Strange log. Does this user lost his key?
-
Hi!
i have an pfSense box v1.2.3 running with openvpn and created for each user a key so that they can access the office.
However yesterday i had this stragne things in the log.Mar 28 21:56:10 openvpn[36567]: IP1:3586 [clientTD] Peer Connection Initiated with IP1:3586
Mar 28 21:57:08 openvpn[36567]: IP2:3870 Re-using SSL/TLS context
Mar 28 21:57:08 openvpn[36567]: IP2:3870 LZO compression initialized
Mar 28 21:57:12 openvpn[36567]: IP2:3870 [clientTD] Peer Connection Initiated with IP2:3870
Mar 28 21:58:14 openvpn[36567]: IP1:2127 Re-using SSL/TLS context
Mar 28 21:58:14 openvpn[36567]: IP1:2127 LZO compression initialized
Mar 28 21:58:17 openvpn[36567]: IP1:2127 [clientTD] Peer Connection Initiated with IP1:2127
Mar 28 21:59:20 openvpn[36567]: IP2:3949 Re-using SSL/TLS context
Mar 28 21:59:20 openvpn[36567]: IP2:3949 LZO compression initialized
Mar 28 21:59:22 openvpn[36567]: IP2:3949 [clientTD] Peer Connection Initiated with IP2:3949The user with IP1 is the origin owner of the certificate. For the IP2 we have no user who is at that ISP
Its just a short part of the log, was runnin for an hours with the change of the IP. Do i see it right that someone stole the secret key from the clientTD user?Or are there any other explanations for that behaviour?
Thanks