[svlug] OpenVPN
Skip Evans
skip at venomouspenguin.com
Sun Mar 18 16:48:47 PDT 2007
I should probably have set, the server machine is connected directly to
the Internet, there is no
firewall or other device that would need to pass data to 1194 on the server.
Skip Evans wrote:
> Hey all,
>
> I've just installed OpenVPN on a FreeBSD 6.1 machine
> at my office and my Xubuntu workstation here at home.
>
> I think I have all the settings correct in both
> server.conf and client.conf for the ca, cert, key
> and dh settings in the files (no dh in client, right?)
>
> And I started them up on both machines, but I get
> the following on the client, and am unable to ping
> 10.8.0.1, which is what the server is supposed to be at:
>
> WARNING: No server certificate verification method
> has been enabled. See
> http://openvpn.net/howto.html#mitm for more info.
>
> Also, as openvpn on the client remains running, it
> then periodically spits out the following:
>
> root at Xu-100:/etc/openvpn# Sun Mar 18 17:43:01 2007
> TLS Error: TLS key negotiation failed to occur
> within 60 seconds (check your network connectivity)
> Sun Mar 18 17:43:01 2007 TLS Error: TLS handshake failed
> Sun Mar 18 17:43:01 2007 TCP/UDP: Closing socket
> Sun Mar 18 17:43:01 2007 SIGUSR1[soft,tls-error]
> received, process restarting
> Sun Mar 18 17:43:01 2007 Restart pause, 2 second(s)
> Sun Mar 18 17:43:03 2007 IMPORTANT: OpenVPN's
> default port number is now 1194, based on an
> official port number assignment by IANA. OpenVPN
> 2.0-beta16 and earlier used 5000 as the default port.
> Sun Mar 18 17:43:03 2007 WARNING: No server
> certificate verification method has been enabled.
> See http://openvpn.net/howto.html#mitm for more info.
> Sun Mar 18 17:43:03 2007 Re-using SSL/TLS context
> Sun Mar 18 17:43:03 2007 LZO compression initialized
> Sun Mar 18 17:43:03 2007 Control Channel MTU parms [
> L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
> Sun Mar 18 17:43:04 2007 Data Channel MTU parms [
> L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
> Sun Mar 18 17:43:04 2007 Local Options hash
> (VER=V4): '41690919'
> Sun Mar 18 17:43:04 2007 Expected Remote Options
> hash (VER=V4): '530fdded'
> Sun Mar 18 17:43:04 2007 UDPv4 link local: [undef]
> Sun Mar 18 17:43:04 2007 UDPv4 link remote:
> 71.36.241.186:1194
>
> Can someone tell me what I should look at next? I'm
> brand new to OpenVPN and a bit stumped.
>
> Thanks,
> Skip
>
More information about the Svlug
mailing list