OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: sirio81 on April 16, 2018, 02:47:35 pm

Title: OpenVPN status connecting
Post by: sirio81 on April 16, 2018, 02:47:35 pm

Hi, I'm configuring a VPN peer to peer between OPNsense and Zeroshell.
On zeroshell side, everythin look ok:

Code: [Select]

14:37:50 TUN/TAP device VPN01 opened
14:37:50 Could not determine IPv4/IPv6 protocol. Using AF_INET
14:37:50 UDPv4 link local (bound): [AF_INET][undef]:1203
14:37:50 UDPv4 link remote: [AF_UNSPEC]
14:37:54 Peer Connection Initiated with [AF_INET]80.244.122.195:31378
14:37:54 Initialization Sequence Completed
14:37:55 Interface VPN01 is UP
but on OPNsense side, the status in waiting or connecting.
The logs shows that:

Code: [Select]

Apr 16 14:42:23 openvpn[92520]: Apr 16 14:42:23 openvpn[92520]: Inactivity timeout (--ping-restart), restarting
Apr 16 14:41:23 openvpn[92520]: UDP link remote: [AF_INET]ipServer:1203
Apr 16 14:41:23 openvpn[92520]: UDP link local (bound): [AF_INET]ipClient:0
Apr 16 14:41:23 openvpn[92520]: TCP/UDP: Preserving recently used remote address: [AF_INET]ipServer:1203
Apr 16 14:41:23 openvpn[92520]: /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkup ovpnc1 1500 1545 192.168.157.2 192.168.157.1 init
Apr 16 14:41:23 openvpn[92520]: /sbin/ifconfig ovpnc1 192.168.157.2 192.168.157.1 mtu 1500 netmask 255.255.255.255 up
Apr 16 14:41:23 openvpn[92520]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Apr 16 14:41:23 openvpn[92520]: TUN/TAP device /dev/tun1 opened
Apr 16 14:41:23 openvpn[92520]: TUN/TAP device ovpnc1 exists previously, keep at program end
And i continues trying connecting.

Later I noticed on zeroshell log:

Quote

14:40:13    Peer Connection Initiated with [AF_INET]clinetIP:13648
14:41:23    Peer Connection Initiated with [AF_INET]clinetIP:10586
14:42:28    Peer Connection Initiated with [AF_INET]clinetIP:61929
14:43:33    Peer Connection Initiated with [AF_INET]clinetIP:12170
14:44:38    Peer Connection Initiated with [AF_INET]clinetIP:35118
14:45:43    Peer Connection Initiated with [AF_INET]clinetIP:32586

Any idea?

Title: Re: OpenVPN status connecting
Post by: sirio81 on April 16, 2018, 02:51:50 pm

I alsto tryed to change protocol from udp to tcp and I get lot's of these messages on OPNsense side:

Code: [Select]

Apr 16 14:49:48 openvpn[62101]: Bad compression stub decompression header byte: 42
Apr 16 14:49:47 openvpn[62101]: Bad compression stub decompression header byte: 42
Apr 16 14:49:46 openvpn[62101]: Bad compression stub decompression header byte: 42
Apr 16 14:49:44 openvpn[62101]: Bad compression stub decompression header byte: 42
Apr 16 14:49:43 openvpn[62101]: Bad compression stub decompression header byte: 42

Zeroshell side (the server), the connection seems up

Code: [Select]

14:50:28 Initialization Sequence Completed
14:50:29 Interface VPN01 is UP

Title: Re: OpenVPN status connecting
Post by: bartjsmit on April 16, 2018, 10:42:05 pm

Do you have compression (push) enabled on either end?

Bart...