OpenVPN constantly dropping

Madison Kelly linux-5ZoueyuiTZhBDgjK7y7TUQ at public.gmane.org
Thu Jun 11 00:55:49 UTC 2009 

Madison Kelly wrote:
> teddymills wrote:
>> enable the openvpn log option and choose the "verb"osity
>>
>> (not sure if enabling from the server side or client side
>> would be more informative)
> 
> Thanks. I enabled a verbosity of 6 and set a specific log file using:
> 
> # Set log file verbosity.
> verb 6
> log-append  openvpn.log
> 
> I restarted OpenVPN, started tailing the log file and, in another 
> window, started a ping to one of my servers. I got all of 143 pings in 
> before the connection dropped again. On the client side, this was the 
> last couple of good pings followed by the first couple of failed pings.
> 
>  From what I can gather, the client kept sending out the pings, but 
> before long the server decided it was all offended and wouldn't talk to 
> me any more. What I don't get is just what I said to make the server mad 
> at me... :)
> 
> Wed Jun 10 20:35:12 2009 us=678191 UDPv4 WRITE [125] to 
> 192.139.81.32:1194: P_DATA_V1 kid=0 DATA len=124
> Wed Jun 10 20:35:12 2009 us=723822 UDPv4 READ [125] from 
> 192.139.81.32:1194: P_DATA_V1 kid=0 DATA len=124
> Wed Jun 10 20:35:12 2009 us=723866 TUN WRITE [84]
> Wed Jun 10 20:35:13 2009 us=680002 TUN READ [84]
> Wed Jun 10 20:35:13 2009 us=680099 UDPv4 WRITE [125] to 
> 192.139.81.32:1194: P_DATA_V1 kid=0 DATA len=124
> Wed Jun 10 20:35:13 2009 us=725470 UDPv4 READ [125] from 
> 192.139.81.32:1194: P_DATA_V1 kid=0 DATA len=124
> Wed Jun 10 20:35:13 2009 us=725518 TUN WRITE [84]
> Wed Jun 10 20:35:14 2009 us=681662 TUN READ [84]
> Wed Jun 10 20:35:14 2009 us=681761 UDPv4 WRITE [125] to 
> 192.139.81.32:1194: P_DATA_V1 kid=0 DATA len=124
> Wed Jun 10 20:35:15 2009 us=690280 TUN READ [84]
> Wed Jun 10 20:35:15 2009 us=690346 UDPv4 WRITE [125] to 
> 192.139.81.32:1194: P_DATA_V1 kid=0 DATA len=124
> Wed Jun 10 20:35:16 2009 us=698292 TUN READ [84]
> 
> Madi
> -- 
> The Toronto Linux Users Group.      Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
> 

Got it!

I setup a second computer using the same certificate... Doh!

 From the server:

Wed Jun 10 20:48:17 2009 us=678900 111.222.33.44:46008 [madison] Peer 
Connection Initiated with 111.222.33.44:46008
Wed Jun 10 20:48:17 2009 us=679183 MULTI: new connection by client 
'madison' will cause previous active sessions by this client to be 
dropped.  Remember to use the --duplicate-cn option if you want multiple 
clients using the same certificate or username to concurrently connect.

Grah! :P

Madi
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists

More information about the Legacy mailing list