Menu
▾
▴
Re: [Openvpn-users] Certificate Problems getting Linux<->Windows tunnel to work?
|
From: James Y. <ji...@yo...> - 2003-09-16 19:12:53
|
Carl, This looks like a configuration issue. Can you post your config files? James Carl Perry <cp...@ti...> said: > I'm testing OpenVPN here at the office as a road-warrior solution. I've > got a Win2k notebook and our Linux firewall on a hub connected to our T1 > line. When I try to launch the OpenVPN client on windows, I get the > following messages: > > Mon Sep 15 18:26:18 2003 24: Authenticate/Decrypt packet error: bad > packet ID (may be a replay): [ #1 / time = (1063667992) Mon Sep 15 > 18:19:52 2003 ] > Mon Sep 15 18:26:18 2003 25: TLS Error: incoming packet authentication > failed from 67.153.25.126:500 > ... > Mon Sep 15 18:26:18 2003 38: Authenticate/Decrypt packet error: bad > packet ID ( > may be a replay): [ #23 / time = (1063667992) Mon Sep 15 18:19:52 2003 ] > Mon Sep 15 18:26:18 2003 39: TLS Error: incoming packet authentication > failed fr > om 67.153.25.126:5000 > Mon Sep 15 18:26:18 2003 40: VERIFY ERROR: depth=0, error=unsupported > certifi > cate purpose: > /C=US/ST=Texas/L=Austin/O=TICOM.Geomtaics.VPN/OU=IPSEC.VPN.Server. > Certificate/CN=dimebox.ticom-geo.com/ema...@ti... > Mon Sep 15 18:26:18 2003 41: TLS_ERROR: BIO read tls_read_plaintext > error: error > :14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed > Mon Sep 15 18:26:18 2003 42: TLS Error: TLS object -> incoming plaintext > read er > ror > Mon Sep 15 18:26:18 2003 43: TLS Error: TLS handshake failed > Mon Sep 15 18:26:18 2003 44: TLS Error: Unroutable control packet > received from > 67.153.25.126:5000 (si=3 op=P_CONTROL_V1) > > The linux side has less details: > > Mon Sep 15 23:19:52 2003 26[0]: TLS: tls_pre_decrypt: first response to > initial > packet from 67.153.25.80:5000, sid=5c4768a4 6890f26f > Mon Sep 15 23:19:52 2003 27[0]: Authenticate/Decrypt packet error: bad > packet I > D (may be a replay): [ #1 / time = (1063668373) Mon Sep 15 23:26:13 2003 ] > Mon Sep 15 23:19:52 2003 28[0]: TLS Error: incoming packet > authentication failed > from 67.153.25.80:5000 > Mon Sep 15 23:19:52 2003 29[0]: Authenticate/Decrypt packet error: bad > packet > ID (may be a replay): [ #2 / time = (1063668373) Mon Sep 15 23:26:13 2003 ] > Mon Sep 15 23:19:52 2003 30[0]: TLS Error: incoming packet > authentication failed > from 67.153.25.80:5000 > > Is this a configuration issue, a lack of router issue, or a TLS > certificate issue? I've tried with both UDP and TCP transport, same > results. I have not tried going from linux to linux yet, as windows to > linux is far more valuable to me in the short term. I am willing to > post config files and public certificates if they will be of help. I'm > sorry if this has come up before and an answer posted to the list, but > SF's lack of search function makes it difficult to find past messages. > I did check back about three months on the list archive manually, but > may have missed some stuff. Any information would be appreciated. Thanks! > > -Carl > -- |
