OpenVPN process stops ldap_parse assertion

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
powersj
OpenVpn Newbie
Posts: 1
Joined: Fri Oct 07, 2011 9:40 pm

OpenVPN process stops ldap_parse assertion

Post by powersj » Mon Oct 10, 2011 4:08 pm

Hi,

We have two servers running OpenVPN on Debian using LDAP authentication. The two servers are setup for redundancy. About once a day or every other day the OpenVPN process stops running and the following message shows up in the log:

Code: Select all

openvpn: sasl.c:257: ldap_parse_sasl_bind_result: Assertion `res != ((void *)0)' failed.
We have seen it happen at the same time and then at different times on both servers. This of course kills the openvpn connection and prevents anyone from connecting. I have to go in and restart the process and the server accepts connections once again. Anyone seen this before? or know of any issues related to this?

Please, please let me know if you need more information. I think I got what you typically ask for below:

Thanks!

uname -a

Code: Select all

Linux vpn1 2.6.32-5-amd64 #1 SMP Fri Sep 9 20:23:16 UTC 2011 x86_64 GNU/Linux
openvpn --version

Code: Select all

OpenVPN 2.2.0 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Jun 16 2011
Originally developed by James Yonan
Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>

  $ ./configure --enable-pthread --enable-password-save --host=x86_64-linux-gnu --build=x86_64-linux-gnu --prefix=/usr --mandir=${prefix}/share/man --with-ifconfig-path=/sbin/ifconfig --with-route-path=/sbin/route CFLAGS=-g -O2 build_alias=x86_64-linux-gnu host_alias=x86_64-linux-gnu LDFLAGS= CPPFLAGS= --no-create --no-recursion

Compile time defines:  ENABLE_CLIENT_SERVER ENABLE_DEBUG ENABLE_EUREPHIA ENABLE_FRAGMENT ENABLE_HTTP_PROXY ENABLE_MANAGEMENT ENABLE_MULTIHOME ENABLE_PASSWORD_SAVE ENABLE_PORT_SHARE ENABLE_SOCKS USE_CRYPTO USE_LIBDL USE_LZO USE_PF_INET6 USE_PKCS11 USE_SSL
Server.conf

Code: Select all

port 1194
proto udp
dev tap0
ca vpn2_ca.crt
cert vpn1.crt
key vpn1.key  # This file should be kept secret
dh dh1024.pem
ifconfig-pool-persist ipp.txt
server-bridge 10.0.0.1 255.128.0.0 10.109.4.5 10.109.4.127
push "route 10.128.0.0 255.128.0.0"
push "dhcp-option DNS 10.0.0.1"
duplicate-cn
keepalive 10 20
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 4
mute 20
client-cert-not-required
username-as-common-name 
plugin /usr/lib/openvpn/openvpn-auth-ldap.so /etc/openvpn/auth/auth-ldap.conf
log-append openvpn.log
client.conf

Code: Select all

client
dev tap
proto udp
remote <VPN1 IP> 1194
remote <VPN2 IP> 1194
remote-random
resolv-retry 5
server-poll-timeout 5
nobind
persist-key
ca /etc/openvpn/vpn_ca.crt
comp-lzo
verb 3 
auth-user-pass
float
Top
User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:
Contact janjust

Re: OpenVPN process stops ldap_parse assertion

Post by janjust » Mon Oct 10, 2011 10:35 pm

this is an auth-ldap question, not an openvpn question; a google search came up with http://code.google.com/p/openvpn-auth-l ... tail?id=11
Top
Post Reply

Return to “Configuration”