option_error: more than one instance of option 'ping'
And fails to connect
Ive been using every openvpn app fine till now..
Option error broke in 1.0.1
-
ritzt3ch
- OpenVpn Newbie
- Posts: 15
- Joined: Sun Mar 31, 2013 6:41 am
Re: Option error broke in 1.0.1
Anyone know how and where to submit a bug report sothe fix can go to the next release
-
lolex
- OpenVPN Power User
- Posts: 52
- Joined: Sun Jun 05, 2011 7:50 pm
Re: Option error broke in 1.0.1
Remove all occurences of "--ping" but one. It's unnecessary to provide this option more than once anyway.
I guess you specified the --ping option in the client config and additionally the server is pushing this option to the client. The --keep-alive option also includes --ping (see https://community.openvpn.net/openvpn/w ... n23ManPage). So if you specified --keep-alive on the server OR on the client then you should remove all instances of --ping.
I guess you specified the --ping option in the client config and additionally the server is pushing this option to the client. The --keep-alive option also includes --ping (see https://community.openvpn.net/openvpn/w ... n23ManPage). So if you specified --keep-alive on the server OR on the client then you should remove all instances of --ping.
-
ritzt3ch
- OpenVpn Newbie
- Posts: 15
- Joined: Sun Mar 31, 2013 6:41 am
Re: Option error broke in 1.0.1
Not sure why but dont see it in the conf
But out of 5 different application versions of openvpn on different flavors of windows linux mac and it worked for 7 years .
What strict option in the new IOS stops this and why
Where can i submit a bug report for this...
suppress-timestamps
client
verb 5
connect-retry-max 5
connect-retry 5
resolv-retry 60
dev tun
remote xx.xx.xx.xx 1194 udp
auth-user-pass
<ca>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</ca>
<key>
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
</key>
<cert>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE----
</cert>
comp-lzo
<tls-auth>
-----BEGIN OpenVPN Static Key----
-----END OpenVPN Static key V-----
</tls-auth>
key-direction 1
nobind
persist-tun
persist-remote-ip
management-query-proxy
explicit-exit-notify
resolv-retry infinite
But out of 5 different application versions of openvpn on different flavors of windows linux mac and it worked for 7 years .
What strict option in the new IOS stops this and why
Where can i submit a bug report for this...
suppress-timestamps
client
verb 5
connect-retry-max 5
connect-retry 5
resolv-retry 60
dev tun
remote xx.xx.xx.xx 1194 udp
auth-user-pass
<ca>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</ca>
<key>
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
</key>
<cert>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE----
</cert>
comp-lzo
<tls-auth>
-----BEGIN OpenVPN Static Key----
-----END OpenVPN Static key V-----
</tls-auth>
key-direction 1
nobind
persist-tun
persist-remote-ip
management-query-proxy
explicit-exit-notify
resolv-retry infinite
-
lolex
- OpenVPN Power User
- Posts: 52
- Joined: Sun Jun 05, 2011 7:50 pm
Re: Option error broke in 1.0.1
And what options is the server pushing to the client? --ping? --keep-alive?
-
ritzt3ch
- OpenVpn Newbie
- Posts: 15
- Joined: Sun Mar 31, 2013 6:41 am
Re: Option error broke in 1.0.1
From log where it pushes 2 sets of pings (which always works on every other openvpn version from mac/linux/windows/android (openvpn for android works) ..... with seperate flavors though openvpn android and openvpn IOS fail) Im with a company of 20k so its not feasible to change the server side as they might have other built around apps in need for this configuration thats been working for 7 years.
is there a way to negate (skip harsh option selections in the client.conf side) ?
2013-07-01 16:05:08 SSL Handshake: TLSv1.0/SSL-EDH-RSA-AES-256-SHA
2013-07-01 16:05:08 Session is ACTIVE
2013-07-01 16:05:09 EVENT: GET_CONFIG
2013-07-01 16:05:09 Sending PUSH_REQUEST to server...
2013-07-01 16:05:09 OPTIONS:
0 [topology] [subnet]
1 [route] [10.0.0.0] [255.248.0.0]
2 [route] [10.8.0.0] [255.255.128.0]
3 [route] [10.9.0.0] [255.255.0.0]
4 [route] [10.10.0.0] [255.254.0.0]
5 [route] [10.12.0.0] [255.252.0.0]
6 [route] [10.16.0.0] [255.240.0.0]
7 [route] [10.32.0.0] [255.224.0.0]
8 [route] [10.64.0.0] [255.224.0.0]
9 [route] [10.96.0.0] [255.252.0.0]
10 [route] [10.100.0.0] [255.255.128.0]
11 [route] [10.101.0.0] [255.255.0.0]
12 [route] [10.102.0.0] [255.254.0.0]
13 [route] [10.104.0.0] [255.248.0.0]
14 [route] [10.112.0.0] [255.240.0.0]
15 [route] [10.128.0.0] [255.128.0.0]
16 [route] [172.25.0.0] [255.255.0.0]
17 [route] [172.27.0.0] [255.255.0.0]
18 [dhcp-option] [DOMAIN] [.domain]
19 [dhcp-option] [DNS] [10.41.160.5]
20 [dhcp-option] [DNS] [10.41.168.5]
21 [ping] [10]
22 [ping-restart] [60]
23 [route-gateway] [172.27.1.1]
24 [topology] [subnet]
25 [ping] [10]
26 [ping-restart] [60]
27 [ifconfig] [172.27.1.1] [255.255.254.0]
is there a way to negate (skip harsh option selections in the client.conf side) ?
2013-07-01 16:05:08 SSL Handshake: TLSv1.0/SSL-EDH-RSA-AES-256-SHA
2013-07-01 16:05:08 Session is ACTIVE
2013-07-01 16:05:09 EVENT: GET_CONFIG
2013-07-01 16:05:09 Sending PUSH_REQUEST to server...
2013-07-01 16:05:09 OPTIONS:
0 [topology] [subnet]
1 [route] [10.0.0.0] [255.248.0.0]
2 [route] [10.8.0.0] [255.255.128.0]
3 [route] [10.9.0.0] [255.255.0.0]
4 [route] [10.10.0.0] [255.254.0.0]
5 [route] [10.12.0.0] [255.252.0.0]
6 [route] [10.16.0.0] [255.240.0.0]
7 [route] [10.32.0.0] [255.224.0.0]
8 [route] [10.64.0.0] [255.224.0.0]
9 [route] [10.96.0.0] [255.252.0.0]
10 [route] [10.100.0.0] [255.255.128.0]
11 [route] [10.101.0.0] [255.255.0.0]
12 [route] [10.102.0.0] [255.254.0.0]
13 [route] [10.104.0.0] [255.248.0.0]
14 [route] [10.112.0.0] [255.240.0.0]
15 [route] [10.128.0.0] [255.128.0.0]
16 [route] [172.25.0.0] [255.255.0.0]
17 [route] [172.27.0.0] [255.255.0.0]
18 [dhcp-option] [DOMAIN] [.domain]
19 [dhcp-option] [DNS] [10.41.160.5]
20 [dhcp-option] [DNS] [10.41.168.5]
21 [ping] [10]
22 [ping-restart] [60]
23 [route-gateway] [172.27.1.1]
24 [topology] [subnet]
25 [ping] [10]
26 [ping-restart] [60]
27 [ifconfig] [172.27.1.1] [255.255.254.0]