Not conect and no error

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
vagner.oliveira
OpenVpn Newbie
Posts: 1
Joined: Tue Aug 16, 2022 9:28 am

Not conect and no error

Post by vagner.oliveira » Tue Aug 16, 2022 9:38 am

Hi everyone, I'm new to the OpenVPN world and I'm having a problem connecting with OpenVPN, it just doesn't connect and it doesn't show an error message. I have a microtik where the certificate is generated. Below is the certificate settings and the error log.

Certificate CA

Code: Select all

key cert sign
crl sign

Certicate Client keys:

Code: Select all

digital signature
data enciphement
key cert sign
crl sign
tls client
tls server
Client config

Code: Select all

client
dev tun
proto tcp-client
remote 8eed0a834c38.sn.mynetname.net
port 1194
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
ca ca.crt
cert LISIANE2.crt
key LISIANE2.key
verb 4
mute 10
--data-ciphers-fallback AES-256-CBC
auth SHA1
auth-user-pass secret
auth-nocache
remote-cert-eku "TLS Web Server Authentication"
Log:

Code: Select all

2022-08-16 06:24:21 us=453000 Current Parameter Settings:
2022-08-16 06:24:21 us=453000   config = 'pst.ovpn'
2022-08-16 06:24:21 us=453000   mode = 0
2022-08-16 06:24:21 us=453000   show_ciphers = DISABLED
2022-08-16 06:24:21 us=453000   show_digests = DISABLED
2022-08-16 06:24:21 us=453000   show_engines = DISABLED
2022-08-16 06:24:21 us=453000   genkey = DISABLED
2022-08-16 06:24:21 us=453000   genkey_filename = '[UNDEF]'
2022-08-16 06:24:21 us=453000   key_pass_file = '[UNDEF]'
2022-08-16 06:24:21 us=453000   show_tls_ciphers = DISABLED
2022-08-16 06:24:21 us=453000 NOTE: --mute triggered...
2022-08-16 06:24:21 us=453000 291 variation(s) on previous 10 message(s) suppressed by --mute
2022-08-16 06:24:21 us=453000 OpenVPN 2.5.7 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 27 2022
2022-08-16 06:24:21 us=453000 Windows version 10.0 (Windows 10 or greater) 64bit
2022-08-16 06:24:21 us=453000 library versions: OpenSSL 1.1.1o  3 May 2022, LZO 2.10
2022-08-16 06:24:21 us=453000 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
2022-08-16 06:24:21 us=453000 Need hold release from management interface, waiting...
2022-08-16 06:24:21 us=906000 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
2022-08-16 06:24:22 us=15000 MANAGEMENT: CMD 'state on'
2022-08-16 06:24:22 us=15000 MANAGEMENT: CMD 'log all on'
2022-08-16 06:24:22 us=375000 MANAGEMENT: CMD 'echo all on'
2022-08-16 06:24:22 us=390000 MANAGEMENT: CMD 'bytecount 5'
2022-08-16 06:24:22 us=421000 MANAGEMENT: CMD 'hold off'
2022-08-16 06:24:22 us=437000 MANAGEMENT: CMD 'hold release'
2022-08-16 06:24:22 us=484000 MANAGEMENT: CMD 'password [...]'
2022-08-16 06:24:22 us=500000 Control Channel MTU parms [ L:1623 D:1210 EF:40 EB:0 ET:0 EL:3 ]
2022-08-16 06:24:22 us=500000 MANAGEMENT: >STATE:1660641862,RESOLVE,,,,,,
2022-08-16 06:24:22 us=812000 Data Channel MTU parms [ L:1623 D:1450 EF:123 EB:406 ET:0 EL:3 ]
2022-08-16 06:24:22 us=812000 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,auth SHA1,keysize 256,key-method 2,tls-client'
2022-08-16 06:24:22 us=812000 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,auth SHA1,keysize 256,key-method 2,tls-server'
2022-08-16 06:24:22 us=812000 TCP/UDP: Preserving recently used remote address: [AF_INET]189.59.6.187:1194
2022-08-16 06:24:22 us=812000 Socket Buffers: R=[65536->65536] S=[65536->65536]
2022-08-16 06:24:22 us=812000 Attempting to establish TCP connection with [AF_INET]189.59.6.187:1194 [nonblock]
2022-08-16 06:24:22 us=812000 MANAGEMENT: >STATE:1660641862,TCP_CONNECT,,,,,,
2022-08-16 06:24:22 us=859000 TCP connection established with [AF_INET]189.59.6.187:1194
2022-08-16 06:24:22 us=859000 TCP_CLIENT link local: (not bound)
2022-08-16 06:24:22 us=859000 TCP_CLIENT link remote: [AF_INET]189.59.6.187:1194
2022-08-16 06:24:22 us=859000 MANAGEMENT: >STATE:1660641862,WAIT,,,,,,
2022-08-16 06:24:22 us=921000 MANAGEMENT: >STATE:1660641862,AUTH,,,,,,
2022-08-16 06:24:22 us=921000 TLS: Initial packet from [AF_INET]189.59.6.187:1194, sid=6ee78ba2 c1c6491e
2022-08-16 06:24:23 us=109000 VERIFY OK: depth=1, CN=CA
2022-08-16 06:24:23 us=109000 VERIFY KU OK
2022-08-16 06:24:23 us=109000 Validating certificate extended key usage
2022-08-16 06:24:23 us=109000 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2022-08-16 06:24:23 us=109000 VERIFY EKU OK
2022-08-16 06:24:23 us=109000 VERIFY OK: depth=0, CN=SERVER
2022-08-16 06:24:23 us=328000 Connection reset, restarting [0]
2022-08-16 06:24:23 us=328000 TCP/UDP: Closing socket
2022-08-16 06:24:23 us=328000 SIGUSR1[soft,connection-reset] received, process restarting
2022-08-16 06:24:23 us=328000 MANAGEMENT: >STATE:1660641863,RECONNECTING,connection-reset,,,,,
2022-08-16 06:24:23 us=328000 Restart pause, 5 second(s)
2022-08-16 06:24:28 us=343000 Re-using SSL/TLS context
2022-08-16 06:24:28 us=343000 Control Channel MTU parms [ L:1623 D:1210 EF:40 EB:0 ET:0 EL:3 ]
2022-08-16 06:24:28 us=343000 MANAGEMENT: >STATE:1660641868,RESOLVE,,,,,,
2022-08-16 06:24:28 us=578000 Data Channel MTU parms [ L:1623 D:1450 EF:123 EB:406 ET:0 EL:3 ]
2022-08-16 06:24:28 us=578000 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,auth SHA1,keysize 256,key-method 2,tls-client'
2022-08-16 06:24:28 us=578000 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,auth SHA1,keysize 256,key-method 2,tls-server'
2022-08-16 06:24:28 us=578000 TCP/UDP: Preserving recently used remote address: [AF_INET]189.59.6.187:1194
2022-08-16 06:24:28 us=578000 Socket Buffers: R=[65536->65536] S=[65536->65536]
2022-08-16 06:24:28 us=578000 Attempting to establish TCP connection with [AF_INET]189.59.6.187:1194 [nonblock]
2022-08-16 06:24:28 us=578000 MANAGEMENT: >STATE:1660641868,TCP_CONNECT,,,,,,
2022-08-16 06:24:28 us=640000 TCP connection established with [AF_INET]189.59.6.187:1194
2022-08-16 06:24:28 us=640000 TCP_CLIENT link local: (not bound)
2022-08-16 06:24:28 us=640000 TCP_CLIENT link remote: [AF_INET]189.59.6.187:1194
2022-08-16 06:24:28 us=640000 MANAGEMENT: >STATE:1660641868,WAIT,,,,,,
2022-08-16 06:24:28 us=687000 MANAGEMENT: >STATE:1660641868,AUTH,,,,,,
2022-08-16 06:24:28 us=687000 TLS: Initial packet from [AF_INET]189.59.6.187:1194, sid=e5ec7874 4c0aa4ae
2022-08-16 06:24:28 us=875000 VERIFY OK: depth=1, CN=CA
2022-08-16 06:24:28 us=875000 VERIFY KU OK
2022-08-16 06:24:28 us=875000 Validating certificate extended key usage
2022-08-16 06:24:28 us=875000 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2022-08-16 06:24:28 us=875000 VERIFY EKU OK
2022-08-16 06:24:28 us=875000 VERIFY OK: depth=0, CN=SERVER
2022-08-16 06:24:29 us=78000 Connection reset, restarting [0]
2022-08-16 06:24:29 us=78000 TCP/UDP: Closing socket
2022-08-16 06:24:29 us=78000 SIGUSR1[soft,connection-reset] received, process restarting
2022-08-16 06:24:29 us=78000 MANAGEMENT: >STATE:1660641869,RECONNECTING,connection-reset,,,,,
2022-08-16 06:24:29 us=78000 Restart pause, 5 second(s)
2022-08-16 06:24:33 us=109000 SIGTERM[hard,init_instance] received, process exiting
2022-08-16 06:24:33 us=109000 MANAGEMENT: >STATE:1660641873,EXITING,init_instance,,,,,

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Not conect and no error

Post by TinCanTech » Tue Aug 16, 2022 12:49 pm

Is your server OpenVPN-Access-Server ?

Please start here: viewtopic.php?t=22603

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1333
Joined: Tue Feb 16, 2021 10:41 am

Re: Not conect and no error

Post by openvpn_inc » Thu Aug 18, 2022 8:34 am

This is a community version, moving it here.
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

Post Reply