4. OpenVPN connecting error! Process restart

OpenVPN connecting error! Process restart

  • K

    Hi Everyone!

    Fingers are crossed as i have worked on this issue from few days but no success yet. I have configured VPN at my VPS following this tutorial: http://servertutz.wordpress.com/2011/08/14/installing-openvpn-on-centos/

    Here is my server.conf settings:

    local 192.***.**.*** #- IP address hidden at forum
port 9911 #- change the port you want
proto tcp #- protocol can be tcp or udp
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login
client-cert-not-required
username-as-common-name
server 1.2.4.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 4.2.2.1"
#keepalive 5 30
comp-lzo
persist-key
persist-tun
status server-tcp.log
verb 3

    I configured it to work on Pfsense. I have 2.0.3-RELEASE (amd64) FreeBSD 8.1-RELEASE-p13 installed. Here is the configuration at my Pfsense:

    and here is the log error i get:

    
Jan 10 13:14:10	openvpn[55177]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Jan 10 13:14:10	openvpn[55177]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jan 10 13:14:10	openvpn[55177]: Re-using SSL/TLS context
Jan 10 13:14:10	openvpn[55177]: LZO compression initialized
Jan 10 13:14:10	openvpn[55177]: Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Jan 10 13:14:10	openvpn[55177]: Socket Buffers: R=[65228->65536] S=[65228->65536]
Jan 10 13:14:10	openvpn[55177]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Jan 10 13:14:10	openvpn[55177]: Local Options hash (VER=V4): 'bc07730e'
Jan 10 13:14:10	openvpn[55177]: Expected Remote Options hash (VER=V4): 'b695cb4a'
Jan 10 13:14:10	openvpn[55177]: Attempting to establish TCP connection with 192.174.27.227:9911 [nonblock]
Jan 10 13:14:11	openvpn[55177]: TCP connection established with 192.174.27.227:9911
Jan 10 13:14:11	openvpn[55177]: TCPv4_CLIENT link local (bound): 192.168.40.2
Jan 10 13:14:11	openvpn[55177]: TCPv4_CLIENT link remote: 192.174.27.227:9911
Jan 10 13:14:12	openvpn[55177]: TLS: Initial packet from 192.174.27.227:9911, sid=8850ea05 a04dce17
Jan 10 13:14:17	openvpn[55177]: VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Aftab/emailAddress=me@myhost.mydomain
Jan 10 13:14:17	openvpn[55177]: VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Aftab/emailAddress=me@myhost.mydomain
Jan 10 13:14:21	openvpn[55177]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1560', remote='link-mtu 1576'
Jan 10 13:14:21	openvpn[55177]: WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532'
Jan 10 13:14:21	openvpn[55177]: WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
Jan 10 13:14:21	openvpn[55177]: Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jan 10 13:14:21	openvpn[55177]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 10 13:14:21	openvpn[55177]: Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Jan 10 13:14:21	openvpn[55177]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 10 13:14:21	openvpn[55177]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Jan 10 13:14:21	openvpn[55177]: [Aftab] Peer Connection Initiated with 192.174.27.227:9911
Jan 10 13:14:21	openvpn[55177]: Connection reset, restarting [0]
Jan 10 13:14:21	openvpn[55177]: TCP/UDP: Closing socket
Jan 10 13:14:21	openvpn[55177]: SIGUSR1[soft,connection-reset] received, process restarting
Jan 10 13:14:21	openvpn[55177]: Restart pause, 5 second(s

    So what to do? Is there anyway to solve it? I have setup some other free vpn providers VPN and they are workig,,,, so please help me!

    0
  • K

    Okay I solved it. Don't know how exactly! but let me tell if someone like me having issue with this.

    What I have done:=>

    1. In sever conf file, i have changed TCP into uDP and port into 2500. looks probably it was because port before was blocked or something like that.

    But now another problem,, I cant browse anything from that VPN? Is this problem from Server-side or client-side pfsense?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy