.160.134:42686 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:30:38 2012 TCP/UDP: Closing socket
Tue Sep 18 16:30:43 2012 MULTI: multi_create_instance called
Tue Sep 18 16:30:43 2012 Re-using SSL/TLS context
Tue Sep 18 16:30:43 2012 LZO compression initialized
Tue Sep 18 16:30:43 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:30:43 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:30:43 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:30:43 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:30:43 2012 TCP connection established with 41.223.160.134:1469
Tue Sep 18 16:30:43 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:30:43 2012 TCPv4_SERVER link remote: 41.223.160.134:1469
Tue Sep 18 16:30:43 2012 41.223.160.134:1469 TLS: Initial packet from 41.223.160.134:1469, sid=5c21e2ab 482a3698
Tue Sep 18 16:30:51 2012 41.223.160.134:1469 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:30:51 2012 41.223.160.134:1469 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:30:51 2012 41.223.160.134:1469 TLS Error: TLS handshake failed
Tue Sep 18 16:30:51 2012 41.223.160.134:1469 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:30:51 2012 41.223.160.134:1469 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:30:51 2012 TCP/UDP: Closing socket
Tue Sep 18 16:30:57 2012 MULTI: multi_create_instance called
Tue Sep 18 16:30:57 2012 Re-using SSL/TLS context
Tue Sep 18 16:30:57 2012 LZO compression initialized
Tue Sep 18 16:30:57 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:30:57 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:30:57 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:30:57 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:30:57 2012 TCP connection established with 41.223.160.134:17392
Tue Sep 18 16:30:57 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:30:57 2012 TCPv4_SERVER link remote: 41.223.160.134:17392
Tue Sep 18 16:30:57 2012 41.223.160.134:17392 TLS: Initial packet from 41.223.160.134:17392, sid=9ce66323 34f46787
Tue Sep 18 16:31:04 2012 41.223.160.134:17392 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:31:04 2012 41.223.160.134:17392 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:31:04 2012 41.223.160.134:17392 TLS Error: TLS handshake failed
Tue Sep 18 16:31:04 2012 41.223.160.134:17392 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:31:04 2012 41.223.160.134:17392 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:31:04 2012 TCP/UDP: Closing socket
Tue Sep 18 16:31:09 2012 MULTI: multi_create_instance called
Tue Sep 18 16:31:09 2012 Re-using SSL/TLS context
Tue Sep 18 16:31:09 2012 LZO compression initialized
Tue Sep 18 16:31:09 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Sep 18 16:31:09 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 18 16:31:09 2012 Local Options hash (VER=V4): 'c0103fa8'
Tue Sep 18 16:31:09 2012 Expected Remote Options hash (VER=V4): '69109d17'
Tue Sep 18 16:31:09 2012 TCP connection established with 41.223.160.134:44934
Tue Sep 18 16:31:09 2012 TCPv4_SERVER link local: [undef]
Tue Sep 18 16:31:09 2012 TCPv4_SERVER link remote: 41.223.160.134:44934
Tue Sep 18 16:31:09 2012 41.223.160.134:44934 TLS: Initial packet from 41.223.160.134:44934, sid=d0cd2724 d488262e
Tue Sep 18 16:31:18 2012 41.223.160.134:44934 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:31:18 2012 41.223.160.134:44934 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:31:18 2012 41.223.160.134:44934 TLS Error: TLS handshake failed
Tue Sep 18 16:31:18 2012 41.223.160.134:44934 Fatal TLS error (check_tls_errors_co), restarting
Tue Sep 18 16:31:18 2012 41.223.160.134:44934 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Sep 18 16:31:18 2012 TCP/UDP: Closing socket
Tue Sep 18 16:31:22 2012 TCP/UDP: Closing socket
Tue Sep 18 16:31:22 2012 /sbin/ip route del 10.9.0.0/24
Tue Sep 18 16:31:22 2012 Closing TUN/TAP interface
Tue Sep 18 16:31:22 2012 /sbin/ip addr del dev tun1 local 10.9.0.1 peer 10.9.0.2
Tue Sep 18 16:31:22 2012 SIGTERM[hard,] received, process exiting
Tue Sep 18 16:31:24 2012 us=658478 Current Parameter Settings:
Tue Sep 18 16:31:24 2012 us=658568   config = 'server.conf'
Tue Sep 18 16:31:24 2012 us=658583   mode = 1
Tue Sep 18 16:31:24 2012 us=658594   persist_config = DISABLED
Tue Sep 18 16:31:24 2012 us=658605   persist_mode = 1
Tue Sep 18 16:31:24 2012 us=658615   show_ciphers = DISABLED
Tue Sep 18 16:31:24 2012 us=658625   show_digests = DISABLED
Tue Sep 18 16:31:24 2012 us=658635   show_engines = DISABLED
Tue Sep 18 16:31:24 2012 us=658645   genkey = DISABLED
Tue Sep 18 16:31:24 2012 us=658655   key_pass_file = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=658666   show_tls_ciphers = DISABLED
Tue Sep 18 16:31:24 2012 us=658676 Connection profiles [default]:
Tue Sep 18 16:31:24 2012 us=658687   proto = tcp-server
Tue Sep 18 16:31:24 2012 us=658697   local = '96.31.66.221'
Tue Sep 18 16:31:24 2012 us=658707   local_port = 2507
Tue Sep 18 16:31:24 2012 us=658717   remote = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=658728   remote_port = 2507
Tue Sep 18 16:31:24 2012 us=658738   remote_float = DISABLED
Tue Sep 18 16:31:24 2012 us=658748   bind_defined = DISABLED
Tue Sep 18 16:31:24 2012 us=658758   bind_local = ENABLED
Tue Sep 18 16:31:24 2012 us=658768   connect_retry_seconds = 5
Tue Sep 18 16:31:24 2012 us=658778   connect_timeout = 10
Tue Sep 18 16:31:24 2012 us=658788   connect_retry_max = 0
Tue Sep 18 16:31:24 2012 us=658798   socks_proxy_server = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=658808   socks_proxy_port = 0
Tue Sep 18 16:31:24 2012 us=658818   socks_proxy_retry = DISABLED
Tue Sep 18 16:31:24 2012 us=658831 Connection profiles END
Tue Sep 18 16:31:24 2012 us=658842   remote_random = DISABLED
Tue Sep 18 16:31:24 2012 us=658852   ipchange = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=658862   dev = 'tun'
Tue Sep 18 16:31:24 2012 us=658872   dev_type = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=658882   dev_node = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=658892   lladdr = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=658902   topology = 1
Tue Sep 18 16:31:24 2012 us=658912   tun_ipv6 = DISABLED
Tue Sep 18 16:31:24 2012 us=658922   ifconfig_local = '10.9.0.1'
Tue Sep 18 16:31:24 2012 us=658932   ifconfig_remote_netmask = '10.9.0.2'
Tue Sep 18 16:31:24 2012 us=658942   ifconfig_noexec = DISABLED
Tue Sep 18 16:31:24 2012 us=658952   ifconfig_nowarn = DISABLED
Tue Sep 18 16:31:24 2012 us=658980   shaper = 0
Tue Sep 18 16:31:24 2012 us=658992   tun_mtu = 1500
Tue Sep 18 16:31:24 2012 us=659002   tun_mtu_defined = ENABLED
Tue Sep 18 16:31:24 2012 us=659038   link_mtu = 1500
Tue Sep 18 16:31:24 2012 us=659051   link_mtu_defined = DISABLED
Tue Sep 18 16:31:24 2012 us=659061   tun_mtu_extra = 0
Tue Sep 18 16:31:24 2012 us=659072   tun_mtu_extra_defined = DISABLED
Tue Sep 18 16:31:24 2012 us=659082   fragment = 0
Tue Sep 18 16:31:24 2012 us=659093   mtu_discover_type = -1
Tue Sep 18 16:31:24 2012 us=659103   mtu_test = 0
Tue Sep 18 16:31:24 2012 us=659113   mlock = DISABLED
Tue Sep 18 16:31:24 2012 us=659128   keepalive_ping = 5
Tue Sep 18 16:31:24 2012 us=659134   keepalive_timeout = 30
Tue Sep 18 16:31:24 2012 us=659140   inactivity_timeout = 0
Tue Sep 18 16:31:24 2012 us=659145   ping_send_timeout = 5
Tue Sep 18 16:31:24 2012 us=659150   ping_rec_timeout = 60
Tue Sep 18 16:31:24 2012 us=659155   ping_rec_timeout_action = 2
Tue Sep 18 16:31:24 2012 us=659160   ping_timer_remote = DISABLED
Tue Sep 18 16:31:24 2012 us=659165   remap_sigusr1 = 0
Tue Sep 18 16:31:24 2012 us=659170   explicit_exit_notification = 0
Tue Sep 18 16:31:24 2012 us=659174   persist_tun = ENABLED
Tue Sep 18 16:31:24 2012 us=659179   persist_local_ip = DISABLED
Tue Sep 18 16:31:24 2012 us=659184   persist_remote_ip = DISABLED
Tue Sep 18 16:31:24 2012 us=659189   persist_key = ENABLED
Tue Sep 18 16:31:24 2012 us=659194   mssfix = 1450
Tue Sep 18 16:31:24 2012 us=659199   passtos = DISABLED
Tue Sep 18 16:31:24 2012 us=659204   resolve_retry_seconds = 1000000000
Tue Sep 18 16:31:24 2012 us=659209   username = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659214   groupname = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659219   chroot_dir = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659224   cd_dir = '/etc/openvpn'
Tue Sep 18 16:31:24 2012 us=659229   selinux_context = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659234   writepid = '/var/run/openvpn/server.pid'
Tue Sep 18 16:31:24 2012 us=659239   up_script = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659244   down_script = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659249   down_pre = DISABLED
Tue Sep 18 16:31:24 2012 us=659254   up_restart = DISABLED
Tue Sep 18 16:31:24 2012 us=659258   up_delay = DISABLED
Tue Sep 18 16:31:24 2012 us=659263   daemon = ENABLED
Tue Sep 18 16:31:24 2012 us=659268   inetd = 0
Tue Sep 18 16:31:24 2012 us=659273   log = ENABLED
Tue Sep 18 16:31:24 2012 us=659278   suppress_timestamps = DISABLED
Tue Sep 18 16:31:24 2012 us=659283   nice = 0
Tue Sep 18 16:31:24 2012 us=659288   verbosity = 4
Tue Sep 18 16:31:24 2012 us=659292   mute = 0
Tue Sep 18 16:31:24 2012 us=659297   gremlin = 0
Tue Sep 18 16:31:24 2012 us=659302   status_file = 'server-tcp.log'
Tue Sep 18 16:31:24 2012 us=659307   status_file_version = 1
Tue Sep 18 16:31:24 2012 us=659312   status_file_update_freq = 60
Tue Sep 18 16:31:24 2012 us=659317   occ = ENABLED
Tue Sep 18 16:31:24 2012 us=659322   rcvbuf = 65536
Tue Sep 18 16:31:24 2012 us=659327   sndbuf = 65536
Tue Sep 18 16:31:24 2012 us=659331   sockflags = 0
Tue Sep 18 16:31:24 2012 us=659336   fast_io = DISABLED
Tue Sep 18 16:31:24 2012 us=659341   lzo = 7
Tue Sep 18 16:31:24 2012 us=659346   route_script = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659351   route_default_gateway = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659356   route_default_metric = 0
Tue Sep 18 16:31:24 2012 us=659361   route_noexec = DISABLED
Tue Sep 18 16:31:24 2012 us=659366   route_delay = 0
Tue Sep 18 16:31:24 2012 us=659370   route_delay_window = 30
Tue Sep 18 16:31:24 2012 us=659376   route_delay_defined = DISABLED
Tue Sep 18 16:31:24 2012 us=659380   route_nopull = DISABLED
Tue Sep 18 16:31:24 2012 us=659385   route_gateway_via_dhcp = DISABLED
Tue Sep 18 16:31:24 2012 us=659390   max_routes = 100
Tue Sep 18 16:31:24 2012 us=659395   allow_pull_fqdn = DISABLED
Tue Sep 18 16:31:24 2012 us=659401   route 10.9.0.0/255.255.255.0/nil/nil
Tue Sep 18 16:31:24 2012 us=659406   management_addr = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659411   management_port = 0
Tue Sep 18 16:31:24 2012 us=659416   management_user_pass = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659426   management_log_history_cache = 250
Tue Sep 18 16:31:24 2012 us=659432   management_echo_buffer_size = 100
Tue Sep 18 16:31:24 2012 us=659437   management_write_peer_info_file = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659442   management_client_user = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659447   management_client_group = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659452   management_flags = 0
Tue Sep 18 16:31:24 2012 us=659457   shared_secret_file = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659462   key_direction = 0
Tue Sep 18 16:31:24 2012 us=659467   ciphername_defined = ENABLED
Tue Sep 18 16:31:24 2012 us=659472   ciphername = 'BF-CBC'
Tue Sep 18 16:31:24 2012 us=659477   authname_defined = ENABLED
Tue Sep 18 16:31:24 2012 us=659482   authname = 'SHA1'
Tue Sep 18 16:31:24 2012 us=659487   prng_hash = 'SHA1'
Tue Sep 18 16:31:24 2012 us=659492   prng_nonce_secret_len = 16
Tue Sep 18 16:31:24 2012 us=659497   keysize = 0
Tue Sep 18 16:31:24 2012 us=659502   engine = DISABLED
Tue Sep 18 16:31:24 2012 us=659507   replay = ENABLED
Tue Sep 18 16:31:24 2012 us=659512   mute_replay_warnings = DISABLED
Tue Sep 18 16:31:24 2012 us=659517   replay_window = 64
Tue Sep 18 16:31:24 2012 us=659522   replay_time = 15
Tue Sep 18 16:31:24 2012 us=659526   packet_id_file = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659531   use_iv = ENABLED
Tue Sep 18 16:31:24 2012 us=659536   test_crypto = DISABLED
Tue Sep 18 16:31:24 2012 us=659541   tls_server = ENABLED
Tue Sep 18 16:31:24 2012 us=659546   tls_client = DISABLED
Tue Sep 18 16:31:24 2012 us=659551   key_method = 2
Tue Sep 18 16:31:24 2012 us=659556   ca_file = '/etc/openvpn/keys/ca.crt'
Tue Sep 18 16:31:24 2012 us=659561   ca_path = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659566   dh_file = '/etc/openvpn/keys/dh1024.pem'
Tue Sep 18 16:31:24 2012 us=659571   cert_file = '/etc/openvpn/keys/server.crt'
Tue Sep 18 16:31:24 2012 us=659576   priv_key_file = '/etc/openvpn/keys/server.key'
Tue Sep 18 16:31:24 2012 us=659581   pkcs12_file = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659586   cipher_list = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659591   tls_verify = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659596   tls_export_cert = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659601   tls_remote = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659605   crl_file = '[UNDEF]'
Tue Sep 18 16:31:24 2012 us=659610   ns_cert_type = 0
Tue Sep 18 16:31:24 2012 us=659615   remote_cert_ku[i] = 0
Tue Sep 18 16:31:24 2012 us=659620   remote_cert_ku[i] = 0

here is full openvpn.log http://txtup.net/jcDae

Post by **maikcat** » Wed Sep 19, 2012 6:21 am

hi there,

Tue Sep 18 16:26:17 2012 41.223.160.134:10275 TLS: Initial packet from 41.223.160.134:10275, sid=36335113 a04df064
Tue Sep 18 16:26:24 2012 41.223.160.134:10275 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
Tue Sep 18 16:26:24 2012 41.223.160.134:10275 TLS Error: TLS object -> incoming plaintext read error
Tue Sep 18 16:26:24 2012 41.223.160.134:10275 TLS Error: TLS handshake failed

please stop changing your config,i am hunting witches here....

if you dont want to give out certs to your clients you need client-cert-not-required and username-as-common-name into server config,

otherwise you MUST use a certificate to your clients..

Michael.

Jolly^Guy · Post by **Jolly^Guy** » Wed Sep 19, 2012 9:29 am

I added
client-cert-not-required & username-as-common-name

I got in error log :

Code: Select all



Wed Sep 19 05:19:56 2012 us=428486 41.223.160.129:12151 SIGUSR1[soft,connection-           reset] received, client-instance restarting$
Wed Sep 19 05:19:56 2012 us=428563 TCP/UDP: Closing socket$
Wed Sep 19 05:21:19 2012 us=592507 MULTI: multi_create_instance called$
Wed Sep 19 05:21:19 2012 us=592578 Re-using SSL/TLS context$
Wed Sep 19 05:21:19 2012 us=592609 LZO compression initialized$
Wed Sep 19 05:21:19 2012 us=592695 Control Channel MTU parms [ L:1544 D:140 EF:4           0 EB:0 ET:0 EL:0 ]$
Wed Sep 19 05:21:19 2012 us=592716 Data Channel MTU parms [ L:1544 D:1450 EF:44            EB:135 ET:0 EL:0 AF:3/1 ]$
Wed Sep 19 05:21:19 2012 us=592754 Local Options String: 'V4,dev-type tun,link-m           tu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize            128,key-method 2,tls-server'$
Wed Sep 19 05:21:19 2012 us=592766 Expected Remote Options String: 'V4,dev-type            tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SH           A1,keysize 128,key-method 2,tls-client'$
Wed Sep 19 05:21:19 2012 us=592787 Local Options hash (VER=V4): 'c0103fa8'$
Wed Sep 19 05:21:19 2012 us=592804 Expected Remote Options hash (VER=V4): '69109           d17'$
Wed Sep 19 05:21:19 2012 us=592827 TCP connection established with 41.223.160.12           9:60351$
Wed Sep 19 05:21:19 2012 us=592843 TCPv4_SERVER link local: [undef]$
Wed Sep 19 05:21:19 2012 us=592856 TCPv4_SERVER link remote: 41.223.160.129:6035           1$
Wed Sep 19 05:21:19 2012 us=612832 41.223.160.129:60351 TLS: Initial packet from            41.223.160.129:60351, sid=8aa1e77e 15b4db0b$
Wed Sep 19 05:21:30 2012 us=465324 41.223.160.129:60351 WARNING: Failed running            command (--auth-user-pass-verify): could not execute external program$
Wed Sep 19 05:21:30 2012 us=465374 41.223.160.129:60351 TLS Auth Error: Auth Use           rname/Password verification failed for peer$
Wed Sep 19 05:21:30 2012 us=465394 41.223.160.129:60351 WARNING: 'link-mtu' is u           sed inconsistently, local='link-mtu 1544', remote='link-mtu 1576'$
Wed Sep 19 05:21:30 2012 us=465404 41.223.160.129:60351 WARNING: 'tun-mtu' is us           ed inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532'$
Wed Sep 19 05:21:31 2012 us=553952 41.223.160.129:60351 Control Channel: TLSv1,            cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA$
Wed Sep 19 05:21:31 2012 us=554008 41.223.160.129:60351 [] Peer Connection Initi           ated with 41.223.160.129:60351$
Wed Sep 19 05:21:33 2012 us=334976 41.223.160.129:60351 PUSH: Received control m           essage: 'PUSH_REQUEST'$
Wed Sep 19 05:21:33 2012 us=335004 41.223.160.129:60351 Delayed exit in 5 second           s$
Wed Sep 19 05:21:33 2012 us=335020 41.223.160.129:60351 SENT CONTROL [UNDEF]: 'A           UTH_FAILED' (status=1)$
Wed Sep 19 05:21:34 2012 us=974305 41.223.160.129:60351 Connection reset, restar           ting [0]$
Wed Sep 19 05:21:34 2012 us=974335 41.223.160.129:60351 SIGUSR1[soft,connection-           reset] received, client-instance restarting$
Wed Sep 19 05:21:34 2012 us=974398 TCP/UDP: Closing socket$

Post by **maikcat** » Wed Sep 19, 2012 10:00 am

Wed Sep 19 05:21:30 2012 us=465324 41.223.160.129:60351 WARNING: Failed running command (--auth-user-pass-verify): could not execute external program$
Wed Sep 19 05:21:30 2012 us=465374 41.223.160.129:60351 TLS Auth Error: Auth Use rname/Password verification failed for peer$
Wed Sep 19 05:21:30 2012 us=465394 41.223.160.129:60351 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1544', remote='link-mtu 1576'$
Wed Sep 19 05:21:30 2012 us=465404 41.223.160.129:60351 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532'$
Wed Sep 19 05:21:31 2012 us=553952 41.223.160.129:60351 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA$
Wed Sep 19 05:21:31 2012 us=554008 41.223.160.129:60351 [] Peer Connection Initiated with 41.223.160.129:60351$
Wed Sep 19 05:21:33 2012 us=334976 41.223.160.129:60351 PUSH: Received control message: 'PUSH_REQUEST'$
Wed Sep 19 05:21:33 2012 us=335004 41.223.160.129:60351 Delayed exit in 5 second s$
Wed Sep 19 05:21:33 2012 us=335020 41.223.160.129:60351 SENT CONTROL [UNDEF]: 'A UTH_FAILED' (status=1)$
Wed Sep 19 05:21:34 2012 us=974305 41.223.160.129:60351 Connection reset, restarting [0]$

please read the logs...

could not execute external program

this tells you that openvpn cant execute auth-pam.pl and because of that you get AUTH_FAILED...

is auth_pam.pl exists & readable by openvpn?

Michael.

Jolly^Guy · Post by **Jolly^Guy** » Wed Sep 19, 2012 10:41 am

I copied auth-pam.pl from sample-script to /etc/openvpn/
i got the same error ..

I can give you in private server login details to check by yourself
regards,

Jolly^Guy · Post by **Jolly^Guy** » Wed Sep 19, 2012 11:17 am

I install PAM & Authen::PAM::Module so now auth-pal.pl run

Code: Select all

[root@news openvpn]# perl -t auth-pam.pl
No username/password file specified on command line

in log still give

Code: Select all

Wed Sep 19 07:12:51 2012 us=100784 41.223.160.147:56599 WARNING: Failed running command (--auth-user-pass-verify): could not execute external program$
Wed Sep 19 07:12:51 2012 us=100865 41.223.160.147:56599 TLS Auth Error: Auth Username/Password verification failed for peer$

Jolly^Guy · Post by **Jolly^Guy** » Wed Sep 19, 2012 1:21 pm

I installed openvpn as
when i try to connect via
https://96.31.66.221:943/?src=connect

it loading long time and wouldn't connect at all...

although everything look fine @ admin UI .. the server is running okay

OpenVPN Support Forum

Can't [openvpn /etc/openvpn/server.conf] start

Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start

Re: Can't [openvpn /etc/openvpn/server.conf] start