Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN daemon shutdown

    Scheduled Pinned Locked Moved
    OpenVPN
    2
    3
    989
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      FreeYourMind
      last edited by

      Hi,

      i am trying to establish a vpn connection between a client computer and my openvpn server (running on pfsense 2.1.5)
      After i connect successfully with the OpenVPN GUI, the openvpn daemon exits and the connection times out soon after.

      I tired to debug it on my own but there is nothing suspicious in the openvpn.log, all i have is the following line from the systemlog:

      kernel: pid 15606 (openvpn), uid 0: exited on signal 11 (core dumped)

      I tried to search a little bit through the forum before asking here again and i  thought maybe disabling the gateway monitoring would help as someone who had the same issues suggested that a while ago but apparently this has already been fixed.

      Do you have any idea where i can start to solve the problem?

      1 Reply Last reply Reply Quote 0
      • F
        FreeYourMind
        last edited by

        update:

        I tried a few things on my own and it seems i found the reason for the immediate shutdown of the openvpn daemon.
        As soon as i switch the encryption algorithm from AES-256-CBC-HMAC-SHA1 (256Bit)   to AES-256-CBC (256 Bit) everything works fine.
        If i switch back to AES-256-CBC-HMAC-SHA1 (256Bit), the problem occurs again .

        Do you have any idea why that happens, because afaik AES-256-CBC-HMAC-SHA1 (256Bit) offers the best encryption in terms of safety so i am just curious why i can`t use it.

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          That would be between OpenVPN and OpenSSL, not something we've done. The box prints the list of ciphers from OpenVPN and if it can't use one it states, it must be something between there and OpenSSL. You might post that same question to an OpenVPN board, see if anyone else has tried it.

          Or test it on a 2.2 snapshot.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post