[FUG-BR] OpenVPN - TLS handshake failed
Rafael Busetti
omegatiger em gmail.com
Sexta Abril 6 16:11:13 BRT 2007
Perfeito amigo, vou lançar com verbose 3 do cliente e verbose 6 do
servidor ok? O engraçado é que as vezes eu consigo conectar, mas na
maioria das vezes não (90% das tentativas), nao achei uma lógica
quando ele conecta ...
No firewall do meu freebsd coloquei um allow all any to any ... aqui
em casa meu windows está com o firewall desativado ... enfim, se as
vezes ele conecta é porque isso não deve ser hehehe =P
Segue abaixo os logs!
CLIENTE
Fri Apr 06 16:12:10 2007 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built
on Oct 1 2006
Fri Apr 06 16:12:10 2007 LZO compression initialized
Fri Apr 06 16:12:10 2007 Control Channel MTU parms [ L:1544 D:140
EF:40 EB:0 ET:0 EL:0 ]
Fri Apr 06 16:12:11 2007 Data Channel MTU parms [ L:1544 D:1450 EF:44
EB:135 ET:0 EL:0 AF:3/1 ]
Fri Apr 06 16:12:11 2007 Local Options hash (VER=V4): '69109d17'
Fri Apr 06 16:12:11 2007 Expected Remote Options hash (VER=V4): 'c0103fa8'
Fri Apr 06 16:12:11 2007 Attempting to establish TCP connection with
200.163.171.49:1194
Fri Apr 06 16:12:11 2007 TCP connection established with 200.163.171.49:1194
Fri Apr 06 16:12:11 2007 TCPv4_CLIENT link local: [undef]
Fri Apr 06 16:12:11 2007 TCPv4_CLIENT link remote: 200.163.171.49:1194
Fri Apr 06 16:12:22 2007 TLS: Initial packet from 200.163.171.49:1194,
sid=fa249f16 91721e97
Fri Apr 06 16:13:12 2007 TLS Error: TLS key negotiation failed to
occur within 60 seconds (check your network connectivity)
Fri Apr 06 16:13:12 2007 TLS Error: TLS handshake failed
Fri Apr 06 16:13:12 2007 Fatal TLS error (check_tls_errors_co), restarting
Fri Apr 06 16:13:12 2007 TCP/UDP: Closing socket
Fri Apr 06 16:13:12 2007 SIGUSR1[soft,tls-error] received, process restarting
Fri Apr 06 16:13:12 2007 Restart pause, 5 second(s)
SERVIDOR
Apr 6 16:12:20 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER READ
[14] from 192.168.1.1:3336: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ]
pid=0 DATA len=0
Apr 6 16:12:20 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER
WRITE [22] to 192.168.1.1:3336: P_ACK_V1 kid=0 [ 0 ]
Apr 6 16:12:22 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER
WRITE [14] to 192.168.1.1:3336: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [
] pid=0 DATA len=0
Apr 6 16:12:24 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER READ
[14] from 192.168.1.1:3336: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ]
pid=0 DATA len=0
Apr 6 16:12:24 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER
WRITE [26] to 192.168.1.1:3336: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [
0 ] pid=0 DATA len=0
Apr 6 16:12:26 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER
WRITE [14] to 192.168.1.1:3336: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [
] pid=0 DATA len=0
Apr 6 16:12:27 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER READ
[14] from 192.168.1.1:3336: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ]
pid=0 DATA len=0
Apr 6 16:12:27 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER
WRITE [22] to 192.168.1.1:3336: P_ACK_V1 kid=0 [ 0 ]
Apr 6 16:12:27 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER READ
[14] from 192.168.1.1:3336: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ]
pid=0 DATA len=0
Apr 6 16:12:27 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER
WRITE [22] to 192.168.1.1:3336: P_ACK_V1 kid=0 [ 0 ]
Apr 6 16:12:27 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER READ
[26] from 192.168.1.1:3336: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ 0 ]
pid=0 DATA len=0
Apr 6 16:12:27 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER
WRITE [22] to 192.168.1.1:3336: P_ACK_V1 kid=0 [ 0 ]
Apr 6 16:12:27 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER READ
[22] from 192.168.1.1:3336: P_ACK_V1 kid=0 [ 0 ]
Apr 6 16:12:27 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER READ
[102] from 192.168.1.1:3336: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=88
Apr 6 16:12:27 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER
WRITE [126] to 192.168.1.1:3336: P_CONTROL_V1 kid=0 [ 1 ] pid=1 DATA
len=100
Apr 6 16:12:27 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER
WRITE [114] to 192.168.1.1:3336: P_CONTROL_V1 kid=0 [ ] pid=2 DATA
len=100
Apr 6 16:12:27 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER
WRITE [114] to 192.168.1.1:3336: P_CONTROL_V1 kid=0 [ ] pid=3 DATA
len=100
Apr 6 16:12:27 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER
WRITE [114] to 192.168.1.1:3336: P_CONTROL_V1 kid=0 [ ] pid=4 DATA
len=100
Apr 6 16:12:29 hell openvpn[1730]: 192.168.1.1:3336 TCPv4_SERVER READ
[22] from 192.168.1.1:3336: P_ACK_V1 kid=0 [ 0 ]
Apr 6 16:12:29 hell openvpn[1730]: 192.168.1.1:3336 NOTE: --mute triggered...
Apr 6 16:13:15 hell openvpn[1730]: 192.168.1.1:3336 117 variation(s)
on previous 20 message(s) suppressed by --mute
Apr 6 16:13:15 hell openvpn[1730]: 192.168.1.1:3336 TLS Error: TLS
key negotiation failed to occur within 60 seconds (check your network
connectivity)
Apr 6 16:13:15 hell openvpn[1730]: 192.168.1.1:3336 TLS Error: TLS
handshake failed
Apr 6 16:13:15 hell openvpn[1730]: 192.168.1.1:3336 Fatal TLS error
(check_tls_errors_co), restarting
Apr 6 16:13:15 hell openvpn[1730]: 192.168.1.1:3336
SIGUSR1[soft,tls-error] received, client-instance restarting
Apr 6 16:13:15 hell openvpn[1730]: TCP/UDP: Closing socket
Em 06/04/07, Diego Aranha<iamscared em gmail.com> escreveu:
> Coloca mais verbosity, o motivo deve aprecer. :)
>
> --
> Diego Aranha
>
> On 4/6/07, Rafael Busetti <omegatiger em gmail.com> wrote:
> > Amigos,
> >
> > Estou tentando de tudo e não consigo solucionar o problema ... conecta
> > quando ele quer
> >
> > Fri Apr 06 14:23:36 2007 TLS: Initial packet from 200.163.171.49:1194,
> > sid=dde09369 5e46f044
> > Fri Apr 06 14:24:36 2007 TLS Error: TLS key negotiation failed to
> > occur within 60 seconds (check your network connectivity)
> > Fri Apr 06 14:24:36 2007 TLS Error: TLS handshake failed
> > Fri Apr 06 14:24:36 2007 Fatal TLS error (check_tls_errors_co), restarting
> > Fri Apr 06 14:24:36 2007 TCP/UDP: Closing socket
> >
> > Alguém sabe o que pode ser?
> > -------------------------
> > Histórico: http://www.fug.com.br/historico/html/freebsd/
> > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> >
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
Mais detalhes sobre a lista de discussão freebsd