It is currently 20.11.2017 03:51


All times are UTC




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: TSL handshake failed
PostPosted: 07.05.2014 14:46 
DES
DES

Joined: 07.05.2014 14:29
Posts: 1
Hallo zusammen,

ich habe bereits einige Foren und auch Beiträge durchstöbert, bin aber bei allem was ich bisher gefunden habe auf keine Lösung für mein Problem gestoßen.

Zum Problem:
Ich versuche eine VPN Verbindung zu meinem Server auf zu bauen welcher hinter einer Fritzbox steht.
Diese ist an einen Dynamischen DNS Dienst gekoppelt und auch der Port wird an den Server weitergeleitet.
Auf dem Server ist Ubuntu Server 13.10 installiert und auf dem Client Ubuntu 13.10.

Meine Server Konfiguaration:
Code:
port 54xxx
proto udp
dev tun
ca /etc/openvpn/easy-rsa2/keys/ca.crt
cert /etc/openvpn/easy-rsa2/keys/server.crt
key /etc/openvpn/easy-rsa2/keys/server.key
dh /etc/openvpn/easy-rsa2/keys/dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
comp-lzo
persist-key
persist-tun
status openvpn-status.log
log         openvpn.log
log-append  openvpn.log
verb 5



Meine Client Konfiguration:
Code:
client

dev tun
proto udp
remote www.xxx.de 54xxx
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert firstclient.crt
key firstclient.key
ns-cert-type server
comp-lzo
verb 5



Wenn ich Versuche die Verbindung auf zu bauen gibt der Server mir folgende Logs:
Code:
Wed May  7 14:47:26 2014 us=952950 MULTI: multi_create_instance called
Wed May  7 14:47:26 2014 us=952998 212.117.65.50:38771 Re-using SSL/TLS context
Wed May  7 14:47:26 2014 us=953021 212.117.65.50:38771 LZO compression initialized
Wed May  7 14:47:26 2014 us=953142 212.117.65.50:38771 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed May  7 14:47:26 2014 us=953150 212.117.65.50:38771 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed May  7 14:47:26 2014 us=953186 212.117.65.50:38771 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Wed May  7 14:47:26 2014 us=953196 212.117.65.50:38771 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Wed May  7 14:47:26 2014 us=953211 212.117.65.50:38771 Local Options hash (VER=V4): '530fdded'
Wed May  7 14:47:26 2014 us=953221 212.117.65.50:38771 Expected Remote Options hash (VER=V4): '41690919'
RWed May  7 14:47:26 2014 us=953248 212.117.65.50:38771 TLS: Initial packet from [AF_INET]212.117.65.50:38771, sid=c7bbe516 8247bdce
WRWWRWWRWWRWWed May  7 14:48:26 2014 us=120528 212.117.65.50:38771 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed May  7 14:48:26 2014 us=120557 212.117.65.50:38771 TLS Error: TLS handshake failed
Wed May  7 14:48:26 2014 us=120623 212.117.65.50:38771 SIGUSR1[soft,tls-error] received, client-instance restarting
Wed May  7 14:48:28 2014 us=337000 MULTI: multi_create_instance called
Wed May  7 14:48:28 2014 us=337029 212.117.65.50:54094 Re-using SSL/TLS context
Wed May  7 14:48:28 2014 us=337044 212.117.65.50:54094 LZO compression initialized
Wed May  7 14:48:28 2014 us=337085 212.117.65.50:54094 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed May  7 14:48:28 2014 us=337093 212.117.65.50:54094 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed May  7 14:48:28 2014 us=337115 212.117.65.50:54094 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Wed May  7 14:48:28 2014 us=337120 212.117.65.50:54094 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Wed May  7 14:48:28 2014 us=337130 212.117.65.50:54094 Local Options hash (VER=V4): '530fdded'
Wed May  7 14:48:28 2014 us=337138 212.117.65.50:54094 Expected Remote Options hash (VER=V4): '41690919'
RWed May  7 14:48:28 2014 us=337153 212.117.65.50:54094 TLS: Initial packet from [AF_INET]212.117.65.50:54094, sid=90131d2c 9db0cd2e
WRWRWWWWed May  7 14:49:28 2014 us=982419 212.117.65.50:54094 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed May  7 14:49:28 2014 us=982440 212.117.65.50:54094 TLS Error: TLS handshake failed
Wed May  7 14:49:28 2014 us=982479 212.117.65.50:54094 SIGUSR1[soft,tls-error] received, client-instance restarting



Während der Client folgendes in die Logs schreibt:
Code:
Wed May  7 14:47:26 2014 us=952799 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Jul 12 2013
Wed May  7 14:47:26 2014 us=953281 WARNING: file 'firstclient.key' is group or others accessible
Wed May  7 14:47:26 2014 us=953412 LZO compression initialized
Wed May  7 14:47:26 2014 us=953467 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed May  7 14:47:26 2014 us=953495 Socket Buffers: R=[212992->131072] S=[212992->131072]
Wed May  7 14:47:26 2014 us=996190 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed May  7 14:47:26 2014 us=996269 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Wed May  7 14:47:26 2014 us=996285 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Wed May  7 14:47:26 2014 us=996323 Local Options hash (VER=V4): '41690919'
Wed May  7 14:47:26 2014 us=996346 Expected Remote Options hash (VER=V4): '530fdded'
Wed May  7 14:47:26 2014 us=996368 UDPv4 link local: [undef]
Wed May  7 14:47:26 2014 us=996386 UDPv4 link remote: [AF_INET]195.14.206.202:54094
WWWWWWed May  7 14:48:26 2014 us=350127 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed May  7 14:48:26 2014 us=350158 TLS Error: TLS handshake failed
Wed May  7 14:48:26 2014 us=350254 TCP/UDP: Closing socket
Wed May  7 14:48:26 2014 us=350295 SIGUSR1[soft,tls-error] received, process restarting
Wed May  7 14:48:26 2014 us=350306 Restart pause, 2 second(s)
Wed May  7 14:48:28 2014 us=350446 Re-using SSL/TLS context
Wed May  7 14:48:28 2014 us=350524 LZO compression initialized
Wed May  7 14:48:28 2014 us=350569 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed May  7 14:48:28 2014 us=350599 Socket Buffers: R=[212992->131072] S=[212992->131072]
Wed May  7 14:48:28 2014 us=380718 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed May  7 14:48:28 2014 us=380795 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Wed May  7 14:48:28 2014 us=380811 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Wed May  7 14:48:28 2014 us=380844 Local Options hash (VER=V4): '41690919'
Wed May  7 14:48:28 2014 us=380866 Expected Remote Options hash (VER=V4): '530fdded'
Wed May  7 14:48:28 2014 us=380884 UDPv4 link local: [undef]
Wed May  7 14:48:28 2014 us=380901 UDPv4 link remote: [AF_INET]195.14.206.202:54094
WWW^CWed May  7 14:48:37 2014 us=810037 event_wait : Interrupted system call (code=4)
Wed May  7 14:48:37 2014 us=810239 TCP/UDP: Closing socket
Wed May  7 14:48:37 2014 us=810292 SIGINT[hard,] received, process exiting


für mich sieht es danach aus als ob der Client keine Verbindung zum Server bekommt, allerdings funktioniert die Portweiterleitung, da wenn ich dort ssh horchen lasse ich dort auch connecten kann.

Habt ihr vllt. noch eine Idee?


Vielen Dank schon mal im Vorraus.

Mit freundlichen Grüßen,
craziicore


Top
Offline Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ]  Moderator: Moderators

All times are UTC


Who is online

Users browsing this forum: Bing [Bot], Google [Bot] and 9 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Theme created StylerBB.net