connecting to ovenvpn as
hello,
i have installed openvpn as on centos everythings are work fine but when i tried to connect from client to server it's just stop on connection and noting happen, i tried to connect over tcp and over udp but the same problem is still. the server test tool give me that it's ok and when i tried to check the as i see the client request but no status. so where is the problem? thanks. |
What's in the logs?
|
hello thanks for your replay:
Tue Feb 21 11:30:11 2012 OpenVPNAS 2.1.8OAS Win32-MSVC++ [SSL] [LZO2] built on Aug 4 2011 Tue Feb 21 11:30:11 2012 MANAGEMENT: Connected to management server at 127.0.0.1:57854 Tue Feb 21 11:30:11 2012 MANAGEMENT: CMD 'state on' Tue Feb 21 11:30:11 2012 MANAGEMENT: CMD 'echo on' Tue Feb 21 11:30:11 2012 MANAGEMENT: CMD 'bytecount 5' Tue Feb 21 11:30:11 2012 MANAGEMENT: CMD 'hold off' Tue Feb 21 11:30:11 2012 MANAGEMENT: CMD 'hold release' Tue Feb 21 11:30:11 2012 MANAGEMENT: CMD 'username "Auth" "openvpnsy"' Tue Feb 21 11:30:11 2012 MANAGEMENT: CMD 'password [...]' Tue Feb 21 11:30:11 2012 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Feb 21 11:30:11 2012 Control Channel Authentication: tls-auth using INLINE static key file Tue Feb 21 11:30:11 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:30:11 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:30:11 2012 Socket Buffers: R=[8192->100000] S=[8192->100000] Tue Feb 21 11:30:11 2012 Attempting to establish TCP connection with 208.67.18.35:443 Tue Feb 21 11:30:11 2012 MANAGEMENT: >STATE:1329816611,TCP_CONNECT,,, Tue Feb 21 11:30:12 2012 TCP connection established with 208.67.18.35:443 Tue Feb 21 11:30:12 2012 TCPv4_CLIENT link local: [undef] Tue Feb 21 11:30:12 2012 TCPv4_CLIENT link remote: 208.67.18.35:443 Tue Feb 21 11:30:12 2012 MANAGEMENT: >STATE:1329816612,WAIT,,, Tue Feb 21 11:30:12 2012 MANAGEMENT: >STATE:1329816612,AUTH,,, Tue Feb 21 11:30:12 2012 TLS: Initial packet from 208.67.18.35:443, sid=d51f1686 0a1bef74 Tue Feb 21 11:30:54 2012 read TCPv4_CLIENT: Connection timed out (WSAETIMEDOUT) (code=10060) Tue Feb 21 11:30:54 2012 Connection reset, restarting [-1] Tue Feb 21 11:30:54 2012 SIGUSR1[soft,connection-reset] received, process restarting Tue Feb 21 11:30:54 2012 MANAGEMENT: >STATE:1329816654,RECONNECTING,connection-reset,, Tue Feb 21 11:30:54 2012 Restart pause, 5 second(s) Tue Feb 21 11:30:59 2012 MANAGEMENT: CMD 'username "Auth" "openvpnsy"' Tue Feb 21 11:30:59 2012 MANAGEMENT: CMD 'password [...]' Tue Feb 21 11:30:59 2012 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Feb 21 11:30:59 2012 Control Channel Authentication: tls-auth using INLINE static key file Tue Feb 21 11:30:59 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:30:59 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:30:59 2012 Socket Buffers: R=[8192->100000] S=[8192->100000] Tue Feb 21 11:30:59 2012 Attempting to establish TCP connection with 208.67.18.35:443 Tue Feb 21 11:30:59 2012 MANAGEMENT: >STATE:1329816659,TCP_CONNECT,,, Tue Feb 21 11:30:59 2012 TCP connection established with 208.67.18.35:443 Tue Feb 21 11:30:59 2012 TCPv4_CLIENT link local: [undef] Tue Feb 21 11:30:59 2012 TCPv4_CLIENT link remote: 208.67.18.35:443 Tue Feb 21 11:30:59 2012 MANAGEMENT: >STATE:1329816659,WAIT,,, Tue Feb 21 11:31:00 2012 MANAGEMENT: >STATE:1329816660,AUTH,,, Tue Feb 21 11:31:00 2012 TLS: Initial packet from 208.67.18.35:443, sid=279e9177 f51f539c Tue Feb 21 11:31:35 2012 read TCPv4_CLIENT: Connection timed out (WSAETIMEDOUT) (code=10060) Tue Feb 21 11:31:35 2012 Connection reset, restarting [-1] Tue Feb 21 11:31:35 2012 SIGUSR1[soft,connection-reset] received, process restarting Tue Feb 21 11:31:35 2012 MANAGEMENT: >STATE:1329816695,RECONNECTING,connection-reset,, Tue Feb 21 11:31:35 2012 Restart pause, 5 second(s) Tue Feb 21 11:31:40 2012 MANAGEMENT: CMD 'username "Auth" "openvpnsy"' Tue Feb 21 11:31:40 2012 MANAGEMENT: CMD 'password [...]' Tue Feb 21 11:31:40 2012 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Feb 21 11:31:40 2012 Control Channel Authentication: tls-auth using INLINE static key file Tue Feb 21 11:31:40 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:31:40 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:31:40 2012 Socket Buffers: R=[8192->100000] S=[8192->100000] Tue Feb 21 11:31:40 2012 Attempting to establish TCP connection with 208.67.18.35:443 Tue Feb 21 11:31:40 2012 MANAGEMENT: >STATE:1329816700,TCP_CONNECT,,, Tue Feb 21 11:31:40 2012 TCP connection established with 208.67.18.35:443 Tue Feb 21 11:31:40 2012 TCPv4_CLIENT link local: [undef] Tue Feb 21 11:31:40 2012 TCPv4_CLIENT link remote: 208.67.18.35:443 Tue Feb 21 11:31:40 2012 MANAGEMENT: >STATE:1329816700,WAIT,,, Tue Feb 21 11:31:41 2012 MANAGEMENT: >STATE:1329816701,AUTH,,, Tue Feb 21 11:31:41 2012 TLS: Initial packet from 208.67.18.35:443, sid=9e63bcc2 537ff18b Tue Feb 21 11:32:15 2012 read TCPv4_CLIENT: Connection timed out (WSAETIMEDOUT) (code=10060) Tue Feb 21 11:32:15 2012 Connection reset, restarting [-1] Tue Feb 21 11:32:15 2012 SIGUSR1[soft,connection-reset] received, process restarting Tue Feb 21 11:32:15 2012 MANAGEMENT: >STATE:1329816735,RECONNECTING,connection-reset,, Tue Feb 21 11:32:15 2012 Restart pause, 5 second(s) Tue Feb 21 11:32:20 2012 MANAGEMENT: CMD 'username "Auth" "openvpnsy"' Tue Feb 21 11:32:20 2012 MANAGEMENT: CMD 'password [...]' Tue Feb 21 11:32:20 2012 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Feb 21 11:32:20 2012 Control Channel Authentication: tls-auth using INLINE static key file Tue Feb 21 11:32:20 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:32:20 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:32:20 2012 Socket Buffers: R=[8192->100000] S=[8192->100000] Tue Feb 21 11:32:20 2012 Attempting to establish TCP connection with 208.67.18.35:443 Tue Feb 21 11:32:20 2012 MANAGEMENT: >STATE:1329816740,TCP_CONNECT,,, Tue Feb 21 11:32:20 2012 TCP connection established with 208.67.18.35:443 Tue Feb 21 11:32:20 2012 TCPv4_CLIENT link local: [undef] Tue Feb 21 11:32:20 2012 TCPv4_CLIENT link remote: 208.67.18.35:443 Tue Feb 21 11:32:20 2012 MANAGEMENT: >STATE:1329816740,WAIT,,, Tue Feb 21 11:32:20 2012 MANAGEMENT: >STATE:1329816740,AUTH,,, Tue Feb 21 11:32:20 2012 TLS: Initial packet from 208.67.18.35:443, sid=4a95bda8 fc2350a4 thnanks. |
pls not theat is the same problem if i tried to access using admin account.
thanks. |
hello there is the full log:
Tue Feb 21 11:34:25 2012 OpenVPNAS 2.1.8OAS Win32-MSVC++ [SSL] [LZO2] built on Aug 4 2011 Tue Feb 21 11:34:25 2012 MANAGEMENT: Connected to management server at 127.0.0.1:52124 Tue Feb 21 11:34:25 2012 MANAGEMENT: CMD 'state on' Tue Feb 21 11:34:25 2012 MANAGEMENT: CMD 'echo on' Tue Feb 21 11:34:25 2012 MANAGEMENT: CMD 'bytecount 5' Tue Feb 21 11:34:25 2012 MANAGEMENT: CMD 'hold off' Tue Feb 21 11:34:25 2012 MANAGEMENT: CMD 'hold release' Tue Feb 21 11:34:25 2012 MANAGEMENT: CMD 'username "Auth" "openvpn"' Tue Feb 21 11:34:25 2012 MANAGEMENT: CMD 'password [...]' Tue Feb 21 11:34:25 2012 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Feb 21 11:34:25 2012 Control Channel Authentication: tls-auth using INLINE static key file Tue Feb 21 11:34:25 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:34:25 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:34:25 2012 Socket Buffers: R=[8192->100000] S=[8192->100000] Tue Feb 21 11:34:25 2012 Attempting to establish TCP connection with 208.67.18.35:443 Tue Feb 21 11:34:25 2012 MANAGEMENT: >STATE:1329816865,TCP_CONNECT,,, Tue Feb 21 11:34:26 2012 TCP connection established with 208.67.18.35:443 Tue Feb 21 11:34:26 2012 TCPv4_CLIENT link local: [undef] Tue Feb 21 11:34:26 2012 TCPv4_CLIENT link remote: 208.67.18.35:443 Tue Feb 21 11:34:26 2012 MANAGEMENT: >STATE:1329816866,WAIT,,, Tue Feb 21 11:34:26 2012 MANAGEMENT: >STATE:1329816866,AUTH,,, Tue Feb 21 11:34:26 2012 TLS: Initial packet from 208.67.18.35:443, sid=eb4e748a 0f313940 Tue Feb 21 11:35:01 2012 read TCPv4_CLIENT: Connection timed out (WSAETIMEDOUT) (code=10060) Tue Feb 21 11:35:01 2012 Connection reset, restarting [-1] Tue Feb 21 11:35:01 2012 SIGUSR1[soft,connection-reset] received, process restarting Tue Feb 21 11:35:01 2012 MANAGEMENT: >STATE:1329816901,RECONNECTING,connection-reset,, Tue Feb 21 11:35:01 2012 Restart pause, 5 second(s) Tue Feb 21 11:35:06 2012 MANAGEMENT: CMD 'username "Auth" "openvpn"' Tue Feb 21 11:35:06 2012 MANAGEMENT: CMD 'password [...]' Tue Feb 21 11:35:06 2012 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Feb 21 11:35:06 2012 Control Channel Authentication: tls-auth using INLINE static key file Tue Feb 21 11:35:06 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:35:06 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:35:06 2012 Socket Buffers: R=[8192->100000] S=[8192->100000] Tue Feb 21 11:35:06 2012 Attempting to establish TCP connection with 208.67.18.35:443 Tue Feb 21 11:35:06 2012 MANAGEMENT: >STATE:1329816906,TCP_CONNECT,,, Tue Feb 21 11:35:07 2012 TCP connection established with 208.67.18.35:443 Tue Feb 21 11:35:07 2012 TCPv4_CLIENT link local: [undef] Tue Feb 21 11:35:07 2012 TCPv4_CLIENT link remote: 208.67.18.35:443 Tue Feb 21 11:35:07 2012 MANAGEMENT: >STATE:1329816907,WAIT,,, Tue Feb 21 11:35:07 2012 MANAGEMENT: >STATE:1329816907,AUTH,,, Tue Feb 21 11:35:07 2012 TLS: Initial packet from 208.67.18.35:443, sid=23ade7f7 91c59fcb Tue Feb 21 11:35:42 2012 read TCPv4_CLIENT: Connection timed out (WSAETIMEDOUT) (code=10060) Tue Feb 21 11:35:42 2012 Connection reset, restarting [-1] Tue Feb 21 11:35:42 2012 SIGUSR1[soft,connection-reset] received, process restarting Tue Feb 21 11:35:42 2012 MANAGEMENT: >STATE:1329816942,RECONNECTING,connection-reset,, Tue Feb 21 11:35:42 2012 Restart pause, 5 second(s) Tue Feb 21 11:35:47 2012 MANAGEMENT: CMD 'username "Auth" "openvpn"' Tue Feb 21 11:35:47 2012 MANAGEMENT: CMD 'password [...]' Tue Feb 21 11:35:47 2012 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Feb 21 11:35:47 2012 Control Channel Authentication: tls-auth using INLINE static key file Tue Feb 21 11:35:47 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:35:47 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:35:47 2012 Socket Buffers: R=[8192->100000] S=[8192->100000] Tue Feb 21 11:35:47 2012 Attempting to establish TCP connection with 208.67.18.35:443 Tue Feb 21 11:35:47 2012 MANAGEMENT: >STATE:1329816947,TCP_CONNECT,,, Tue Feb 21 11:35:47 2012 TCP connection established with 208.67.18.35:443 Tue Feb 21 11:35:47 2012 TCPv4_CLIENT link local: [undef] Tue Feb 21 11:35:47 2012 TCPv4_CLIENT link remote: 208.67.18.35:443 Tue Feb 21 11:35:47 2012 MANAGEMENT: >STATE:1329816947,WAIT,,, Tue Feb 21 11:35:48 2012 MANAGEMENT: >STATE:1329816948,AUTH,,, Tue Feb 21 11:35:48 2012 TLS: Initial packet from 208.67.18.35:443, sid=ad295444 57a9ebc8 Tue Feb 21 11:36:28 2012 read TCPv4_CLIENT: Connection timed out (WSAETIMEDOUT) (code=10060) Tue Feb 21 11:36:28 2012 Connection reset, restarting [-1] Tue Feb 21 11:36:28 2012 SIGUSR1[soft,connection-reset] received, process restarting Tue Feb 21 11:36:28 2012 MANAGEMENT: >STATE:1329816988,RECONNECTING,connection-reset,, Tue Feb 21 11:36:28 2012 Restart pause, 5 second(s) Tue Feb 21 11:36:33 2012 MANAGEMENT: CMD 'username "Auth" "openvpn"' Tue Feb 21 11:36:33 2012 MANAGEMENT: CMD 'password [...]' Tue Feb 21 11:36:33 2012 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Feb 21 11:36:33 2012 Control Channel Authentication: tls-auth using INLINE static key file Tue Feb 21 11:36:33 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:36:33 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:36:33 2012 Socket Buffers: R=[8192->100000] S=[8192->100000] Tue Feb 21 11:36:33 2012 Attempting to establish TCP connection with 208.67.18.35:443 Tue Feb 21 11:36:33 2012 MANAGEMENT: >STATE:1329816993,TCP_CONNECT,,, Tue Feb 21 11:36:34 2012 TCP connection established with 208.67.18.35:443 Tue Feb 21 11:36:34 2012 TCPv4_CLIENT link local: [undef] Tue Feb 21 11:36:34 2012 TCPv4_CLIENT link remote: 208.67.18.35:443 Tue Feb 21 11:36:34 2012 MANAGEMENT: >STATE:1329816994,WAIT,,, Tue Feb 21 11:36:34 2012 MANAGEMENT: >STATE:1329816994,AUTH,,, Tue Feb 21 11:36:34 2012 TLS: Initial packet from 208.67.18.35:443, sid=be95f7f3 1b3c2f98 Tue Feb 21 11:37:34 2012 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Tue Feb 21 11:37:34 2012 TLS Error: TLS handshake failed Tue Feb 21 11:37:34 2012 Fatal TLS error (check_tls_errors_co), restarting Tue Feb 21 11:37:34 2012 SIGUSR1[soft,tls-error] received, process restarting Tue Feb 21 11:37:34 2012 MANAGEMENT: >STATE:1329817054,RECONNECTING,tls-error,, Tue Feb 21 11:37:34 2012 Restart pause, 5 second(s) Tue Feb 21 11:37:39 2012 MANAGEMENT: CMD 'username "Auth" "openvpn"' Tue Feb 21 11:37:39 2012 MANAGEMENT: CMD 'password [...]' Tue Feb 21 11:37:39 2012 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Feb 21 11:37:39 2012 Control Channel Authentication: tls-auth using INLINE static key file Tue Feb 21 11:37:39 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:37:39 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 21 11:37:39 2012 Socket Buffers: R=[8192->100000] S=[8192->100000] Tue Feb 21 11:37:39 2012 Attempting to establish TCP connection with 208.67.18.35:443 Tue Feb 21 11:37:39 2012 MANAGEMENT: >STATE:1329817059,TCP_CONNECT,,, Tue Feb 21 11:37:39 2012 TCP connection established with 208.67.18.35:443 Tue Feb 21 11:37:39 2012 TCPv4_CLIENT link local: [undef] Tue Feb 21 11:37:39 2012 TCPv4_CLIENT link remote: 208.67.18.35:443 Tue Feb 21 11:37:39 2012 MANAGEMENT: >STATE:1329817059,WAIT,,, Tue Feb 21 11:37:40 2012 MANAGEMENT: >STATE:1329817060,AUTH,,, Tue Feb 21 11:37:40 2012 TLS: Initial packet from 208.67.18.35:443, sid=19ef6379 9af77edc Tue Feb 21 11:38:39 2012 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Tue Feb 21 11:38:39 2012 TLS Error: TLS handshake failed Tue Feb 21 11:38:39 2012 Fatal TLS error (check_tls_errors_co), restarting Tue Feb 21 11:38:39 2012 SIGUSR1[soft,tls-error] received, process restarting Tue Feb 21 11:38:39 2012 MANAGEMENT: >STATE:1329817119,RECONNECTING,tls-error,, Tue Feb 21 11:38:39 2012 Restart pause, 5 second(s) |
Is the client 208.67.18.35? The log seems to be saying that initial contact was made but there was a loss of network connectivity during authorisation.
Are there any firewalls (client or server) that could be allowing the initial connection but not subsequently allowing authorisation? |
helo,
208.67.18.35 is openvpn server. i disable the firewall on the client and also it's work normal on the system. how i can check of the problem from the centos firewall ! but as i told you the access server log show me that the client is tried to connect but no errors. thanks. |
Sorry -- I know something about OpenVPN but have no experience of OpenVPNAS. Hopefully that will not matter too much.
Just to be clear, what is the OS and IP address of the server and the client? Which were the logs from? when you wrote "i disable the firewall on the client and also it's work normal on the system" does that mean disabling the firewall on the client fixed the problem? |
the os is centos and the ip is that show above.
the firwal that is normal is the server and i desable the client firewall this log is from openvpn client. thanks. |
What is the OS and IP address of the server and the client?
|
server:
os:centos ip:208.67.18.35 Client os:windows 7 ip is an internet ip |
Thanks, that's clear now.
When you wrote "i disable the firewall on the client and also it's work normal on the system" does that mean disabling the firewall on the client fixed the problem? Is the client log from when the firewall was up or disabled? |
yes
|
hello,
i tried to connect througe ssto and use openvpn over it its work fine. so the isp is block somting how i can know it and bypass it regarding the log above? thanks, |
Quote:
|
All times are GMT -5. The time now is 10:53 AM. |