Menu
▾
▴
Re: [Openvpn-users] connecting then disconnectingApolog
|
From: Tom v. d. W. <in...@tv...> - 2010-05-10 14:22:09
|
Yep, it will if the proxy server runs on port 443, especially when
forwarding tcp. If possible, I'd recommend switching your openvpn to
udp. If that's not an option, you'll have to use portshare (there's has
been a topic about portsharing in the openvpn lists the past few days,
so if you keep copies of all list activity, I really recommend looking
at it). What also works very often is using a port that's not 80 or 443,
but also not blocked. A port that often meets these criteria is 1863,
the MSN messenger port. I'm quite fond of this port myself.
Tom
On 10-5-2010 16:09, J. Webster wrote:
> I have a proxy server running as well.
> Will forwarding port 443 cause an issue when clients try to send HTTPS connections?
>
> ----------------------------------------
>> Date: Mon, 10 May 2010 15:27:48 +0200
>> From: ja...@ni...
>> To: web...@ho...
>> CC: ope...@li...
>> Subject: Re: [Openvpn-users] connecting then disconnectingApolog
>>
>> J. Webster wrote:
>>> Can OpenVPN be runs on 2 ports at the same time or should I put the option of forwarding port 443 to 1194 in iptables?
>>> Won;t running openvpn on port 443 cause issues for HTTPS running through the server?
>>>
>>>
>> you'd have to use port-forwarding or iptables for that, e.g.
>>
>> -A PREROUTING -p tcp -m tcp --dport 443 -j DNAT --to-destination
>> :1194
>>
>> HTH,
>>
>> JJK
>>
>>
>>> ----------------------------------------
>>>
>>>> Date: Mon, 10 May 2010 14:42:35 +0200
>>>> From: ja...@ni...
>>>> To: web...@ho...
>>>> CC: ope...@li...
>>>> Subject: Re: [Openvpn-users] connecting then disconnectingApolog
>>>>
>>>> this
>>>>
>>>> Mon May 10 12:17:59 2010 us=347787 Attempting to establish TCP connection with xx.xxx.xxx.199:1194
>>>> Mon May 10 12:17:59 2010 us=348458 TCP: connect to xx.xxx.xxx.199:1194 failed, will try again in 5 seconds
>>>>
>>>> means either the hotel or the firewall on the client PC is blocking access
>>>> which OS is the client running? I see that {s}he's still running openvpn 2.0.9 which has problems on vista/7 ...
>>>>
>>>> cheers,
>>>>
>>>> JJK
>>>>
>>>>
>>>>
>>>> J. Webster wrote:
>>>>
>>>>> The client is getting this again today on connecting from a hotel.
>>>>> They say the client lights go green then yellow so I doubt the hotel is blokcing port 1194.
>>>>> Maybe something on their client computer again?
>>>>>
>>>>> Mon May 10 12:17:59 2010 us=85501 config = 'client.ovpn'
>>>>> Mon May 10 12:17:59 2010 us=85514 mode = 0
>>>>> Mon May 10 12:17:59 2010 us=85526 show_ciphers = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85538 show_digests = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85550 show_engines = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85561 genkey = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85572 key_pass_file = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=85584 show_tls_ciphers = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85595 proto = 2
>>>>> Mon May 10 12:17:59 2010 us=85606 local = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=85619 remote_list[0] = {'xx.xxx.xxx.199', 1194}
>>>>> Mon May 10 12:17:59 2010 us=85631 remote_random = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85643 local_port = 1194
>>>>> Mon May 10 12:17:59 2010 us=85654 remote_port = 1194
>>>>> Mon May 10 12:17:59 2010 us=85666 remote_float = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85678 ipchange = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=85689 bind_local = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85700 dev = 'tun'
>>>>> Mon May 10 12:17:59 2010 us=85712 dev_type = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=85726 dev_node = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=85737 tun_ipv6 = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85749 ifconfig_local = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=85761 ifconfig_remote_netmask = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=85772 ifconfig_noexec = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85784 ifconfig_nowarn = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85794 shaper = 0
>>>>> Mon May 10 12:17:59 2010 us=85805 tun_mtu = 1460
>>>>> Mon May 10 12:17:59 2010 us=85817 tun_mtu_defined = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=85828 link_mtu = 1500
>>>>> Mon May 10 12:17:59 2010 us=85839 link_mtu_defined = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85850 tun_mtu_extra = 0
>>>>> Mon May 10 12:17:59 2010 us=85862 tun_mtu_extra_defined = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85873 fragment = 0
>>>>> Mon May 10 12:17:59 2010 us=85884 mtu_discover_type = -1
>>>>> Mon May 10 12:17:59 2010 us=85895 mtu_test = 0
>>>>> Mon May 10 12:17:59 2010 us=85906 mlock = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=85917 keepalive_ping = 0
>>>>> Mon May 10 12:17:59 2010 us=85933 keepalive_timeout = 0
>>>>> Mon May 10 12:17:59 2010 us=85945 inactivity_timeout = 0
>>>>> Mon May 10 12:17:59 2010 us=85956 ping_send_timeout = 0
>>>>> Mon May 10 12:17:59 2010 us=85967 ping_rec_timeout = 0
>>>>> Mon May 10 12:17:59 2010 us=85986 ping_rec_timeout_action = 0
>>>>> Mon May 10 12:17:59 2010 us=85999 ping_timer_remote = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=86011 remap_sigusr1 = 0
>>>>> Mon May 10 12:17:59 2010 us=86023 explicit_exit_notification = 0
>>>>> Mon May 10 12:17:59 2010 us=86034 persist_tun = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=86046 persist_local_ip = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=86057 persist_remote_ip = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=86069 persist_key = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=86080 mssfix = 1450
>>>>> Mon May 10 12:17:59 2010 us=86092 resolve_retry_seconds = 1000000000
>>>>> Mon May 10 12:17:59 2010 us=86105 connect_retry_seconds = 5
>>>>> Mon May 10 12:17:59 2010 us=86117 username = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=86128 groupname = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=86139 chroot_dir = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=86150 cd_dir = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=86161 writepid = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=86173 up_script = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=86184 down_script = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=86195 down_pre = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=86206 up_restart = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=86217 up_delay = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=86228 daemon = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=86239 inetd = 0
>>>>> Mon May 10 12:17:59 2010 us=86250 log = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=86263 suppress_timestamps = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=86274 nice = 0
>>>>> Mon May 10 12:17:59 2010 us=86284 verbosity = 4
>>>>> Mon May 10 12:17:59 2010 us=86295 mute = 0
>>>>> Mon May 10 12:17:59 2010 us=124344 gremlin = 0
>>>>> Mon May 10 12:17:59 2010 us=124370 status_file = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=124383 status_file_version = 1
>>>>> Mon May 10 12:17:59 2010 us=124396 status_file_update_freq = 60
>>>>> Mon May 10 12:17:59 2010 us=124408 occ = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=124421 rcvbuf = 0
>>>>> Mon May 10 12:17:59 2010 us=124485 sndbuf = 0
>>>>> Mon May 10 12:17:59 2010 us=124499 socks_proxy_server = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=124526 socks_proxy_port = 0
>>>>> Mon May 10 12:17:59 2010 us=124539 socks_proxy_retry = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=124551 fast_io = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=124562 comp_lzo = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=124573 comp_lzo_adaptive = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=124586 route_script = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=124599 route_default_gateway = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=124611 route_noexec = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=124622 route_delay = 0
>>>>> Mon May 10 12:17:59 2010 us=138369 route_delay_window = 30
>>>>> Mon May 10 12:17:59 2010 us=138390 route_delay_defined = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=138403 management_addr = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=138415 management_port = 0
>>>>> Mon May 10 12:17:59 2010 us=138426 management_user_pass = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=138439 management_log_history_cache = 250
>>>>> Mon May 10 12:17:59 2010 us=138451 management_echo_buffer_size = 100
>>>>> Mon May 10 12:17:59 2010 us=138464 management_query_passwords = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=138476 management_hold = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=138489 shared_secret_file = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=138501 key_direction = 0
>>>>> Mon May 10 12:17:59 2010 us=138512 ciphername_defined = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=138524 ciphername = 'BF-CBC'
>>>>> Mon May 10 12:17:59 2010 us=138536 authname_defined = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=138548 authname = 'SHA1'
>>>>> Mon May 10 12:17:59 2010 us=138560 keysize = 0
>>>>> Mon May 10 12:17:59 2010 us=162700 engine = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=162723 replay = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=162737 mute_replay_warnings = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=162749 replay_window = 0
>>>>> Mon May 10 12:17:59 2010 us=162761 replay_time = 0
>>>>> Mon May 10 12:17:59 2010 us=162774 packet_id_file = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=162785 use_iv = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=162797 test_crypto = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=162809 tls_server = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=162821 tls_client = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=162832 key_method = 2
>>>>> Mon May 10 12:17:59 2010 us=162844 ca_file = 'ca.crt'
>>>>> Mon May 10 12:17:59 2010 us=162856 dh_file = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=162867 cert_file = 'cjduckett.crt'
>>>>> Mon May 10 12:17:59 2010 us=162880 priv_key_file = 'cjduckett.key'
>>>>> Mon May 10 12:17:59 2010 us=162892 pkcs12_file = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=162903 cryptoapi_cert = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=198728 cipher_list = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=198752 tls_verify = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=198767 tls_remote = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=198779 crl_file = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=198790 ns_cert_type = 64
>>>>> Mon May 10 12:17:59 2010 us=198802 tls_timeout = 2
>>>>> Mon May 10 12:17:59 2010 us=198813 renegotiate_bytes = 0
>>>>> Mon May 10 12:17:59 2010 us=198825 renegotiate_packets = 0
>>>>> Mon May 10 12:17:59 2010 us=198836 renegotiate_seconds = 3600
>>>>> Mon May 10 12:17:59 2010 us=198847 handshake_window = 60
>>>>> Mon May 10 12:17:59 2010 us=198859 transition_window = 3600
>>>>> Mon May 10 12:17:59 2010 us=198870 single_session = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=198881 tls_exit = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=198891 tls_auth_file = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=198917 server_network = 0.0.0.0
>>>>> Mon May 10 12:17:59 2010 us=198931 server_netmask = 0.0.0.0
>>>>> Mon May 10 12:17:59 2010 us=223543 server_bridge_ip = 0.0.0.0
>>>>> Mon May 10 12:17:59 2010 us=223752 server_bridge_netmask = 0.0.0.0
>>>>> Mon May 10 12:17:59 2010 us=223769 server_bridge_pool_start = 0.0.0.0
>>>>> Mon May 10 12:17:59 2010 us=223784 server_bridge_pool_end = 0.0.0.0
>>>>> Mon May 10 12:17:59 2010 us=223797 ifconfig_pool_defined = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=223809 ifconfig_pool_start = 0.0.0.0
>>>>> Mon May 10 12:17:59 2010 us=223822 ifconfig_pool_end = 0.0.0.0
>>>>> Mon May 10 12:17:59 2010 us=223836 ifconfig_pool_netmask = 0.0.0.0
>>>>> Mon May 10 12:17:59 2010 us=223849 ifconfig_pool_persist_filename = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=223862 ifconfig_pool_persist_refresh_freq = 600
>>>>> Mon May 10 12:17:59 2010 us=223893 ifconfig_pool_linear = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=223906 n_bcast_buf = 256
>>>>> Mon May 10 12:17:59 2010 us=223918 tcp_queue_limit = 64
>>>>> Mon May 10 12:17:59 2010 us=223928 real_hash_size = 256
>>>>> Mon May 10 12:17:59 2010 us=223941 virtual_hash_size = 256
>>>>> Mon May 10 12:17:59 2010 us=260700 client_connect_script = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=260905 learn_address_script = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=260922 client_disconnect_script = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=260953 client_config_dir = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=260967 ccd_exclusive = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=260978 tmp_dir = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=260990 push_ifconfig_defined = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=261006 push_ifconfig_local = 0.0.0.0
>>>>> Mon May 10 12:17:59 2010 us=261039 push_ifconfig_remote_netmask = 0.0.0.0
>>>>> Mon May 10 12:17:59 2010 us=261051 enable_c2c = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=261062 duplicate_cn = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=261073 cf_max = 0
>>>>> Mon May 10 12:17:59 2010 us=261083 cf_per = 0
>>>>> Mon May 10 12:17:59 2010 us=261093 max_clients = 1024
>>>>> Mon May 10 12:17:59 2010 us=261104 max_routes_per_client = 256
>>>>> Mon May 10 12:17:59 2010 us=282966 client_cert_not_required = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=282989 username_as_common_name = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=283002 auth_user_pass_verify_script = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=283015 auth_user_pass_verify_script_via_file = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=283027 client = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=283224 pull = ENABLED
>>>>> Mon May 10 12:17:59 2010 us=283237 auth_user_pass_file = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=283254 show_net_up = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=286403 route_method = 0
>>>>> Mon May 10 12:17:59 2010 us=286421 ip_win32_defined = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=286460 ip_win32_type = 3
>>>>> Mon May 10 12:17:59 2010 us=286475 dhcp_masq_offset = 0
>>>>> Mon May 10 12:17:59 2010 us=286488 dhcp_lease_time = 31536000
>>>>> Mon May 10 12:17:59 2010 us=286500 tap_sleep = 0
>>>>> Mon May 10 12:17:59 2010 us=286512 dhcp_options = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=308675 dhcp_renew = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=308893 dhcp_pre_release = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=308906 dhcp_release = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=308921 domain = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=308932 netbios_scope = '[UNDEF]'
>>>>> Mon May 10 12:17:59 2010 us=308970 netbios_node_type = 0
>>>>> Mon May 10 12:17:59 2010 us=308982 disable_nbt = DISABLED
>>>>> Mon May 10 12:17:59 2010 us=309007 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006
>>>>> Mon May 10 12:17:59 2010 us=309142 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
>>>>> Mon May 10 12:17:59 2010 us=310788 LZO compression initialized
>>>>> Mon May 10 12:17:59 2010 us=310817 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1460)
>>>>> Mon May 10 12:17:59 2010 us=311002 Control Channel MTU parms [ L:1504 D:140 EF:40 EB:0 ET:0 EL:0 ]
>>>>> Mon May 10 12:17:59 2010 us=347618 Data Channel MTU parms [ L:1504 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
>>>>> Mon May 10 12:17:59 2010 us=347678 Local Options String: 'V4,dev-type tun,link-mtu 1504,tun-mtu 1460,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
>>>>> Mon May 10 12:17:59 2010 us=347695 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1504,tun-mtu 1460,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
>>>>> Mon May 10 12:17:59 2010 us=347731 Local Options hash (VER=V4): '5e3b8323'
>>>>> Mon May 10 12:17:59 2010 us=347753 Expected Remote Options hash (VER=V4): '3dc0591a'
>>>>> Mon May 10 12:17:59 2010 us=347787 Attempting to establish TCP connection with xx.xxx.xxx.199:1194
>>>>> Mon May 10 12:17:59 2010 us=348458 TCP: connect to xx.xxx.xxx.199:1194 failed, will try again in 5 seconds
>>>>> Mon May 10 12:18:04 2010 us=348718 TCP: connect to xx.xxx.xxx.199:1194 failed, will try again in 5 seconds
>>>>> Mon May 10 12:18:09 2010 us=349154 TCP/UDP: Closing socket
>>>>> Mon May 10 12:18:09 2010 us=349243 SIGTERM[hard,init_instance] received, process exiting
>>>>>
>>>>>
>>>>> ----------------------------------------
>>>>>
>>>>>
>>>>>> Date: Mon, 26 Apr 2010 11:34:27 +0200
>>>>>> From: ja...@ni...
>>>>>> To: web...@ho...
>>>>>> CC: ope...@li...
>>>>>> Subject: Re: [Openvpn-users] connecting then disconnectingApolog
>>>>>>
>>>>>> J. Webster wrote:
>>>>>>
>>>>>>
>>>>>>> Apologies, have started a new subject thread on this error as it is separate.
>>>>>>>
>>>>>>> I tried today issuing a new certificate but the client cannot connect properly.
>>>>>>> The client connecs, lights go green, then it immediately disconnects . Any ideas on what could cause that behaviour? I have copied the logs below.
>>>>>>> It is worth noting then when I connect from my own computer using a different certificate (originally issued using the build scripts) it connects and stays connected.
>>>>>>> If it was a certificate problem, the client on the other computer wouldn't connect at all would it?
>>>>>>> The logs say that the cert check is ok in the logs below.
>>>>>>> So, if it's not the cert (judged by logs below) and it's not the connection (judged by the fact the my other cert connects correctly)
>>>>>>> what else can I troubleshoot?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> so you have
>>>>>> client A + cert A
>>>>>> that works and
>>>>>> client B + cert B
>>>>>> that does not? or am I missing something here?
>>>>>>
>>>>>> if client A + cert B does not work then the problem lies with cert B
>>>>>> (check the dates on the certificates and check the clocks on the client
>>>>>> and the server).
>>>>>>
>>>>>> Also, you still have to fix the
>>>>>> WARNING: normally if you use --mssfix and/or --fragment, you should
>>>>>> also set --tun-mtu 1500 (currently it is 1460)
>>>>>> issue ...
>>>>>>
>>>>>> Finally, the warning
>>>>>> Thu Apr 22 17:36:50 2010 us=101481 Connection reset, restarting [-1]
>>>>>> Thu Apr 22 17:36:50 2010 us=102045 TCP/UDP: Closing socket
>>>>>> suggests that *somebody* is dropping the connection (firewall? buggy router?)
>>>>>>
>>>>>> cheers,
>>>>>>
>>>>>> JJK
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>>> server log:
>>>>>>>> [root@server keys]# openvpn /etc/openvpn/openvpn.conf&
>>>>>>>> [1] 21971
>>>>>>>> [root@server keys]# Thu Apr 22 17:29:54 2010 OpenVPN 2.0.9 i386-redhat-linux-gnu [SSL] [LZO] [EPOLL] built on Mar 8 2007
>>>>>>>> Thu Apr 22 17:29:54 2010 Diffie-Hellman initialized with 1024 bit key
>>>>>>>> Thu Apr 22 17:29:54 2010 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1460)
>>>>>>>> Thu Apr 22 17:29:54 2010 TLS-Auth MTU parms [ L:1504 D:140 EF:40 EB:0 ET:0 EL:0 ]
>>>>>>>> Thu Apr 22 17:29:54 2010 TUN/TAP device tun0 opened
>>>>>>>> Thu Apr 22 17:29:54 2010 /sbin/ip link set dev tun0 up mtu 1460
>>>>>>>> Thu Apr 22 17:29:54 2010 /sbin/ip addr add dev tun0 local 172.16.0.1 peer 172.16.0.2
>>>>>>>> Thu Apr 22 17:29:54 2010 /sbin/ip route add 172.16.0.0/24 via 172.16.0.2
>>>>>>>> Thu Apr 22 17:29:54 2010 Data Channel MTU parms [ L:1504 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
>>>>>>>> Thu Apr 22 17:29:54 2010 GID set to users
>>>>>>>> Thu Apr 22 17:29:54 2010 UID set to nobody
>>>>>>>> Thu Apr 22 17:29:54 2010 Listening for incoming TCP connection on [undef]:1194
>>>>>>>> Thu Apr 22 17:29:54 2010 TCPv4_SERVER link local (bound): [undef]:1194
>>>>>>>> Thu Apr 22 17:29:54 2010 TCPv4_SERVER link remote: [undef]
>>>>>>>> Thu Apr 22 17:29:54 2010 MULTI: multi_init called, r=256 v=256
>>>>>>>> Thu Apr 22 17:29:54 2010 IFCONFIG POOL: base=172.16.0.4 size=62
>>>>>>>> Thu Apr 22 17:29:54 2010 IFCONFIG POOL LIST
>>>>>>>> Thu Apr 22 17:29:54 2010 karineblondeau,172.16.0.4
>>>>>>>> Thu Apr 22 17:29:54 2010 MULTI: TCP INIT maxclients=1024 maxevents=1028
>>>>>>>> Thu Apr 22 17:29:54 2010 Initialization Sequence Completed
>>>>>>>> Thu Apr 22 17:36:26 2010 MULTI: multi_create_instance called
>>>>>>>> Thu Apr 22 17:36:26 2010 Re-using SSL/TLS context
>>>>>>>> Thu Apr 22 17:36:26 2010 LZO compression initialized
>>>>>>>> Thu Apr 22 17:36:26 2010 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1460)
>>>>>>>> Thu Apr 22 17:36:26 2010 Control Channel MTU parms [ L:1504 D:140 EF:40 EB:0 ET:0 EL:0 ]
>>>>>>>> Thu Apr 22 17:36:26 2010 Data Channel MTU parms [ L:1504 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
>>>>>>>> Thu Apr 22 17:36:26 2010 Local Options hash (VER=V4): '3dc0591a'
>>>>>>>> Thu Apr 22 17:36:26 2010 Expected Remote Options hash (VER=V4): '5e3b8323'
>>>>>>>> Thu Apr 22 17:36:26 2010 TCP connection established with 92.xxx.34.55:2035
>>>>>>>> Thu Apr 22 17:36:26 2010 TCPv4_SERVER link local: [undef]
>>>>>>>> Thu Apr 22 17:36:26 2010 TCPv4_SERVER link remote: 92.xxx.34.55:2035
>>>>>>>> Thu Apr 22 17:36:26 2010 92.xxx.34.55:2035 TLS: Initial packet from 92.238.34.55:2035, sid=a87d2f42 009e9341
>>>>>>>> Thu Apr 22 17:36:27 2010 92.xxx.34.55:2035 CRL CHECK OK: /C=GB/ST=LND/L=LONDON/O=aaa/CN=aaa_CA/emailAddress=sa...@aa...
>>>>>>>> Thu Apr 22 17:36:27 2010 92.xxx.34.55:2035 VERIFY OK: depth=1, /C=GB/ST=LND/L=LONDON/O=aaa/CN=aaa_CA/emailAddress=sa...@aa...
>>>>>>>> Thu Apr 22 17:36:27 2010 92.xxx.34.55:2035 CRL CHECK OK: /C=GB/ST=LND/L=LONDON/O=aaa/CN=cert/emailAddress=sa...@aa...
>>>>>>>> Thu Apr 22 17:36:27 2010 92.xxx.34.55:2035 VERIFY OK: depth=0, /C=GB/ST=LND/L=LONDON/O=aaa/CN=cert/emailAddress=sa...@aa...
>>>>>>>> Thu Apr 22 17:36:27 2010 92.xxx.34.55:2035 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
>>>>>>>> Thu Apr 22 17:36:27 2010 92.xxx.34.55:2035 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
>>>>>>>> Thu Apr 22 17:36:27 2010 92.xxx.34.55:2035 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
>>>>>>>> Thu Apr 22 17:36:27 2010 92.xxx.34.55:2035 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
>>>>>>>> Thu Apr 22 17:36:27 2010 92.xxx.34.55:2035 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
>>>>>>>> Thu Apr 22 17:36:27 2010 92.xxx.34.55:2035 [cert] Peer Connection Initiated with 92.238.34.55:2035
>>>>>>>> Thu Apr 22 17:36:27 2010 cert/92.xxx.34.55:2035 MULTI: Learn: 172.16.0.6 -> cert/92.238.34.55:2035
>>>>>>>> Thu Apr 22 17:36:27 2010 cert/92.xxx.34.55:2035 MULTI: primary virtual IP for cert/92.238.34.55:2035: 172.16.0.6
>>>>>>>> Thu Apr 22 17:36:28 2010 cert/92.xxx.34.55:2035 PUSH: Received control message: 'PUSH_REQUEST'
>>>>>>>> Thu Apr 22 17:36:28 2010 cert/92.xxx.34.55:2035 SENT CONTROL [cert]: 'PUSH_REPLY,redirect-gateway,dhcp-option DNS 213.171.192.249,dhcp-option DNS 213.171.192.245,route 172.16.0.1,ping 10,ping-restart 120,ifconfig 172.16.0.6 172.16.0.5' (status=1)
>>>>>>>> Thu Apr 22 17:36:36 2010 cert/92.xxx.34.55:2035 MULTI: bad source address from client [192.168.1.3], packet dropped
>>>>>>>> Thu Apr 22 17:36:36 2010 cert/92.xxx.34.55:2035 MULTI: bad source address from client [192.168.1.3], packet dropped
>>>>>>>> Thu Apr 22 17:36:36 2010 cert/92.xxx.34.55:2035 MULTI: bad source address from client [192.168.1.3], packet dropped
>>>>>>>> Thu Apr 22 17:36:36 2010 cert/92.xxx.34.55:2035 MULTI: bad source address from client [192.168.1.3], packet dropped
>>>>>>>> Thu Apr 22 17:36:37 2010 cert/92.xxx.34.55:2035 MULTI: bad source address from client [192.168.1.3], packet dropped
>>>>>>>> Thu Apr 22 17:36:37 2010 cert/92.xxx.34.55:2035 MULTI: bad source address from client [192.168.1.3], packet dropped
>>>>>>>>
>>>>>>>> client log:
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630851 server_netmask = 0.0.0.0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630864 server_bridge_ip = 0.0.0.0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630875 server_bridge_netmask = 0.0.0.0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630888 server_bridge_pool_start = 0.0.0.0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630900 server_bridge_pool_end = 0.0.0.0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630912 ifconfig_pool_defined = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630925 ifconfig_pool_start = 0.0.0.0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630937 ifconfig_pool_end = 0.0.0.0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630950 ifconfig_pool_netmask = 0.0.0.0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630962 ifconfig_pool_persist_filename = '[UNDEF]'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630974 ifconfig_pool_persist_refresh_freq = 600
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630986 ifconfig_pool_linear = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=630997 n_bcast_buf = 256
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653277 tcp_queue_limit = 64
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653296 real_hash_size = 256
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653307 virtual_hash_size = 256
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653318 client_connect_script = '[UNDEF]'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653344 learn_address_script = '[UNDEF]'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653357 client_disconnect_script = '[UNDEF]'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653368 client_config_dir = '[UNDEF]'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653379 ccd_exclusive = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653390 tmp_dir = '[UNDEF]'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653401 push_ifconfig_defined = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653415 push_ifconfig_local = 0.0.0.0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653427 push_ifconfig_remote_netmask = 0.0.0.0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653438 enable_c2c = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=653448 duplicate_cn = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673061 cf_max = 0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673091 cf_per = 0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673102 max_clients = 1024
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673113 max_routes_per_client = 256
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673124 client_cert_not_required = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673156 username_as_common_name = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673169 auth_user_pass_verify_script = '[UNDEF]'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673182 auth_user_pass_verify_script_via_file = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673193 client = ENABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673203 pull = ENABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673214 auth_user_pass_file = '[UNDEF]'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673228 show_net_up = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673239 route_method = 0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673250 ip_win32_defined = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673261 ip_win32_type = 3
>>>>>>>> Thu Apr 22 17:36:38 2010 us=673272 dhcp_masq_offset = 0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=693286 dhcp_lease_time = 31536000
>>>>>>>> Thu Apr 22 17:36:38 2010 us=693318 tap_sleep = 0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=693333 dhcp_options = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=693344 dhcp_renew = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=693355 dhcp_pre_release = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=693365 dhcp_release = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=693375 domain = '[UNDEF]'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=693401 netbios_scope = '[UNDEF]'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=693416 netbios_node_type = 0
>>>>>>>> Thu Apr 22 17:36:38 2010 us=693427 disable_nbt = DISABLED
>>>>>>>> Thu Apr 22 17:36:38 2010 us=693449 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006
>>>>>>>> Thu Apr 22 17:36:38 2010 us=693576 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
>>>>>>>> Thu Apr 22 17:36:38 2010 us=697678 LZO compression initialized
>>>>>>>> Thu Apr 22 17:36:38 2010 us=697704 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1460)
>>>>>>>> Thu Apr 22 17:36:38 2010 us=714460 Control Channel MTU parms [ L:1504 D:140 EF:40 EB:0 ET:0 EL:0 ]
>>>>>>>> Thu Apr 22 17:36:38 2010 us=721350 Data Channel MTU parms [ L:1504 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
>>>>>>>> Thu Apr 22 17:36:38 2010 us=721398 Local Options String: 'V4,dev-type tun,link-mtu 1504,tun-mtu 1460,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=721413 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1504,tun-mtu 1460,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=721442 Local Options hash (VER=V4): '5e3b8323'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=721461 Expected Remote Options hash (VER=V4): '3dc0591a'
>>>>>>>> Thu Apr 22 17:36:38 2010 us=721492 Attempting to establish TCP connection with 88.xxx.xxx.xxx:1194
>>>>>>>> Thu Apr 22 17:36:38 2010 us=752761 TCP connection established with 88.xxx.xxx.xxx:1194
>>>>>>>> Thu Apr 22 17:36:38 2010 us=752804 Socket Buffers: R=[8192->8192] S=[8192->8192]
>>>>>>>> Thu Apr 22 17:36:38 2010 us=752828 TCPv4_CLIENT link local: [undef]
>>>>>>>> Thu Apr 22 17:36:38 2010 us=752841 TCPv4_CLIENT link remote: 88.xxx.xxx.xxx:1194
>>>>>>>> Thu Apr 22 17:36:38 2010 us=767552 TLS: Initial packet from 88.xxx.xxx.xxx:1194, sid=35a9fbfa e4b195c2
>>>>>>>> Thu Apr 22 17:36:39 2010 us=16324 VERIFY OK: depth=1, /C=GB/ST=LND/L=LONDON/O=AAA/CN=AAA_CA/emailAddress=sa...@AA...
>>>>>>>> Thu Apr 22 17:36:39 2010 us=16898 VERIFY OK: nsCertType=SERVER
>>>>>>>> Thu Apr 22 17:36:39 2010 us=16915 VERIFY OK: depth=0, /C=GB/ST=LND/L=LONDON/O=AAA/CN=server/emailAddress=sa...@AA...
>>>>>>>> Thu Apr 22 17:36:39 2010 us=829837 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
>>>>>>>> Thu Apr 22 17:36:39 2010 us=829884 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
>>>>>>>> Thu Apr 22 17:36:39 2010 us=830016 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
>>>>>>>> Thu Apr 22 17:36:39 2010 us=830042 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
>>>>>>>> Thu Apr 22 17:36:39 2010 us=830354 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
>>>>>>>> Thu Apr 22 17:36:39 2010 us=830405 [server] Peer Connection Initiated with 88.xxx.xxx.xxx:1194
>>>>>>>> Thu Apr 22 17:36:41 2010 us=88658 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
>>>>>>>> Thu Apr 22 17:36:41 2010 us=236697 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway,dhcp-option DNS 213.171.192.249,dhcp-option DNS 213.171.192.245,route 172.16.0.1,ping 10,ping-restart 120,ifconfig 172.16.0.6 172.16.0.5'
>>>>>>>> Thu Apr 22 17:36:41 2010 us=236827 OPTIONS IMPORT: timers and/or timeouts modified
>>>>>>>> Thu Apr 22 17:36:41 2010 us=236851 OPTIONS IMPORT: --ifconfig/up options modified
>>>>>>>> Thu Apr 22 17:36:41 2010 us=236869 OPTIONS IMPORT: route options modified
>>>>>>>> Thu Apr 22 17:36:41 2010 us=236907 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
>>>>>>>> Thu Apr 22 17:36:41 2010 us=277594 TAP-WIN32 device [Local Area Connection 3] opened: \\.\Global\{024B86A8-21B7-4F3A-93B5-737E66AE54A1}.tap
>>>>>>>> Thu Apr 22 17:36:41 2010 us=277642 TAP-Win32 Driver Version 8.4
>>>>>>>> Thu Apr 22 17:36:41 2010 us=277668 TAP-Win32 MTU=1500
>>>>>>>> Thu Apr 22 17:36:41 2010 us=277708 Notified TAP-Win32 driver to set a DHCP IP/netmask of 172.16.0.6/255.255.255.252 on interface {024B86A8-21B7-4F3A-93B5-737E66AE54A1} [DHCP-serv: 172.16.0.5, lease-time: 31536000]
>>>>>>>> Thu Apr 22 17:36:41 2010 us=277740 DHCP option string: 0608d5ab c0f9d5ab c0f5
>>>>>>>> Thu Apr 22 17:36:41 2010 us=282610 Successful ARP Flush on interface [3] {024B86A8-21B7-4F3A-93B5-737E66AE54A1}
>>>>>>>> Thu Apr 22 17:36:41 2010 us=307490 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
>>>>>>>> Thu Apr 22 17:36:41 2010 us=307528 Route: Waiting for TUN/TAP interface to come up...
>>>>>>>> Thu Apr 22 17:36:42 2010 us=570519 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
>>>>>>>> Thu Apr 22 17:36:42 2010 us=570557 Route: Waiting for TUN/TAP interface to come up...
>>>>>>>> Thu Apr 22 17:36:43 2010 us=833674 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
>>>>>>>> Thu Apr 22 17:36:43 2010 us=833717 Route: Waiting for TUN/TAP interface to come up...
>>>>>>>> Thu Apr 22 17:36:45 2010 us=97098 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
>>>>>>>> Thu Apr 22 17:36:45 2010 us=97136 Route: Waiting for TUN/TAP interface to come up...
>>>>>>>> Thu Apr 22 17:36:46 2010 us=359630 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
>>>>>>>> Thu Apr 22 17:36:46 2010 us=359669 Route: Waiting for TUN/TAP interface to come up...
>>>>>>>> Thu Apr 22 17:36:47 2010 us=622974 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
>>>>>>>> Thu Apr 22 17:36:47 2010 us=623022 route ADD 88.xxx.xxx.xxx MASK 255.255.255.255 192.168.1.1
>>>>>>>> Thu Apr 22 17:36:47 2010 us=630852 Route addition via IPAPI succeeded
>>>>>>>> Thu Apr 22 17:36:47 2010 us=630897 route DELETE 0.0.0.0 MASK 0.0.0.0 192.168.1.1
>>>>>>>> Thu Apr 22 17:36:47 2010 us=637424 Route deletion via IPAPI succeeded
>>>>>>>> Thu Apr 22 17:36:47 2010 us=637466 route ADD 0.0.0.0 MASK 0.0.0.0 172.16.0.5
>>>>>>>> Thu Apr 22 17:36:47 2010 us=646817 Route addition via IPAPI succeeded
>>>>>>>> Thu Apr 22 17:36:47 2010 us=646862 route ADD 172.16.0.1 MASK 255.255.255.255 172.16.0.5
>>>>>>>> Thu Apr 22 17:36:47 2010 us=653727 Route addition via IPAPI succeeded
>>>>>>>> Thu Apr 22 17:36:47 2010 us=653766 Initialization Sequence Completed
>>>>>>>> Thu Apr 22 17:36:50 2010 us=101481 Connection reset, restarting [-1]
>>>>>>>> Thu Apr 22 17:36:50 2010 us=102045 TCP/UDP: Closing socket
>>>>>>>> Thu Apr 22 17:36:50 2010 us=102363 SIGUSR1[soft,connection-reset] received, process restarting
>>>>>>>> Thu Apr 22 17:36:50 2010 us=102389 Restart pause, 5 second(s)
>>>>>>>> Thu Apr 22 17:36:55 2010 us=102113 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
>>>>>>>> Thu Apr 22 17:36:55 2010 us=102183 Re-using SSL/TLS context
>>>>>>>> Thu Apr 22 17:36:55 2010 us=102248 LZO compression initialized
>>>>>>>> Thu Apr 22 17:36:55 2010 us=102275 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1460)
>>>>>>>> Thu Apr 22 17:36:55 2010 us=102380 Control Channel MTU parms [ L:1504 D:140 EF:40 EB:0 ET:0 EL:0 ]
>>>>>>>> Thu Apr 22 17:36:55 2010 us=102874 Data Channel MTU parms [ L:1504 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
>>>>>>>> Thu Apr 22 17:36:55 2010 us=102935 Local Options String: 'V4,dev-type tun,link-mtu 1504,tun-mtu 1460,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
>>>>>>>> Thu Apr 22 17:36:55 2010 us=102958 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1504,tun-mtu 1460,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
>>>>>>>> Thu Apr 22 17:36:55 2010 us=102996 Local Options hash (VER=V4): '5e3b8323'
>>>>>>>> Thu Apr 22 17:36:55 2010 us=103026 Expected Remote Options hash (VER=V4): '3dc0591a'
>>>>>>>> Thu Apr 22 17:36:55 2010 us=103222 Attempting to establish TCP connection with 88.xxx.xxx.xxx:1194
>>>>>>>> Thu Apr 22 17:37:16 2010 us=125616 TCP: connect to 88.xxx.xxx.xxx:1194 failed, will try again in 5 seconds
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>> _________________________________________________________________
>>>>> http://clk.atdmt.com/UKM/go/195013117/direct/01/
>>>>> We want to hear all your funny, exciting and crazy Hotmail stories. Tell us now
>>>>>
>>> _________________________________________________________________
>>> http://clk.atdmt.com/UKM/go/197222280/direct/01/
>>> Do you have a story that started on Hotmail? Tell us now
>
> _________________________________________________________________
> http://clk.atdmt.com/UKM/go/195013117/direct/01/
> We want to hear all your funny, exciting and crazy Hotmail stories. Tell us now
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Openvpn-users mailing list
> Ope...@li...
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
|
