Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Strange log. Does this user lost his key?

    OpenVPN
    1
    1
    1357
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      chill last edited by

      Hi!

      i have an pfSense box v1.2.3 running with openvpn and created for each user a key so that they can access the office.
      However yesterday i had this stragne things in the log.

      Mar 28 21:56:10        openvpn[36567]: IP1:3586 [clientTD] Peer Connection Initiated with IP1:3586
      Mar 28 21:57:08        openvpn[36567]: IP2:3870 Re-using SSL/TLS context
      Mar 28 21:57:08        openvpn[36567]: IP2:3870 LZO compression initialized
      Mar 28 21:57:12        openvpn[36567]: IP2:3870 [clientTD] Peer Connection Initiated with IP2:3870
      Mar 28 21:58:14        openvpn[36567]: IP1:2127 Re-using SSL/TLS context
      Mar 28 21:58:14        openvpn[36567]: IP1:2127 LZO compression initialized
      Mar 28 21:58:17        openvpn[36567]: IP1:2127 [clientTD] Peer Connection Initiated with IP1:2127
      Mar 28 21:59:20        openvpn[36567]: IP2:3949 Re-using SSL/TLS context
      Mar 28 21:59:20        openvpn[36567]: IP2:3949 LZO compression initialized
      Mar 28 21:59:22        openvpn[36567]: IP2:3949 [clientTD] Peer Connection Initiated with IP2:3949

      The user with IP1 is the origin owner of the certificate. For the IP2 we have no user who is at that ISP
      Its just a short part of the log, was runnin for an hours with the change of the IP. Do i see it right that someone stole the secret key from the clientTD user?

      Or are there any other explanations for that behaviour?

      Thanks

      1 Reply Last reply Reply Quote 0
      • First post
        Last post