Can Ping but Can't RDP, VNC or anything actually usefull!

ifmusic · Post by **ifmusic** » Mon Feb 28, 2011 4:12 am

Hi! I've been using openVPN for some while and I thought I got it, but!
I used to have a Win2k3 box running as server and switch to a Win2k8 box. Install openVPN, copied the config files but now I have this problem:
Clients connect Ok, I can ping them but if I mess around with the size of ping (-L option) or try to use RDP, VNC or Windows Shares connection gets reset.

I think it should be a mtu problem, but why? I changed OS but config files are the same on servers and clients. I also disabled QoS on every interface but it was a no go. Also clients and servers are openvpn drivers versions are the same.

Any thoughts?

Server Config:

Code: Select all

port 443

topology subnet

proto tcp

dev tun
;dev-node vpn
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh1024.pem
server 10.0.10.0 255.255.255.0
ip-win32 manual
ifconfig-pool-persist ipp.txt
client-to-client #Off by default
;duplicate-cn
keepalive 10 120

comp-lzo

persist-key
persist-tun

status openvpn-status.log
verb 3

;tun-mtu 154

mute 20
management 192.168.0.1 5000

thanks, Rodrigo.

Post by **janjust** » Mon Feb 28, 2011 8:16 am

Hi Rodrigo,

it could very well be an MTU problem - OpenVPN encrypts and compresses the packets before they are sent to the other end. The resulting packet *may* be larger than the original, also due to the extra headers that OpenVPN adds. This packet may get broken up and this can give rise to mtu issues.
Try setting the tap-win32 adapter mtu to 1400 on both ends, both in the openvpn config file as well as in the Windows registry.

Post by **maikcat** » Mon Feb 28, 2011 10:47 am

hi rodrigo,

>I can ping them but if I mess around with the size of ping (-L option) or try to use RDP, VNC or Windows Shares connection gets reset.

what exactly do you mean by "connection gets reset" ?

also try udp (if off course you can).

cheers,

michael.

ifmusic · Post by **ifmusic** » Mon Feb 28, 2011 12:32 pm

it could very well be an MTU problem - OpenVPN encrypts and compresses the packets before they are sent to the other end. The resulting packet *may* be larger than the original, also due to the extra headers that OpenVPN adds. This packet may get broken up and this can give rise to mtu issues.
Try setting the tap-win32 adapter mtu to 1400 on both ends, both in the openvpn config file as well as in the Windows registry.

Hi janjust,
Yeah, it really looks like it, but why?! I changed OS that's all, openvpn and its config file are the same. Anyway, i'll try but what do you mean by "in the Windows registry"? I know mtu could be set in the config file and in the adapter advanced settings...

Thanks!

Hi, maikcat,

what exactly do you mean by "connection gets reset" ?

I mean that openVPN has to re establish the connection:

here's the output:

Code: Select all

Mon Feb 28 01:31:49 2011 Initialization Sequence Completed
Mon Feb 28 01:33:54 2011 Connection reset, restarting [0]
Mon Feb 28 01:33:54 2011 TCP/UDP: Closing socket
Mon Feb 28 01:33:54 2011 SIGUSR1[soft,connection-reset] received, process restar
ting
Mon Feb 28 01:33:54 2011 Restart pause, 5 second(s)

I'm connected until I try to, for example, RDP from one end to the other (client->server or server->client is the same thing) and then BUM!, connection reset.

And I'd be great to use UDP , but I Can't. I know TCP on TCP is not a good idea for a tunnel but I have no choice since the client has to go through a HTTP proxy.

Thanks both of you, I'll try some mtu values and post back,
Rodrigo

Post by **janjust** » Mon Feb 28, 2011 12:39 pm

ah yes, the adapter advanced settings window is a nicer interface than the registry (but most of the underlying parameters are the same).

A 'connection-reset' can also be triggered by an HTTP proxy which detects that you're running non-SSL traffic over it - increase the verbosity on the client side to see exactly what is going on.

ifmusic · Post by **ifmusic** » Mon Feb 28, 2011 12:44 pm

Ok, I didn't know I had to change both values.

It's not the proxy, no changes have been made to it, and it used to work just fine, and! I tried against with another client PC with no proxy in the middle and it does the same thing.

I tried verb 6 but I couldn't see anyhing really relevant.

thanks!

ifmusic · Post by **ifmusic** » Mon Feb 28, 2011 3:10 pm

Tried with 1400 on both ends. No luck

Post by **janjust** » Mon Feb 28, 2011 4:32 pm

hmmm please post the log file (with verb 6 and tun-mtu 1400) when doing a
ping -l 1400 -f <host>

(non fragmented ping of 1400 bytes)

ifmusic · Post by **ifmusic** » Mon Feb 28, 2011 11:28 pm

Ok, I ran the test with both ends at 1400 in the config file and in the adapter adv config.
First, I tried "ping -l 1400 10.0.10.4" (can't do the Don't fragment, it's windows

)
OK
Second, I tried with 1401, still OK
So I tried with 1501... BUM! Lost the link. Here's the step by step:

Code: Select all

C:\Users\Rodrigo>ping 10.0.10.4 -l 1400 -t

Haciendo ping a 10.0.10.4 con 1400 bytes de datos:
Respuesta desde 10.0.10.4: bytes=1400 tiempo=465ms TTL=128
Respuesta desde 10.0.10.4: bytes=1400 tiempo=447ms TTL=128
Respuesta desde 10.0.10.4: bytes=1400 tiempo=538ms TTL=128
Respuesta desde 10.0.10.4: bytes=1400 tiempo=521ms TTL=128
Respuesta desde 10.0.10.4: bytes=1400 tiempo=504ms TTL=128
Respuesta desde 10.0.10.4: bytes=1400 tiempo=377ms TTL=128
Respuesta desde 10.0.10.4: bytes=1400 tiempo=562ms TTL=128

Estadísticas de ping para 10.0.10.4:
    Paquetes: enviados = 7, recibidos = 7, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    Mínimo = 377ms, Máximo = 562ms, Media = 487ms
Control-C
^C
C:\Users\Rodrigo>
C:\Users\Rodrigo>ping 10.0.10.4 -l 1401 -t

Haciendo ping a 10.0.10.4 con 1401 bytes de datos:
Respuesta desde 10.0.10.4: bytes=1401 tiempo=484ms TTL=128
Respuesta desde 10.0.10.4: bytes=1401 tiempo=467ms TTL=128
Respuesta desde 10.0.10.4: bytes=1401 tiempo=340ms TTL=128
Respuesta desde 10.0.10.4: bytes=1401 tiempo=431ms TTL=128
Respuesta desde 10.0.10.4: bytes=1401 tiempo=413ms TTL=128

Estadísticas de ping para 10.0.10.4:
    Paquetes: enviados = 5, recibidos = 5, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    Mínimo = 340ms, Máximo = 484ms, Media = 427ms
Control-C
^C
C:\Users\Rodrigo>ping 10.0.10.4 -l 1501 -t

Haciendo ping a 10.0.10.4 con 1501 bytes de datos:
Tiempo de espera agotado para esta solicitud.
Tiempo de espera agotado para esta solicitud.

Estadísticas de ping para 10.0.10.4:
    Paquetes: enviados = 2, recibidos = 0, perdidos = 2
    (100% perdidos),
Control-C
^C
C:\Users\Rodrigo>ping 10.0.10.4 -l 150 -t

Haciendo ping a 10.0.10.4 con 150 bytes de datos:
Control-C

And as promised the Log files. In verb 6 they're a little bit long so I decided not to post them, is that all right?

http://dl.dropbox.com/u/2554598/Logs/Server.log
http://dl.dropbox.com/u/2554598/Logs/client.log

Again, I cant see anything wrong with it.

ifmusic · Post by **ifmusic** » Mon Feb 28, 2011 11:34 pm

Sorry, I double posted.

Post by **janjust** » Tue Mar 01, 2011 10:13 am

aha, you're using an HTTP proxy server for the client - it could be that the proxy server is dropping the connections if the packets become too large. There's little that can be done about that.

Also, if I read the client and server logs I don't see the large ping packets at all - I would have expected some large UDPv4 READ/WRITE operations.

As for sending non-fragmented ping packets on Windows, use

Code: Select all

ping -f -l 1500 <some-host>

that should always fail, as the largest packet size usually is 1472:

Code: Select all

ping -f -l 1472 <some-host>

ifmusic · Post by **ifmusic** » Tue Mar 01, 2011 7:06 pm

Ok, still sad. I started the service, both ends at 1400, I tried this:
Pings:

Haciendo ping a 10.0.10.1 con 1372 bytes de datos:
Respuesta desde 10.0.10.1: bytes=1372 tiempo=2ms TTL=128
Respuesta desde 10.0.10.1: bytes=1372 tiempo=1ms TTL=128
Respuesta desde 10.0.10.1: bytes=1372 tiempo=1ms TTL=128
Respuesta desde 10.0.10.1: bytes=1372 tiempo=2ms TTL=128

Estadísticas de ping para 10.0.10.1:
Paquetes: enviados = 4, recibidos = 4, perdidos = 0
(0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
Mínimo = 1ms, Máximo = 2ms, Media = 1ms

C:\Users\Rodrigo>ping 10.0.10.1 -f -l 1373

Haciendo ping a 10.0.10.1 con 1373 bytes de datos:
Es necesario fragmentar el paquete pero se especificó DF.
Es necesario fragmentar el paquete pero se especificó DF.
Es necesario fragmentar el paquete pero se especificó DF.
Es necesario fragmentar el paquete pero se especificó DF.

Estadísticas de ping para 10.0.10.1:
Paquetes: enviados = 4, recibidos = 0, perdidos = 4
(100% perdidos)

And this is the log, I can't see anything wrong in it:

Code: Select all

Wed Mar 02 16:01:37 2011 us=187000 Current Parameter Settings:
Wed Mar 02 16:01:37 2011 us=203000   config = 'ServerSubNet.ovpn'
Wed Mar 02 16:01:37 2011 us=203000   mode = 1
Wed Mar 02 16:01:37 2011 us=203000   show_ciphers = DISABLED
Wed Mar 02 16:01:37 2011 us=203000   show_digests = DISABLED
Wed Mar 02 16:01:37 2011 us=203000   show_engines = DISABLED
Wed Mar 02 16:01:37 2011 us=203000   genkey = DISABLED
Wed Mar 02 16:01:37 2011 us=203000   key_pass_file = '[UNDEF]'
Wed Mar 02 16:01:37 2011 us=203000   show_tls_ciphers = DISABLED
Wed Mar 02 16:01:37 2011 us=203000 Connection profiles [default]:
Wed Mar 02 16:01:37 2011 us=203000   proto = tcp-server
Wed Mar 02 16:01:37 2011 us=203000   local = '[UNDEF]'
Wed Mar 02 16:01:37 2011 us=203000   local_port = 443
Wed Mar 02 16:01:37 2011 us=203000   remote = '[UNDEF]'
Wed Mar 02 16:01:37 2011 us=203000   remote_port = 443
Wed Mar 02 16:01:37 2011 us=203000   remote_float = DISABLED
Wed Mar 02 16:01:37 2011 us=203000   bind_defined = DISABLED
Wed Mar 02 16:01:37 2011 us=203000   bind_local = ENABLED
Wed Mar 02 16:01:37 2011 us=203000   connect_retry_seconds = 5
Wed Mar 02 16:01:37 2011 us=203000   connect_timeout = 10
Wed Mar 02 16:01:37 2011 us=203000 NOTE: --mute triggered...
Wed Mar 02 16:01:37 2011 us=203000 256 variation(s) on previous 20 message(s) suppressed by --mute
Wed Mar 02 16:01:37 2011 us=203000 OpenVPN 2.1.4 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov  8 2010
Wed Mar 02 16:01:37 2011 us=250000 MANAGEMENT: TCP Socket listening on 192.168.0.1:5000
Wed Mar 02 16:01:37 2011 us=281000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Mar 02 16:01:37 2011 us=578000 Diffie-Hellman initialized with 1024 bit key
Wed Mar 02 16:01:37 2011 us=625000 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
Wed Mar 02 16:01:37 2011 us=625000 TLS-Auth MTU parms [ L:1444 D:140 EF:40 EB:0 ET:0 EL:0 ]
Wed Mar 02 16:01:37 2011 us=625000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Mar 02 16:01:37 2011 us=625000 ******** NOTE:  Please manually set the IP/netmask of 'VPN' to 10.0.10.1/255.255.255.0 (if it is not already set)
Wed Mar 02 16:01:37 2011 us=625000 TAP-WIN32 device [VPN] opened: \\.\Global\{228BF953-020E-4A7A-9416-506DC69550BC}.tap
Wed Mar 02 16:01:37 2011 us=625000 TAP-Win32 Driver Version 9.7 
Wed Mar 02 16:01:37 2011 us=625000 TAP-Win32 MTU=1400
Wed Mar 02 16:01:37 2011 us=625000 Set TAP-Win32 TUN subnet mode network/local/netmask = 10.0.10.0/10.0.10.1/255.255.255.0 [SUCCEEDED]
Wed Mar 02 16:01:37 2011 us=640000 Sleeping for 10 seconds...
Wed Mar 02 16:01:47 2011 us=46000 Successful ARP Flush on interface [13] {228BF953-020E-4A7A-9416-506DC69550BC}
Wed Mar 02 16:01:47 2011 us=46000 Data Channel MTU parms [ L:1444 D:1444 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Mar 02 16:01:47 2011 us=46000 Listening for incoming TCP connection on [undef]:443
Wed Mar 02 16:01:47 2011 us=46000 TCPv4_SERVER link local (bound): [undef]:443
Wed Mar 02 16:01:47 2011 us=46000 TCPv4_SERVER link remote: [undef]
Wed Mar 02 16:01:47 2011 us=46000 MULTI: multi_init called, r=256 v=256
Wed Mar 02 16:01:47 2011 us=46000 IFCONFIG POOL: base=10.0.10.2 size=252
Wed Mar 02 16:01:47 2011 us=46000 IFCONFIG POOL LIST
Wed Mar 02 16:01:47 2011 us=46000 client3,10.0.10.2
Wed Mar 02 16:01:47 2011 us=46000 Notebook,10.0.10.3
Wed Mar 02 16:01:47 2011 us=46000 client1,10.0.10.4
Wed Mar 02 16:01:47 2011 us=46000 client2,10.0.10.8
Wed Mar 02 16:01:47 2011 us=46000 MULTI: TCP INIT maxclients=60 maxevents=64
Wed Mar 02 16:01:47 2011 us=46000 Initialization Sequence Completed
Wed Mar 02 16:01:47 2011 us=546000 MULTI: multi_create_instance called
Wed Mar 02 16:01:47 2011 us=546000 Re-using SSL/TLS context
Wed Mar 02 16:01:47 2011 us=546000 LZO compression initialized
Wed Mar 02 16:01:47 2011 us=546000 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
Wed Mar 02 16:01:47 2011 us=546000 Control Channel MTU parms [ L:1444 D:140 EF:40 EB:0 ET:0 EL:0 ]
Wed Mar 02 16:01:47 2011 us=546000 Data Channel MTU parms [ L:1444 D:1444 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Mar 02 16:01:47 2011 us=546000 Local Options String: 'V4,dev-type tun,link-mtu 1444,tun-mtu 1400,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Wed Mar 02 16:01:47 2011 us=546000 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1444,tun-mtu 1400,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Wed Mar 02 16:01:47 2011 us=546000 Local Options hash (VER=V4): '347277f0'
Wed Mar 02 16:01:47 2011 us=546000 Expected Remote Options hash (VER=V4): '7dfc3732'
Wed Mar 02 16:01:47 2011 us=546000 TCP connection established with 190.174.218.235:62777
Wed Mar 02 16:01:47 2011 us=546000 TCPv4_SERVER link local: [undef]
Wed Mar 02 16:01:47 2011 us=546000 TCPv4_SERVER link remote: 190.174.218.235:62777
Wed Mar 02 16:01:47 2011 us=546000 190.174.218.235:62777 TCPv4_SERVER READ [14] from 190.174.218.235:62777: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Wed Mar 02 16:01:47 2011 us=546000 190.174.218.235:62777 TLS: Initial packet from 190.174.218.235:62777, sid=0f1f7774 d6a0bbf8
Wed Mar 02 16:01:47 2011 us=562000 190.174.218.235:62777 TCPv4_SERVER WRITE [26] to 190.174.218.235:62777: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0
Wed Mar 02 16:01:47 2011 us=562000 190.174.218.235:62777 TCPv4_SERVER READ [22] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 0 ]
Wed Mar 02 16:01:47 2011 us=562000 190.174.218.235:62777 TCPv4_SERVER READ [106] from 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=92
Wed Mar 02 16:01:47 2011 us=593000 190.174.218.235:62777 TCPv4_SERVER WRITE [126] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ 1 ] pid=1 DATA len=100
Wed Mar 02 16:01:47 2011 us=593000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=2 DATA len=100
Wed Mar 02 16:01:47 2011 us=593000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=3 DATA len=100
Wed Mar 02 16:01:47 2011 us=593000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=4 DATA len=100
Wed Mar 02 16:01:47 2011 us=593000 190.174.218.235:62777 TCPv4_SERVER READ [22] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 1 ]
Wed Mar 02 16:01:47 2011 us=593000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=5 DATA len=100
Wed Mar 02 16:01:47 2011 us=593000 190.174.218.235:62777 TCPv4_SERVER READ [22] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 2 ]
Wed Mar 02 16:01:47 2011 us=593000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=6 DATA len=100
Wed Mar 02 16:01:47 2011 us=593000 190.174.218.235:62777 TCPv4_SERVER READ [26] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 3 4 ]
Wed Mar 02 16:01:47 2011 us=593000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=7 DATA len=100
Wed Mar 02 16:01:47 2011 us=593000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=8 DATA len=100
Wed Mar 02 16:01:47 2011 us=609000 190.174.218.235:62777 TCPv4_SERVER READ [22] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 5 ]
Wed Mar 02 16:01:47 2011 us=609000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=9 DATA len=100
Wed Mar 02 16:01:47 2011 us=609000 190.174.218.235:62777 TCPv4_SERVER READ [22] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 6 ]
Wed Mar 02 16:01:47 2011 us=609000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=10 DATA len=100
Wed Mar 02 16:01:47 2011 us=609000 190.174.218.235:62777 TCPv4_SERVER READ [22] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 7 ]
Wed Mar 02 16:01:47 2011 us=609000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=11 DATA len=100
Wed Mar 02 16:01:47 2011 us=609000 190.174.218.235:62777 NOTE: --mute triggered...
Wed Mar 02 16:01:47 2011 us=750000 190.174.218.235:62777 64 variation(s) on previous 20 message(s) suppressed by --mute
Wed Mar 02 16:01:47 2011 us=750000 190.174.218.235:62777 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=OpenVPN/CN=inet/emailAddress=mail@host.domain
Wed Mar 02 16:01:47 2011 us=750000 190.174.218.235:62777 VERIFY OK: depth=0, /C=US/ST=CA/O=OpenVPN/CN=Notebook/emailAddress=mail@host.domain
Wed Mar 02 16:01:47 2011 us=750000 190.174.218.235:62777 TCPv4_SERVER WRITE [22] to 190.174.218.235:62777: P_ACK_V1 kid=0 [ 19 ]
Wed Mar 02 16:01:47 2011 us=781000 190.174.218.235:62777 TCPv4_SERVER READ [114] from 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=20 DATA len=100
Wed Mar 02 16:01:47 2011 us=796000 190.174.218.235:62777 TCPv4_SERVER WRITE [22] to 190.174.218.235:62777: P_ACK_V1 kid=0 [ 20 ]
Wed Mar 02 16:01:47 2011 us=796000 190.174.218.235:62777 TCPv4_SERVER READ [114] from 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=21 DATA len=100
Wed Mar 02 16:01:47 2011 us=812000 190.174.218.235:62777 TCPv4_SERVER WRITE [22] to 190.174.218.235:62777: P_ACK_V1 kid=0 [ 21 ]
Wed Mar 02 16:01:47 2011 us=812000 190.174.218.235:62777 TCPv4_SERVER READ [53] from 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=22 DATA len=39
Wed Mar 02 16:01:47 2011 us=812000 190.174.218.235:62777 TCPv4_SERVER WRITE [126] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ 22 ] pid=25 DATA len=100
Wed Mar 02 16:01:47 2011 us=812000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=26 DATA len=100
Wed Mar 02 16:01:47 2011 us=812000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=27 DATA len=100
Wed Mar 02 16:01:47 2011 us=812000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=28 DATA len=100
Wed Mar 02 16:01:48 2011 190.174.218.235:62777 TCPv4_SERVER READ [22] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 25 ]
Wed Mar 02 16:01:48 2011 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=29 DATA len=100
Wed Mar 02 16:01:48 2011 190.174.218.235:62777 TCPv4_SERVER READ [30] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 26 27 28 ]
Wed Mar 02 16:01:48 2011 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=30 DATA len=100
Wed Mar 02 16:01:48 2011 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=31 DATA len=100
Wed Mar 02 16:01:48 2011 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=32 DATA len=100
Wed Mar 02 16:01:48 2011 190.174.218.235:62777 TCPv4_SERVER READ [22] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 29 ]
Wed Mar 02 16:01:48 2011 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=33 DATA len=100
Wed Mar 02 16:01:48 2011 190.174.218.235:62777 TCPv4_SERVER READ [22] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 30 ]
Wed Mar 02 16:01:48 2011 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=34 DATA len=100
Wed Mar 02 16:01:48 2011 190.174.218.235:62777 NOTE: --mute triggered...
Wed Mar 02 16:01:48 2011 us=15000 190.174.218.235:62777 11 variation(s) on previous 20 message(s) suppressed by --mute
Wed Mar 02 16:01:48 2011 us=15000 190.174.218.235:62777 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Mar 02 16:01:48 2011 us=15000 190.174.218.235:62777 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Mar 02 16:01:48 2011 us=15000 190.174.218.235:62777 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Mar 02 16:01:48 2011 us=15000 190.174.218.235:62777 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Mar 02 16:01:48 2011 us=15000 190.174.218.235:62777 TCPv4_SERVER WRITE [126] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ 26 ] pid=36 DATA len=100
Wed Mar 02 16:01:48 2011 us=15000 190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=37 DATA len=100
Wed Mar 02 16:01:48 2011 us=15000 190.174.218.235:62777 TCPv4_SERVER WRITE [96] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=38 DATA len=82
Wed Mar 02 16:01:48 2011 us=218000 190.174.218.235:62777 TCPv4_SERVER READ [22] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 36 ]
Wed Mar 02 16:01:48 2011 us=218000 190.174.218.235:62777 TCPv4_SERVER READ [26] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 37 38 ]
Wed Mar 02 16:01:48 2011 us=218000 190.174.218.235:62777 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Mar 02 16:01:48 2011 us=218000 190.174.218.235:62777 [Notebook] Peer Connection Initiated with 190.174.218.235:62777
Wed Mar 02 16:01:48 2011 us=218000 Notebook/190.174.218.235:62777 MULTI: Learn: 10.0.10.3 -> Notebook/190.174.218.235:62777
Wed Mar 02 16:01:48 2011 us=218000 Notebook/190.174.218.235:62777 MULTI: primary virtual IP for Notebook/190.174.218.235:62777: 10.0.10.3
Wed Mar 02 16:01:50 2011 us=343000 Notebook/190.174.218.235:62777 TCPv4_SERVER READ [104] from 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=27 DATA len=90
Wed Mar 02 16:01:50 2011 us=343000 Notebook/190.174.218.235:62777 PUSH: Received control message: 'PUSH_REQUEST'
Wed Mar 02 16:01:50 2011 us=343000 Notebook/190.174.218.235:62777 SENT CONTROL [Notebook]: 'PUSH_REPLY,route-gateway 10.0.10.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.0.10.3 255.255.255.0' (status=1)
Wed Mar 02 16:01:50 2011 us=343000 Notebook/190.174.218.235:62777 TCPv4_SERVER WRITE [22] to 190.174.218.235:62777: P_ACK_V1 kid=0 [ 27 ]
Wed Mar 02 16:01:50 2011 us=343000 Notebook/190.174.218.235:62777 TCPv4_SERVER WRITE [114] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=39 DATA len=100
Wed Mar 02 16:01:50 2011 us=343000 Notebook/190.174.218.235:62777 TCPv4_SERVER WRITE [100] to 190.174.218.235:62777: P_CONTROL_V1 kid=0 [ ] pid=40 DATA len=86
Wed Mar 02 16:01:50 2011 us=546000 Notebook/190.174.218.235:62777 TCPv4_SERVER READ [22] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 39 ]
Wed Mar 02 16:01:50 2011 us=546000 Notebook/190.174.218.235:62777 TCPv4_SERVER READ [22] from 190.174.218.235:62777: P_ACK_V1 kid=0 [ 40 ]
Wed Mar 02 16:01:59 2011 us=31000 Notebook/190.174.218.235:62777 TCPv4_SERVER READ [101] from 190.174.218.235:62777: P_DATA_V1 kid=0 DATA len=100
Wed Mar 02 16:01:59 2011 us=31000 Notebook/190.174.218.235:62777 TUN WRITE [1400]
Wed Mar 02 16:01:59 2011 us=31000 Notebook/190.174.218.235:62777 TUN READ [1400]
Wed Mar 02 16:01:59 2011 us=31000 Notebook/190.174.218.235:62777 TCPv4_SERVER WRITE [101] to 190.174.218.235:62777: P_DATA_V1 kid=0 DATA len=100
Wed Mar 02 16:02:00 2011 us=46000 Notebook/190.174.218.235:62777 TCPv4_SERVER READ [101] from 190.174.218.235:62777: P_DATA_V1 kid=0 DATA len=100
Wed Mar 02 16:02:00 2011 us=46000 Notebook/190.174.218.235:62777 TUN WRITE [1400]
Wed Mar 02 16:02:00 2011 us=46000 Notebook/190.174.218.235:62777 TUN READ [1400]
Wed Mar 02 16:02:00 2011 us=46000 Notebook/190.174.218.235:62777 TCPv4_SERVER WRITE [101] to 190.174.218.235:62777: P_DATA_V1 kid=0 DATA len=100
Wed Mar 02 16:02:01 2011 us=62000 Notebook/190.174.218.235:62777 TCPv4_SERVER READ [101] from 190.174.218.235:62777: P_DATA_V1 kid=0 DATA len=100
Wed Mar 02 16:02:01 2011 us=62000 Notebook/190.174.218.235:62777 TUN WRITE [1400]
Wed Mar 02 16:02:01 2011 us=62000 Notebook/190.174.218.235:62777 TUN READ [1400]
Wed Mar 02 16:02:01 2011 us=62000 Notebook/190.174.218.235:62777 TCPv4_SERVER WRITE [101] to 190.174.218.235:62777: P_DATA_V1 kid=0 DATA len=100
Wed Mar 02 16:02:02 2011 us=62000 Notebook/190.174.218.235:62777 TCPv4_SERVER READ [101] from 190.174.218.235:62777: P_DATA_V1 kid=0 DATA len=100
Wed Mar 02 16:02:02 2011 us=62000 Notebook/190.174.218.235:62777 TUN WRITE [1400]
Wed Mar 02 16:02:02 2011 us=62000 Notebook/190.174.218.235:62777 TUN READ [1400]
Wed Mar 02 16:02:02 2011 us=62000 Notebook/190.174.218.235:62777 NOTE: --mute triggered...
Wed Mar 02 16:02:07 2011 us=640000 1 variation(s) on previous 20 message(s) suppressed by --mute
Wed Mar 02 16:02:07 2011 us=640000 TCP/UDP: Closing socket
Wed Mar 02 16:02:07 2011 us=640000 TCP/UDP: Closing socket
Wed Mar 02 16:02:07 2011 us=640000 Closing TUN/TAP interface
Wed Mar 02 16:02:07 2011 us=640000 SIGTERM[hard,] received, process exiting

ifmusic · Post by **ifmusic** » Wed Mar 02, 2011 11:55 pm

I regret to inform you guys, I switched back to the win2k3 machine and it worked perfectly with the same config file at first boot.
I'm clueless, and tired, so, Win2k3 it is.

Thanks for the support!

Bye!

OpenVPN Support Forum

Can Ping but Can't RDP, VNC or anything actually usefull!

Can Ping but Can't RDP, VNC or anything actually usefull!

Re: Can Ping but Can't RDP, VNC or anything actually usefull

Re: Can Ping but Can't RDP, VNC or anything actually usefull

Re: Can Ping but Can't RDP, VNC or anything actually usefull

Re: Can Ping but Can't RDP, VNC or anything actually usefull

Re: Can Ping but Can't RDP, VNC or anything actually usefull

Re: Can Ping but Can't RDP, VNC or anything actually usefull

Re: Can Ping but Can't RDP, VNC or anything actually usefull

Re: Can Ping but Can't RDP, VNC or anything actually usefull

Re: Can Ping but Can't RDP, VNC or anything actually usefull

Re: Can Ping but Can't RDP, VNC or anything actually usefull

Re: Can Ping but Can't RDP, VNC or anything actually usefull

Re: Can Ping but Can't RDP, VNC or anything actually usefull