Skip to main content

Thread: OpenVPN on Ubuntu 12.04

-

hi there,

have setup vpn server on ec2 instance , can see ifconfig tun0. port 1194 free.

client can't access server. have created certificates. somehow handshake fails , dont understand why.

on server log, can see incoming call client. port fine.

can pro me please?


code:
mon mar 25 06:52:55 2013 openvpn 2.2.1 x86_64-linux-gnu [ssl] [lzo2] [epoll] [pkcs11] [eurephia] [mh] [pf_inet6] [ipv6 payload 20110424-2 (2.2rc2)] built on oct  8 2012 mon mar 25 06:52:55 2013 note: openvpn 2.1 requires '--script-security 2' or higher call user-defined scripts or executables mon mar 25 06:52:55 2013 lzo compression initialized mon mar 25 06:52:55 2013 control channel mtu parms [ l:1542 d:138 ef:38 eb:0 et:0 el:0 ] mon mar 25 06:52:55 2013 socket buffers: r=[212992->131072] s=[212992->131072] mon mar 25 06:52:55 2013 data channel mtu parms [ l:1542 d:1450 ef:42 eb:135 et:0 el:0 af:3/1 ] mon mar 25 06:52:55 2013 local options hash (ver=v4): '41690919' mon mar 25 06:52:55 2013 expected remote options hash (ver=v4): '530fdded' mon mar 25 06:52:55 2013 udpv4 link local: [undef] mon mar 25 06:52:55 2013 udpv4 link remote: [af_inet]107.21.249.172:1194 mon mar 25 06:52:56 2013 tls: initial packet [af_inet]107.21.249.172:1194, sid=dfd84013 f1883b8a mon mar 25 06:53:55 2013 tls error: tls key negotiation failed occur within 60 seconds (check network connectivity) mon mar 25 06:53:55 2013 tls error: tls handshake failed mon mar 25 06:53:55 2013 tcp/udp: closing socket mon mar 25 06:53:55 2013 sigusr1[soft,tls-error] received, process restarting mon mar 25 06:53:55 2013 restart pause, 2 second(s) mon mar 25 06:53:57 2013 note: openvpn 2.1 requires '--script-security 2' or higher call user-defined scripts or executables mon mar 25 06:53:57 2013 re-using ssl/tls context mon mar 25 06:53:57 2013 lzo compression initialized mon mar 25 06:53:57 2013 control channel mtu parms [ l:1542 d:138 ef:38 eb:0 et:0 el:0 ] mon mar 25 06:53:57 2013 socket buffers: r=[212992->131072] s=[212992->131072] mon mar 25 06:53:57 2013 data channel mtu parms [ l:1542 d:1450 ef:42 eb:135 et:0 el:0 af:3/1 ] mon mar 25 06:53:57 2013 local options hash (ver=v4): '41690919' mon mar 25 06:53:57 2013 expected remote options hash (ver=v4): '530fdded' mon mar 25 06:53:57 2013 udpv4 link local: [undef] mon mar 25 06:53:57 2013 udpv4 link remote: [af_inet]107.21.249.172:1194 mon mar 25 06:53:57 2013 tls: initial packet [af_inet]107.21.249.172:1194, sid=fbbd3714 03d9e3bf    grep -i vpn /var/log/syslog  mar 25 06:50:29 tp ovpn-client[1757]: sigusr1[soft,tls-error] received, process restarting mar 25 06:50:29 tp ovpn-client[1757]: restart pause, 2 second(s) mar 25 06:50:31 tp ovpn-client[1757]: note: openvpn 2.1 requires '--script-security 2' or higher call user-defined scripts or executables mar 25 06:50:31 tp ovpn-client[1757]: re-using ssl/tls context mar 25 06:50:31 tp ovpn-client[1757]: lzo compression initialized mar 25 06:50:31 tp ovpn-client[1757]: control channel mtu parms [ l:1542 d:138 ef:38 eb:0 et:0 el:0 ] mar 25 06:50:31 tp ovpn-client[1757]: socket buffers: r=[212992->131072] s=[212992->131072] mar 25 06:50:31 tp ovpn-client[1757]: data channel mtu parms [ l:1542 d:1450 ef:42 eb:135 et:0 el:0 af:3/1 ] mar 25 06:50:31 tp ovpn-client[1757]: local options hash (ver=v4): '41690919' mar 25 06:50:31 tp ovpn-client[1757]: expected remote options hash (ver=v4): '530fdded' mar 25 06:50:31 tp ovpn-client[1757]: udpv4 link local: [undef] mar 25 06:50:31 tp ovpn-client[1757]: udpv4 link remote: [af_inet]107.21.249.172:1194 mar 25 06:50:32 tp ovpn-client[1757]: tls: initial packet [af_inet]107.21.249.172:1194, sid=2f118173 6fcb3803 mar 25 06:51:31 tp ovpn-client[1757]: tls error: tls key negotiation failed occur within 60 seconds (check network connectivity) mar 25 06:51:31 tp ovpn-client[1757]: tls error: tls handshake failed mar 25 06:51:31 tp ovpn-client[1757]: tcp/udp: closing socket mar 25 06:51:31 tp ovpn-client[1757]: sigusr1[soft,tls-error] received, process restarting mar 25 06:51:31 tp ovpn-client[1757]: restart pause, 2 second(s) mar 25 06:51:33 tp ovpn-client[1757]: note: openvpn 2.1 requires '--script-security 2' or higher call user-defined scripts or executables mar 25 06:51:33 tp ovpn-client[1757]: re-using ssl/tls context mar 25 06:51:33 tp ovpn-client[1757]: lzo compression initialized mar 25 06:51:33 tp ovpn-client[1757]: control channel mtu parms [ l:1542 d:138 ef:38 eb:0 et:0 el:0 ] mar 25 06:51:33 tp ovpn-client[1757]: socket buffers: r=[212992->131072] s=[212992->131072] mar 25 06:51:33 tp ovpn-client[1757]: data channel mtu parms [ l:1542 d:1450 ef:42 eb:135 et:0 el:0 af:3/1 ] mar 25 06:51:33 tp ovpn-client[1757]: local options hash (ver=v4): '41690919' mar 25 06:51:33 tp ovpn-client[1757]: expected remote options hash (ver=v4): '530fdded' mar 25 06:51:33 tp ovpn-client[1757]: udpv4 link local: [undef] mar 25 06:51:33 tp ovpn-client[1757]: udpv4 link remote: [af_inet]107.21.249.172:1194 mar 25 06:51:34 tp ovpn-client[1757]: tls: initial packet [af_inet]107.21.249.172:1194, sid=8add2908 4270be64

hi,

seems me tls handshake issue.

code:
mar 25 06:51:31 tp ovpn-client[1757]: tls error: tls key negotiation failed occur within 60 seconds (check network connectivity) mar 25 06:51:31 tp ovpn-client[1757]: tls error: tls handshake failed
try on client browser:

code:
openssl s_client -connect host:port -tls1
if able connect, i'm not sure problem if aren't, browser sending tlsv1 encryption server cannot handle it. confirm can try these:

code:
openssl s_client -connect host:port -ssl3 openssl s_client -connect host:port -ssl2
where browser try connect using sslv3 , sslv2 encryption respectively.

hope helps.


Forum The Ubuntu Forum Community Ubuntu Official Flavours Support New to Ubuntu [ubuntu] OpenVPN on Ubuntu 12.04


Ubuntu

Comments

Post a Comment

Popular posts from this blog

Some mp4 files not displaying correctly (CS6)

-
Image
a week ago in premiere pro cs6 world. one day updated windows, next day few .mp4 video files opened in premiere pro, played fine well, except fact display has green (sometimes multicolour, solid green block) bars in lower third of screen. see screenshot below.   these same files open/display fine in after effects, photoshop , vlc- , quicktime players. i'd read fromyears ago windows updates causing this, removed 1 of therecent kb's no avail. i did install adobemediaencodertrial_64-6.0.3-mul-adobeupdate and dynamiclinkmediaserverretail-1.0.1-mul-adobeupdate and reverted quicktime 7.6 but nothing makes difference.   in end, formatted c:\, reinstalled windows 7 ultimate 64bit , downloaded/installed 260 updates , reinstalled cs6 (and aforementioned ame , dlms updates , qt7.6) it's still same problem.   also tried exporting (part of) 1 of these files, see if wasn't display problem: exported file same properties original has green bars.   what else can do?   thanks in advanc
Read more

Thread: Samba is not authenticating with LDAP

-
hello everyone. i've setup hp proliant server running ubuntu precise 64bit. have server running precise has openldap server running on it. i'm trying samba server authenticate ldap server users able log samba using ldap credentials. followed directions on site: http://raerek.blogspot.com/2012/05/s...sing-ldap.html http://raerek.blogspot.com/2012/05/s...g-ldap_28.html i'm using mac running mountain lion connected samba share when message: "check server name or ip address, , try again. if continue have problems, contact system administrator." when go /var/log/samba/log.workstation [2013/04/02 21:56:33.187358, 0] auth/check_samsec.c:491(check_sam_security) check_sam_security: make_server_info_sam() failed 'nt_status_unsuccessful' $ testparm load smb config files /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) minimum windows limit (16384) processing section "[oh-fileshare]&qu
Read more