Issue: Client connection reset
Posted: Wed Jun 27, 2012 7:28 am
Hi,
I have configured OpenVPN server running on a router (AVM FRITZ!Box with Freetz) and OpenVPN client running on Android device.
After starting the connection, I can see that there's an connection reset, meaning the connection is instable.
In the client log this is confirmed:
Tue Jun 26 09:04:47 2012 TCP connection established with 95.113.xxx.xx:1194
Tue Jun 26 09:04:47 2012 TCPv4_CLIENT link local: [undef]
Tue Jun 26 09:04:47 2012 TCPv4_CLIENT link remote: 95.113.xxx.xx:1194
Tue Jun 26 09:04:47 2012 MANAGEMENT: >STATE:1340694287,WAIT,,,
Tue Jun 26 09:04:47 2012 MANAGEMENT: CMD 'bytecount 0'
Tue Jun 26 09:04:52 2012 Connection reset, restarting [0]
Tue Jun 26 09:04:52 2012 TCP/UDP: Closing socket
Tue Jun 26 09:04:52 2012 SIGUSR1[soft,connection-reset] received, process restarting
Tue Jun 26 09:04:52 2012 MANAGEMENT: >STATE:1340694292,RECONNECTING,connection-reset,,
Tue Jun 26 09:04:52 2012 Restart pause, 5 second(s)
The complete output in the log:
Well, this is either a server configuration issue or a client configuration issue.
Can somebody support me in analysing this issue?
The client configuration is this:
## Server-Adresse
remote <mydyndns-address>
## Port
port 1194
## Protokoll
#proto udp
#proto tcp
proto tcp-client
dev tap
dev-node openvpn
## Definition als Client
tls-client
## Schluesseldateien
ca "/sdcard/openvpn/ca.crt"
key "/sdcard/openvpn/mobile2-SGS-i9100.key"
cert "/sdcard/openvpn/mobile2-SGS-i9100.crt"
## Server überprüft die Zertifikate auf Gültigkeit
ns-cert-type server
## Komprimierung einschalten
comp-lzo
## "pull" muß in der Client-config stehen, damit die push-Anweisungenvom Server geholt werden
pull
## Optional zur Stabilisierung der Verbindung
tun-mtu 1500
## siehe Hinweis oben: wenn "tun-mtu" und "tun-mtu-extra",
## dann in beiden configs (Server + Client)
verb 3
mute 50
persist-key
persist-tun
## Passwort wird nicht im Memory gespeichert
auth-nocache
## Logfile
log /sdcard/openvpn/openvpn.log
THX
I have configured OpenVPN server running on a router (AVM FRITZ!Box with Freetz) and OpenVPN client running on Android device.
After starting the connection, I can see that there's an connection reset, meaning the connection is instable.
In the client log this is confirmed:
Tue Jun 26 09:04:47 2012 TCP connection established with 95.113.xxx.xx:1194
Tue Jun 26 09:04:47 2012 TCPv4_CLIENT link local: [undef]
Tue Jun 26 09:04:47 2012 TCPv4_CLIENT link remote: 95.113.xxx.xx:1194
Tue Jun 26 09:04:47 2012 MANAGEMENT: >STATE:1340694287,WAIT,,,
Tue Jun 26 09:04:47 2012 MANAGEMENT: CMD 'bytecount 0'
Tue Jun 26 09:04:52 2012 Connection reset, restarting [0]
Tue Jun 26 09:04:52 2012 TCP/UDP: Closing socket
Tue Jun 26 09:04:52 2012 SIGUSR1[soft,connection-reset] received, process restarting
Tue Jun 26 09:04:52 2012 MANAGEMENT: >STATE:1340694292,RECONNECTING,connection-reset,,
Tue Jun 26 09:04:52 2012 Restart pause, 5 second(s)
The complete output in the log:
Code: Select all
Tue Jun 26 09:04:10 2012 OpenVPN 2.2.2 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [eurephia] built on Jun 17 2012
Tue Jun 26 09:04:10 2012 MANAGEMENT: TCP Socket listening on 127.0.0.1:15003
Tue Jun 26 09:04:10 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Jun 26 09:04:10 2012 Need password(s) from management interface, waiting...
Tue Jun 26 09:04:19 2012 MANAGEMENT: Client connected from 127.0.0.1:15003
Tue Jun 26 09:04:19 2012 MANAGEMENT: CMD 'state'
Tue Jun 26 09:04:19 2012 MANAGEMENT: CMD 'state on'
Tue Jun 26 09:04:19 2012 MANAGEMENT: CMD 'bytecount 0'
Tue Jun 26 09:04:45 2012 MANAGEMENT: CMD 'password [...]'
Tue Jun 26 09:04:45 2012 WARNING: file '/sdcard/openvpn/mobile2-SGS-i9100.key' is group or others accessible
Tue Jun 26 09:04:45 2012 LZO compression initialized
Tue Jun 26 09:04:45 2012 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Jun 26 09:04:45 2012 Socket Buffers: R=[8760->131072] S=[8760->131072]
Tue Jun 26 09:04:45 2012 MANAGEMENT: >STATE:1340694285,RESOLVE,,,
Tue Jun 26 09:04:46 2012 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Tue Jun 26 09:04:46 2012 Local Options hash (VER=V4): '31fdf004'
Tue Jun 26 09:04:46 2012 Expected Remote Options hash (VER=V4): '3e6d1056'
Tue Jun 26 09:04:46 2012 Attempting to establish TCP connection with 95.113.xxx.xx:1194 [nonblock]
Tue Jun 26 09:04:46 2012 MANAGEMENT: >STATE:1340694286,TCP_CONNECT,,,
Tue Jun 26 09:04:46 2012 MANAGEMENT: CMD 'bytecount 0'
Tue Jun 26 09:04:46 2012 MANAGEMENT: CMD 'bytecount 0'
Tue Jun 26 09:04:47 2012 TCP connection established with 95.113.xxx.xx:1194
Tue Jun 26 09:04:47 2012 TCPv4_CLIENT link local: [undef]
Tue Jun 26 09:04:47 2012 TCPv4_CLIENT link remote: 95.113.xxx.xx:1194
Tue Jun 26 09:04:47 2012 MANAGEMENT: >STATE:1340694287,WAIT,,,
Tue Jun 26 09:04:47 2012 MANAGEMENT: CMD 'bytecount 0'
Tue Jun 26 09:04:52 2012 Connection reset, restarting [0]
Tue Jun 26 09:04:52 2012 TCP/UDP: Closing socket
Tue Jun 26 09:04:52 2012 SIGUSR1[soft,connection-reset] received, process restarting
Tue Jun 26 09:04:52 2012 MANAGEMENT: >STATE:1340694292,RECONNECTING,connection-reset,,
Tue Jun 26 09:04:52 2012 Restart pause, 5 second(s)
Tue Jun 26 09:04:52 2012 MANAGEMENT: CMD 'bytecount 0'
Tue Jun 26 09:04:57 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Jun 26 09:04:57 2012 Re-using SSL/TLS context
Tue Jun 26 09:04:57 2012 LZO compression initialized
Tue Jun 26 09:04:57 2012 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Jun 26 09:04:57 2012 Socket Buffers: R=[8760->131072] S=[8760->131072]
Tue Jun 26 09:04:57 2012 MANAGEMENT: >STATE:1340694297,RESOLVE,,,
Tue Jun 26 09:04:57 2012 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Tue Jun 26 09:04:57 2012 Local Options hash (VER=V4): '31fdf004'
Tue Jun 26 09:04:57 2012 Expected Remote Options hash (VER=V4): '3e6d1056'
Tue Jun 26 09:04:57 2012 Attempting to establish TCP connection with 95.113.xxx.xx:1194 [nonblock]
Tue Jun 26 09:04:57 2012 MANAGEMENT: >STATE:1340694297,TCP_CONNECT,,,
Tue Jun 26 09:04:57 2012 MANAGEMENT: CMD 'bytecount 0'
Tue Jun 26 09:04:57 2012 MANAGEMENT: CMD 'bytecount 0'
Tue Jun 26 09:04:58 2012 TCP connection established with 95.113.xxx.xx:1194
Tue Jun 26 09:04:58 2012 TCPv4_CLIENT link local: [undef]
Tue Jun 26 09:04:58 2012 TCPv4_CLIENT link remote: 95.113.xxx.xx:1194
Tue Jun 26 09:04:58 2012 MANAGEMENT: >STATE:1340694298,WAIT,,,
Tue Jun 26 09:04:59 2012 MANAGEMENT: CMD 'bytecount 0'
Tue Jun 26 09:05:01 2012 MANAGEMENT: CMD 'signal SIGTERM'
Tue Jun 26 09:05:01 2012 TCP/UDP: Closing socket
Tue Jun 26 09:05:01 2012 SIGTERM[hard,] received, process exiting
Tue Jun 26 09:05:01 2012 MANAGEMENT: >STATE:1340694301,EXITING,SIGTERM,,
Can somebody support me in analysing this issue?
The client configuration is this:
## Server-Adresse
remote <mydyndns-address>
## Port
port 1194
## Protokoll
#proto udp
#proto tcp
proto tcp-client
dev tap
dev-node openvpn
## Definition als Client
tls-client
## Schluesseldateien
ca "/sdcard/openvpn/ca.crt"
key "/sdcard/openvpn/mobile2-SGS-i9100.key"
cert "/sdcard/openvpn/mobile2-SGS-i9100.crt"
## Server überprüft die Zertifikate auf Gültigkeit
ns-cert-type server
## Komprimierung einschalten
comp-lzo
## "pull" muß in der Client-config stehen, damit die push-Anweisungenvom Server geholt werden
pull
## Optional zur Stabilisierung der Verbindung
tun-mtu 1500
## siehe Hinweis oben: wenn "tun-mtu" und "tun-mtu-extra",
## dann in beiden configs (Server + Client)
verb 3
mute 50
persist-key
persist-tun
## Passwort wird nicht im Memory gespeichert
auth-nocache
## Logfile
log /sdcard/openvpn/openvpn.log
THX