Menu
▾
▴
openvpn-users
|
From: Daniel Z. <dan...@gm...> - 2010-02-16 15:36:27
|
Hi there, I am working my personal OpenVPN setup. Firstly I installed openvpn on a VPS, then install openvpn client on my pc. The VPN works fine but unfortunately the connection is always reset after 4 minutes. The configuration must be right otherwise the connection won't be established. But there must be something wrong. I have double checked the configuration against the tutorial for quite a few times but didn't find anything. Will appreciate if someone give me some hints. Many thanks in advnace. Following is the log on client side: Tue Feb 16 22:33:47 2010 OpenVPN 2.1.1 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Dec 11 2009 Tue Feb 16 22:33:47 2010 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Tue Feb 16 22:33:47 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Feb 16 22:33:48 2010 LZO compression initialized Tue Feb 16 22:33:48 2010 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ] Tue Feb 16 22:33:48 2010 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Tue Feb 16 22:33:48 2010 Local Options hash (VER=V4): '69109d17' Tue Feb 16 22:33:48 2010 Expected Remote Options hash (VER=V4): 'c0103fa8' Tue Feb 16 22:33:48 2010 Attempting to establish TCP connection with 69.197.153.243:1194 Tue Feb 16 22:33:48 2010 TCP connection established with 69.197.153.243:1194 Tue Feb 16 22:33:48 2010 Socket Buffers: R=[8192->8192] S=[8192->8192] Tue Feb 16 22:33:48 2010 TCPv4_CLIENT link local: [undef] Tue Feb 16 22:33:48 2010 TCPv4_CLIENT link remote: 69.197.153.243:1194 Tue Feb 16 22:33:48 2010 TLS: Initial packet from 69.197.153.243:1194, sid=f2db4d8e ebbfe6d5 Tue Feb 16 22:33:53 2010 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=me...@my...domain Tue Feb 16 22:33:53 2010 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=me...@my...domain Tue Feb 16 22:34:03 2010 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue Feb 16 22:34:03 2010 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 16 22:34:03 2010 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue Feb 16 22:34:03 2010 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Feb 16 22:34:03 2010 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Tue Feb 16 22:34:03 2010 [server] Peer Connection Initiated with 69.197.153.243:1194 Tue Feb 16 22:34:05 2010 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Tue Feb 16 22:34:06 2010 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 69.197.153.253,dhcp-option DNS 69.30.192.15,route 10.8.0.0 255.255.255.0,topology net30,ifconfig 10.8.0.6 10.8.0.5' Tue Feb 16 22:34:06 2010 OPTIONS IMPORT: --ifconfig/up options modified Tue Feb 16 22:34:06 2010 OPTIONS IMPORT: route options modified Tue Feb 16 22:34:06 2010 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Tue Feb 16 22:34:06 2010 ROUTE default_gateway=192.168.1.1 Tue Feb 16 22:34:06 2010 TAP-WIN32 device [Local Connection 4] opened: \\.\Global\{1C848107-D7DF-431F-8120-C0642C788711}.tap Tue Feb 16 22:34:06 2010 TAP-Win32 Driver Version 9.6 Tue Feb 16 22:34:06 2010 TAP-Win32 MTU=1500 Tue Feb 16 22:34:06 2010 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {1C848107-D7DF-431F-8120-C0642C788711} [DHCP-serv: 10.8.0.5, lease-time: 31536000] Tue Feb 16 22:34:06 2010 Successful ARP Flush on interface [4] {1C848107-D7DF-431F-8120-C0642C788711} Tue Feb 16 22:34:11 2010 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up Tue Feb 16 22:34:11 2010 C:\WINDOWS\system32\route.exe ADD 69.197.153.243 MASK 255.255.255.255 192.168.1.1 Tue Feb 16 22:34:11 2010 Route addition via IPAPI succeeded [adaptive] Tue Feb 16 22:34:11 2010 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5 Tue Feb 16 22:34:11 2010 Route addition via IPAPI succeeded [adaptive] Tue Feb 16 22:34:11 2010 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5 Tue Feb 16 22:34:11 2010 Route addition via IPAPI succeeded [adaptive] Tue Feb 16 22:34:11 2010 C:\WINDOWS\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.5 Tue Feb 16 22:34:11 2010 Route addition via IPAPI succeeded [adaptive] Tue Feb 16 22:34:11 2010 Initialization Sequence Completed Tue Feb 16 22:38:31 2010 write TCPv4_CLIENT: Connection reset by peer (WSAECONNRESET) (code=10054) Tue Feb 16 22:38:31 2010 Connection reset, restarting [-1] Tue Feb 16 22:38:31 2010 TCP/UDP: Closing socket Tue Feb 16 22:38:31 2010 SIGUSR1[soft,connection-reset] received, process restarting Tue Feb 16 22:38:31 2010 Restart pause, 5 second(s) Tue Feb 16 22:38:36 2010 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Tue Feb 16 22:38:36 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Feb 16 22:38:36 2010 Re-using SSL/TLS context Tue Feb 16 22:38:36 2010 LZO compression initialized Tue Feb 16 22:38:36 2010 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ] Tue Feb 16 22:38:36 2010 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Tue Feb 16 22:38:36 2010 Local Options hash (VER=V4): '69109d17' Tue Feb 16 22:38:36 2010 Expected Remote Options hash (VER=V4): 'c0103fa8' Tue Feb 16 22:38:36 2010 Attempting to establish TCP connection with 69.197.153.243:1194 Tue Feb 16 22:38:57 2010 TCP: connect to 69.197.153.243:1194 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT) Tue Feb 16 22:39:23 2010 TCP: connect to 69.197.153.243:1194 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT) Tue Feb 16 22:39:50 2010 TCP: connect to 69.197.153.243:1194 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT) Tue Feb 16 22:40:16 2010 TCP: connect to 69.197.153.243:1194 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT) -- Once a Saint, always a Saint |
|
From: Eero V. <eer...@ik...> - 2010-02-16 15:47:54
|
On 2/16/10 5:36 PM, Daniel Zhou wrote: > Hi there, > > I am working my personal OpenVPN setup. > > Firstly I installed openvpn on a VPS, then install openvpn client on my On what virtualization engine? > pc. The VPN works fine but unfortunately the connection is always reset > after 4 minutes. Sounds like poorly configured vps (some memory, tcp, or other limits?) or bad network. -- Eero |
|
From: Les M. <les...@gm...> - 2010-02-16 16:07:07
|
On 2/16/2010 9:36 AM, Daniel Zhou wrote:
>
> I am working my personal OpenVPN setup.
>
> Firstly I installed openvpn on a VPS, then install openvpn client on my
> pc. The VPN works fine but unfortunately the connection is always reset
> after 4 minutes.
4 minutes of use or 4 minutes of inactivity? A NAT router or firewall
in the path might time out inactive connections. If that's the problem,
the keepalive option might help.
--
Les Mikesell
les...@gm...
|
|
From: Daniel Z. <dan...@gm...> - 2010-02-17 02:29:46
|
Thank you all. Hi Dylan, I am very sure I am not connect to server on multiple PCs. The problem happened when I configured my home pc two weeks ago. Now I travelled 1000Km and try to configure on my parent's PC. Hi Eero, the VPS is on ramhost.us and I bought Nano plan<http://www.ramhost.us/?page=virtual-dedicated-server>- Guaranteed RAM 80M, Burstable 128M, Disk 2G. Is it suitable for a OpenVPN server? Hi Les, it is 4 minutes of use. Once the connection established I kept trying to access some government banned websites and it really worked for a while. :) On Wed, Feb 17, 2010 at 12:06 AM, Les Mikesell <les...@gm...>wrote: > On 2/16/2010 9:36 AM, Daniel Zhou wrote: > > > > I am working my personal OpenVPN setup. > > > > Firstly I installed openvpn on a VPS, then install openvpn client on my > > pc. The VPN works fine but unfortunately the connection is always reset > > after 4 minutes. > > 4 minutes of use or 4 minutes of inactivity? A NAT router or firewall > in the path might time out inactive connections. If that's the problem, > the keepalive option might help. > > -- > Les Mikesell > les...@gm... > > > ------------------------------------------------------------------------------ > SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, > Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW > http://p.sf.net/sfu/solaris-dev2dev > _______________________________________________ > Openvpn-users mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/openvpn-users > -- Once a Saint, always a Saint |
|
From: yegle <cn...@gm...> - 2010-02-17 02:43:31
|
Hi Daniel, I think you should try UDP mod first. Any is there any keepalive options in your server configure file? On Wed, Feb 17, 2010 at 9:37 AM, Daniel Zhou <dan...@gm...>wrote: > Thank you all. > > Hi Dylan, I am very sure I am not connect to server on multiple PCs. The > problem happened when I configured my home pc two weeks ago. Now I travelled > 1000Km and try to configure on my parent's PC. > > Hi Eero, the VPS is on ramhost.us and I bought Nano plan<http://www.ramhost.us/?page=virtual-dedicated-server>- Guaranteed RAM 80M, Burstable 128M, Disk 2G. Is it suitable for a OpenVPN > server? > > Hi Les, it is 4 minutes of use. Once the connection established I kept > trying to access some government banned websites and it really worked for a > while. :) > > > > On Wed, Feb 17, 2010 at 12:06 AM, Les Mikesell <les...@gm...>wrote: > >> On 2/16/2010 9:36 AM, Daniel Zhou wrote: >> > >> > I am working my personal OpenVPN setup. >> > >> > Firstly I installed openvpn on a VPS, then install openvpn client on my >> > pc. The VPN works fine but unfortunately the connection is always reset >> > after 4 minutes. >> >> 4 minutes of use or 4 minutes of inactivity? A NAT router or firewall >> in the path might time out inactive connections. If that's the problem, >> the keepalive option might help. >> >> -- >> Les Mikesell >> les...@gm... >> >> >> ------------------------------------------------------------------------------ >> SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, >> Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW >> http://p.sf.net/sfu/solaris-dev2dev >> _______________________________________________ >> Openvpn-users mailing list >> Ope...@li... >> https://lists.sourceforge.net/lists/listinfo/openvpn-users >> > > > > -- > Once a Saint, always a Saint > > > ------------------------------------------------------------------------------ > SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, > Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW > http://p.sf.net/sfu/solaris-dev2dev > _______________________________________________ > Openvpn-users mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/openvpn-users > > |
|
From: Jan J. K. <ja...@ni...> - 2010-02-17 08:11:07
|
Hi Daniel, Daniel Zhou wrote: > Thank you all. > > Hi Dylan, I am very sure I am not connect to server on multiple PCs. > The problem happened when I configured my home pc two weeks ago. Now I > travelled 1000Km and try to configure on my parent's PC. > > Hi Eero, the VPS is on ramhost.us <http://ramhost.us> and I bought > Nano plan <http://www.ramhost.us/?page=virtual-dedicated-server> - > Guaranteed RAM 80M, Burstable 128M, Disk 2G. Is it suitable for a > OpenVPN server? > > Hi Les, it is 4 minutes of use. Once the connection established I kept > trying to access some government banned websites and it really worked > for a while. :) > > this was my initial guess: if the connection works for 4 minutes and then drops all of a sudden then I suspect there's a firewall which is detecting then blocking openvpn traffic. OpenVPN does not disguise itself in any way (not even TCP port 443) so if you need to duck below some government firewall then I'd suggest you use other means. See if you can set up a simple webserver / port listener on the PC in the US and then connect to that (not using the VPN) for more than 4 minutes. If not then there's another networking issue involved. HTH, JJK > On Wed, Feb 17, 2010 at 12:06 AM, Les Mikesell <les...@gm... > <mailto:les...@gm...>> wrote: > > On 2/16/2010 9:36 AM, Daniel Zhou wrote: > > > > I am working my personal OpenVPN setup. > > > > Firstly I installed openvpn on a VPS, then install openvpn > client on my > > pc. The VPN works fine but unfortunately the connection is > always reset > > after 4 minutes. > > 4 minutes of use or 4 minutes of inactivity? A NAT router or > firewall > in the path might time out inactive connections. If that's the > problem, > the keepalive option might help. > |
|
From: Eero V. <eer...@ik...> - 2010-02-17 14:43:27
|
On 2/17/10 3:37 AM, Daniel Zhou wrote: > Thank you all. > > Hi Dylan, I am very sure I am not connect to server on multiple PCs. The > problem happened when I configured my home pc two weeks ago. Now I > travelled 1000Km and try to configure on my parent's PC. > > Hi Eero, the VPS is on ramhost.us <http://ramhost.us> and I bought Nano > plan <http://www.ramhost.us/?page=virtual-dedicated-server> - Guaranteed > RAM 80M, Burstable 128M, Disk 2G. Is it suitable for a OpenVPN server? > > Hi Les, it is 4 minutes of use. Once the connection established I kept > trying to access some government banned websites and it really worked > for a while. :) OpenVZ is a bit problematic with openvz hosting, but maybe it works correctly with correct userbeancounters values set. -- Eero |
|
From: Leonard P. <lo...@ho...> - 2010-02-17 15:09:50
|
If all you're looking to do is view websites with country restrictions on them, or restricted by country I would suggest setting up OpenSSH and using a SOCKS5 Proxy. That way you have a fully encrypted lightweight end to end channel for just the programs you need. (Web/AIM/MSN/Skype) as you see need for. If you're trying to duck a government firewall you may find this works better as it may have scripts set to be suspicious of any connection that is obviously tunneling all traffic. I haven't failed! I've only found 10,000 ways that don't work. Date: Wed, 17 Feb 2010 09:37:22 +0800 From: dan...@gm... To: ope...@li... Subject: Re: [Openvpn-users] OpenVPN connection reset after 4 minutes Thank you all. Hi Dylan, I am very sure I am not connect to server on multiple PCs. The problem happened when I configured my home pc two weeks ago. Now I travelled 1000Km and try to configure on my parent's PC. Hi Eero, the VPS is on ramhost.us and I bought Nano plan - Guaranteed RAM 80M, Burstable 128M, Disk 2G. Is it suitable for a OpenVPN server? Hi Les, it is 4 minutes of use. Once the connection established I kept trying to access some government banned websites and it really worked for a while. :) On Wed, Feb 17, 2010 at 12:06 AM, Les Mikesell <les...@gm...> wrote: On 2/16/2010 9:36 AM, Daniel Zhou wrote: > > I am working my personal OpenVPN setup. > > Firstly I installed openvpn on a VPS, then install openvpn client on my > pc. The VPN works fine but unfortunately the connection is always reset > after 4 minutes. 4 minutes of use or 4 minutes of inactivity? A NAT router or firewall in the path might time out inactive connections. If that's the problem, the keepalive option might help. -- Les Mikesell les...@gm... ------------------------------------------------------------------------------ SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW http://p.sf.net/sfu/solaris-dev2dev _______________________________________________ Openvpn-users mailing list Ope...@li... https://lists.sourceforge.net/lists/listinfo/openvpn-users -- Once a Saint, always a Saint |
|
From: Daniel Z. <dan...@gm...> - 2010-02-17 16:35:17
|
Hi Yegle, I tried UDP as per your suggestion. It works for about 2 minutes then I got "...backtrack occur [1]" error. From the 4th minutes got "inactivity timeout ping-restart restarting" and the connection broken. BTW I added keepalive option in openvpn.conf on server. In Windows Firewall settings->Advance I unchecked this connection. Hi Jan, I found in my Country there are quite a few expats are using WiTopia which is also based on OpenVPN. So it should works. Leonard, I will consider your suggestion if I am not able to get this done. On Wed, Feb 17, 2010 at 11:09 PM, Leonard Parker <lo...@ho...>wrote: > If all you're looking to do is view websites with country restrictions on > them, or restricted by country I would suggest setting up OpenSSH and using > a SOCKS5 Proxy. That way you have a fully encrypted lightweight end to end > channel for just the programs you need. (Web/AIM/MSN/Skype) as you see need > for. > > If you're trying to duck a government firewall you may find this works > better as it may have scripts set to be suspicious of any connection that is > obviously tunneling all traffic. > > I haven't failed! I've only found 10,000 ways that don't work. > > > > ------------------------------ > Date: Wed, 17 Feb 2010 09:37:22 +0800 > From: dan...@gm... > > To: ope...@li... > Subject: Re: [Openvpn-users] OpenVPN connection reset after 4 minutes > > > Thank you all. > > Hi Dylan, I am very sure I am not connect to server on multiple PCs. The > problem happened when I configured my home pc two weeks ago. Now I travelled > 1000Km and try to configure on my parent's PC. > > Hi Eero, the VPS is on ramhost.us and I bought Nano plan<http://www.ramhost.us/?page=virtual-dedicated-server>- Guaranteed RAM 80M, Burstable 128M, Disk 2G. Is it suitable for a OpenVPN > server? > > Hi Les, it is 4 minutes of use. Once the connection established I kept > trying to access some government banned websites and it really worked for a > while. :) > > > On Wed, Feb 17, 2010 at 12:06 AM, Les Mikesell <les...@gm...>wrote: > > On 2/16/2010 9:36 AM, Daniel Zhou wrote: > > > > I am working my personal OpenVPN setup. > > > > Firstly I installed openvpn on a VPS, then install openvpn client on my > > pc. The VPN works fine but unfortunately the connection is always reset > > after 4 minutes. > > 4 minutes of use or 4 minutes of inactivity? A NAT router or firewall > in the path might time out inactive connections. If that's the problem, > the keepalive option might help. > > -- > Les Mikesell > les...@gm... > > > ------------------------------------------------------------------------------ > SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, > Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW > http://p.sf.net/sfu/solaris-dev2dev > _______________________________________________ > Openvpn-users mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/openvpn-users > > > > > -- > Once a Saint, always a Saint > -- Once a Saint, always a Saint |
|
From: yegle <cn...@gm...> - 2010-02-17 16:54:09
|
The "Replay-window backtrack occurred" is just a warning and can be suppressed. Add verb 5 in your client configure to see what's your client doing when inactivity timeout occurred. As I know, some ISP in China uses Ruijie's or Huawei's user management system, which causes some similar problems you are facing :-) On Thu, Feb 18, 2010 at 12:35 AM, Daniel Zhou <dan...@gm...>wrote: > Hi Yegle, > > I tried UDP as per your suggestion. It works for about 2 minutes then I got > "...backtrack occur [1]" error. From the 4th minutes got "inactivity timeout > ping-restart restarting" and the connection broken. > > BTW I added keepalive option in openvpn.conf on server. In Windows Firewall > settings->Advance I unchecked this connection. > > Hi Jan, I found in my Country there are quite a few expats are using > WiTopia which is also based on OpenVPN. So it should works. > > Leonard, I will consider your suggestion if I am not able to get this done. > > > On Wed, Feb 17, 2010 at 11:09 PM, Leonard Parker <lo...@ho...>wrote: > >> If all you're looking to do is view websites with country restrictions on >> them, or restricted by country I would suggest setting up OpenSSH and using >> a SOCKS5 Proxy. That way you have a fully encrypted lightweight end to end >> channel for just the programs you need. (Web/AIM/MSN/Skype) as you see need >> for. >> >> If you're trying to duck a government firewall you may find this works >> better as it may have scripts set to be suspicious of any connection that is >> obviously tunneling all traffic. >> >> I haven't failed! I've only found 10,000 ways that don't work. >> >> >> >> ------------------------------ >> Date: Wed, 17 Feb 2010 09:37:22 +0800 >> From: dan...@gm... >> >> To: ope...@li... >> Subject: Re: [Openvpn-users] OpenVPN connection reset after 4 minutes >> >> >> Thank you all. >> >> Hi Dylan, I am very sure I am not connect to server on multiple PCs. The >> problem happened when I configured my home pc two weeks ago. Now I travelled >> 1000Km and try to configure on my parent's PC. >> >> Hi Eero, the VPS is on ramhost.us and I bought Nano plan<http://www.ramhost.us/?page=virtual-dedicated-server>- Guaranteed RAM 80M, Burstable 128M, Disk 2G. Is it suitable for a OpenVPN >> server? >> >> Hi Les, it is 4 minutes of use. Once the connection established I kept >> trying to access some government banned websites and it really worked for a >> while. :) >> >> >> On Wed, Feb 17, 2010 at 12:06 AM, Les Mikesell <les...@gm...>wrote: >> >> On 2/16/2010 9:36 AM, Daniel Zhou wrote: >> > >> > I am working my personal OpenVPN setup. >> > >> > Firstly I installed openvpn on a VPS, then install openvpn client on my >> > pc. The VPN works fine but unfortunately the connection is always reset >> > after 4 minutes. >> >> 4 minutes of use or 4 minutes of inactivity? A NAT router or firewall >> in the path might time out inactive connections. If that's the problem, >> the keepalive option might help. >> >> -- >> Les Mikesell >> les...@gm... >> >> >> ------------------------------------------------------------------------------ >> SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, >> Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW >> http://p.sf.net/sfu/solaris-dev2dev >> _______________________________________________ >> Openvpn-users mailing list >> Ope...@li... >> https://lists.sourceforge.net/lists/listinfo/openvpn-users >> >> >> >> >> -- >> Once a Saint, always a Saint >> > > > > -- > Once a Saint, always a Saint > > > ------------------------------------------------------------------------------ > SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, > Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW > http://p.sf.net/sfu/solaris-dev2dev > _______________________________________________ > Openvpn-users mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/openvpn-users > > |
|
From: Daniel Z. <dan...@gm...> - 2010-02-18 08:38:31
|
After adding verb 5, it works... :) I will try to figure out the reason. Thank you all. Here is another question: I setup my own VPN because I would like to share it with my family and friends (up to 5 PCs). Just want to know which is better, creating 5 cert/key pairs or using duplicate-cn option? Thanks. On Thu, Feb 18, 2010 at 12:53 AM, yegle <cn...@gm...> wrote: > The "Replay-window backtrack occurred" is just a warning and can be > suppressed. > > Add verb 5 in your client configure to see what's your client doing when > inactivity timeout occurred. > > As I know, some ISP in China uses Ruijie's or Huawei's user management > system, which causes some similar problems you are facing :-) > > > On Thu, Feb 18, 2010 at 12:35 AM, Daniel Zhou <dan...@gm...>wrote: > >> Hi Yegle, >> >> I tried UDP as per your suggestion. It works for about 2 minutes then I >> got "...backtrack occur [1]" error. From the 4th minutes got "inactivity >> timeout ping-restart restarting" and the connection broken. >> >> BTW I added keepalive option in openvpn.conf on server. In Windows >> Firewall settings->Advance I unchecked this connection. >> >> Hi Jan, I found in my Country there are quite a few expats are using >> WiTopia which is also based on OpenVPN. So it should works. >> >> Leonard, I will consider your suggestion if I am not able to get this >> done. >> >> On Wed, Feb 17, 2010 at 11:09 PM, Leonard Parker <lo...@ho...>wrote: >> >>> If all you're looking to do is view websites with country restrictions >>> on them, or restricted by country I would suggest setting up OpenSSH and >>> using a SOCKS5 Proxy. That way you have a fully encrypted lightweight end to >>> end channel for just the programs you need. (Web/AIM/MSN/Skype) as you see >>> need for. >>> >>> If you're trying to duck a government firewall you may find this works >>> better as it may have scripts set to be suspicious of any connection that is >>> obviously tunneling all traffic. >>> >>> I haven't failed! I've only found 10,000 ways that don't work. >>> >>> >>> >>> ------------------------------ >>> Date: Wed, 17 Feb 2010 09:37:22 +0800 >>> From: dan...@gm... >>> >>> To: ope...@li... >>> Subject: Re: [Openvpn-users] OpenVPN connection reset after 4 minutes >>> >>> >>> Thank you all. >>> >>> Hi Dylan, I am very sure I am not connect to server on multiple PCs. The >>> problem happened when I configured my home pc two weeks ago. Now I travelled >>> 1000Km and try to configure on my parent's PC. >>> >>> Hi Eero, the VPS is on ramhost.us and I bought Nano plan<http://www.ramhost.us/?page=virtual-dedicated-server>- Guaranteed RAM 80M, Burstable 128M, Disk 2G. Is it suitable for a OpenVPN >>> server? >>> >>> Hi Les, it is 4 minutes of use. Once the connection established I kept >>> trying to access some government banned websites and it really worked for a >>> while. :) >>> >>> >>> On Wed, Feb 17, 2010 at 12:06 AM, Les Mikesell <les...@gm...>wrote: >>> >>> On 2/16/2010 9:36 AM, Daniel Zhou wrote: >>> > >>> > I am working my personal OpenVPN setup. >>> > >>> > Firstly I installed openvpn on a VPS, then install openvpn client on my >>> > pc. The VPN works fine but unfortunately the connection is always reset >>> > after 4 minutes. >>> >>> 4 minutes of use or 4 minutes of inactivity? A NAT router or firewall >>> in the path might time out inactive connections. If that's the problem, >>> the keepalive option might help. >>> >>> -- >>> Les Mikesell >>> les...@gm... >>> >>> >>> ------------------------------------------------------------------------------ >>> SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, >>> Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW >>> http://p.sf.net/sfu/solaris-dev2dev >>> _______________________________________________ >>> Openvpn-users mailing list >>> Ope...@li... >>> https://lists.sourceforge.net/lists/listinfo/openvpn-users >>> >>> >>> >>> >>> -- >>> Once a Saint, always a Saint >>> >> >> >> >> -- >> Once a Saint, always a Saint >> >> >> ------------------------------------------------------------------------------ >> SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, >> Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW >> http://p.sf.net/sfu/solaris-dev2dev >> _______________________________________________ >> Openvpn-users mailing list >> Ope...@li... >> https://lists.sourceforge.net/lists/listinfo/openvpn-users >> >> > -- Once a Saint, always a Saint |
|
From: Jan J. K. <ja...@ni...> - 2010-02-18 08:53:46
|
Daniel Zhou wrote: > After adding verb 5, it works... :) I will try to figure out the reason. > with 'verb 5' it works ?!? are you sure nothing changed in the local network? What happens if you now switch between 'verb 3' and 'verb 5' ? If 'verb 5' keeps working for you then perhaps you're overloading your local internet connection.... > Here is another question: I setup my own VPN because I would like to > share it with my family and friends (up to 5 PCs). Just want to know > which is better, creating 5 cert/key pairs or using duplicate-cn > option? Thanks. I'd create 5 different certs so I could keep track of who does what ... cheers, JJK > > On Thu, Feb 18, 2010 at 12:53 AM, yegle <cn...@gm... > <mailto:cn...@gm...>> wrote: > > The "Replay-window backtrack occurred" is just a warning and can > be suppressed. > > Add verb 5 in your client configure to see what's your client > doing when inactivity timeout occurred. > > As I know, some ISP in China uses Ruijie's or Huawei's user > management system, which causes some similar problems you are > facing :-) > > > On Thu, Feb 18, 2010 at 12:35 AM, Daniel Zhou > <dan...@gm... <mailto:dan...@gm...>> wrote: > > Hi Yegle, > > I tried UDP as per your suggestion. It works for about 2 > minutes then I got "...backtrack occur [1]" error. From the > 4th minutes got "inactivity timeout ping-restart restarting" > and the connection broken. > > BTW I added keepalive option in openvpn.conf on server. In > Windows Firewall settings->Advance I unchecked this connection. > > Hi Jan, I found in my Country there are quite a few expats are > using WiTopia which is also based on OpenVPN. So it should works. > > Leonard, I will consider your suggestion if I am not able to > get this done. > > On Wed, Feb 17, 2010 at 11:09 PM, Leonard Parker > <lo...@ho... <mailto:lo...@ho...>> wrote: > > If all you're looking to do is view websites with country > restrictions on them, or restricted by country I would > suggest setting up OpenSSH and using a SOCKS5 Proxy. That > way you have a fully encrypted lightweight end to end > channel for just the programs you need. > (Web/AIM/MSN/Skype) as you see need for. > > If you're trying to duck a government firewall you may > find this works better as it may have scripts set to be > suspicious of any connection that is obviously tunneling > all traffic. > > I haven't failed! I've only found 10,000 ways that don't work. > > > > ------------------------------------------------------------------------ > Date: Wed, 17 Feb 2010 09:37:22 +0800 > From: dan...@gm... > <mailto:dan...@gm...> > > To: ope...@li... > <mailto:ope...@li...> > Subject: Re: [Openvpn-users] OpenVPN connection reset > after 4 minutes > > > Thank you all. > > Hi Dylan, I am very sure I am not connect to server on > multiple PCs. The problem happened when I configured my > home pc two weeks ago. Now I travelled 1000Km and try to > configure on my parent's PC. > > Hi Eero, the VPS is on ramhost.us <http://ramhost.us> and > I bought Nano plan > <http://www.ramhost.us/?page=virtual-dedicated-server> - > Guaranteed RAM 80M, Burstable 128M, Disk 2G. Is it > suitable for a OpenVPN server? > > Hi Les, it is 4 minutes of use. Once the connection > established I kept trying to access some government banned > websites and it really worked for a while. :) > > > On Wed, Feb 17, 2010 at 12:06 AM, Les Mikesell > <les...@gm... <mailto:les...@gm...>> wrote: > > On 2/16/2010 9:36 AM, Daniel Zhou wrote: > > > > I am working my personal OpenVPN setup. > > > > Firstly I installed openvpn on a VPS, then install > openvpn client on my > > pc. The VPN works fine but unfortunately the > connection is always reset > > after 4 minutes. > > 4 minutes of use or 4 minutes of inactivity? A NAT > router or firewall > in the path might time out inactive connections. If > that's the problem, > the keepalive option might help. > |
|
From: Stefan M. <mo...@ir...> - 2010-02-17 03:48:08
|
> Hi Eero, the VPS is on ramhost.us and I bought Nano > plan<http://www.ramhost.us/?page=virtual-dedicated-server>- Guaranteed > RAM 80M, Burstable 128M, Disk 2G. Is it suitable for a OpenVPN > server? I'd think so: I'm running my OpenVPN server on a 32MB machine (a Linksys wrtsl54gs). Stefan |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X