OpenVPN connecting error! Process restart
-
Hi Everyone!
Fingers are crossed as i have worked on this issue from few days but no success yet. I have configured VPN at my VPS following this tutorial: http://servertutz.wordpress.com/2011/08/14/installing-openvpn-on-centos/
Here is my server.conf settings:
local 192.***.**.*** #- IP address hidden at forum port 9911 #- change the port you want proto tcp #- protocol can be tcp or udp dev tun tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt cert /etc/openvpn/easy-rsa/2.0/keys/server.crt key /etc/openvpn/easy-rsa/2.0/keys/server.key dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login client-cert-not-required username-as-common-name server 1.2.4.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1" push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 4.2.2.1" #keepalive 5 30 comp-lzo persist-key persist-tun status server-tcp.log verb 3
I configured it to work on Pfsense. I have 2.0.3-RELEASE (amd64) FreeBSD 8.1-RELEASE-p13 installed. Here is the configuration at my Pfsense:
and here is the log error i get:
Jan 10 13:14:10 openvpn[55177]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Jan 10 13:14:10 openvpn[55177]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Jan 10 13:14:10 openvpn[55177]: Re-using SSL/TLS context Jan 10 13:14:10 openvpn[55177]: LZO compression initialized Jan 10 13:14:10 openvpn[55177]: Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ] Jan 10 13:14:10 openvpn[55177]: Socket Buffers: R=[65228->65536] S=[65228->65536] Jan 10 13:14:10 openvpn[55177]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ] Jan 10 13:14:10 openvpn[55177]: Local Options hash (VER=V4): 'bc07730e' Jan 10 13:14:10 openvpn[55177]: Expected Remote Options hash (VER=V4): 'b695cb4a' Jan 10 13:14:10 openvpn[55177]: Attempting to establish TCP connection with 192.174.27.227:9911 [nonblock] Jan 10 13:14:11 openvpn[55177]: TCP connection established with 192.174.27.227:9911 Jan 10 13:14:11 openvpn[55177]: TCPv4_CLIENT link local (bound): 192.168.40.2 Jan 10 13:14:11 openvpn[55177]: TCPv4_CLIENT link remote: 192.174.27.227:9911 Jan 10 13:14:12 openvpn[55177]: TLS: Initial packet from 192.174.27.227:9911, sid=8850ea05 a04dce17 Jan 10 13:14:17 openvpn[55177]: VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Aftab/emailAddress=me@myhost.mydomain Jan 10 13:14:17 openvpn[55177]: VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Aftab/emailAddress=me@myhost.mydomain Jan 10 13:14:21 openvpn[55177]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1560', remote='link-mtu 1576' Jan 10 13:14:21 openvpn[55177]: WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532' Jan 10 13:14:21 openvpn[55177]: WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC' Jan 10 13:14:21 openvpn[55177]: Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key Jan 10 13:14:21 openvpn[55177]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Jan 10 13:14:21 openvpn[55177]: Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key Jan 10 13:14:21 openvpn[55177]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Jan 10 13:14:21 openvpn[55177]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Jan 10 13:14:21 openvpn[55177]: [Aftab] Peer Connection Initiated with 192.174.27.227:9911 Jan 10 13:14:21 openvpn[55177]: Connection reset, restarting [0] Jan 10 13:14:21 openvpn[55177]: TCP/UDP: Closing socket Jan 10 13:14:21 openvpn[55177]: SIGUSR1[soft,connection-reset] received, process restarting Jan 10 13:14:21 openvpn[55177]: Restart pause, 5 second(s
So what to do? Is there anyway to solve it? I have setup some other free vpn providers VPN and they are workig,,,, so please help me!
-
Okay I solved it. Don't know how exactly! but let me tell if someone like me having issue with this.
What I have done:=>
1. In sever conf file, i have changed TCP into uDP and port into 2500. looks probably it was because port before was blocked or something like that.
But now another problem,, I cant browse anything from that VPN? Is this problem from Server-side or client-side pfsense?