On Tue, Apr 04, 2006 at 08:38:18PM +0200, Jan Niehusmann wrote: > Openvpn fails to bring up the tunnel if the system time goes backwards > during negotiation. As this is a very unusual situation, it's probably > not critical to fix this, therefore the minor severity. [snip] > > The time shift was 2h to the past - perhaps openvpn would continue after > waiting 2h, I was not patient enough to wait as long ;-)
Hi Jan, If I recall correctly, time is an important factor in SSL. OpenVPN uses the timestamp to prevent replay attacks. Going back two hours in time is probably not a good idea in any SSL connection. You may want to try disabling the replay attacks protection with --no-replay. This is not a bug, but clearly a feature and I'll close this bug unless you hace something more to say about it. Thanks, Alberto -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico agi@(inittab.org|debian.org)| en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
