Hello list i have a problem using openvpn on a BUC 4.3.3 installed on a PC Engines ALIX (cpu geode); here some messages from daemon.log when I try to establish my openvpn connection:
Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6405]: OpenVPN 2.2.2 i386-pc-linux-gnu [SSL] [EPOLL] [eurephia] built on Dec 28 2012 Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6405]: NOTE: the current --script-security setting may allow this configuration to call user-defined script Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6405]: Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ] Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6405]: Socket Buffers: R=[112640->131072] S=[112640->131072] Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6405]: Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ] Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6406]: UDPv4 link local: [undef] Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6406]: UDPv4 link remote: 172.32.1.1:1194 Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6406]: TLS: Initial packet from 172.32.1.1:1194, sid=da260a78 02a799a2 Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6406]: *TLS_ERROR: BIO read tls_read_plaintext error: error:14092073:SSL routines:SSL3_GET_SERVER_HELLO:bad* Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6406]: *TLS Error: TLS object -> incoming plaintext read error* Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6406]: *TLS Error: TLS handshake failed* Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6406]: TCP/UDP: Closing socket Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6406]: SIGUSR1[soft,tls-error] received, process restarting Jan 24 09:41:01 fw-centraleadriatica ovpn-client[6406]: Restart pause, 2 second(s) My openvpn server is a OpenSuSE 11.2 with openvpn 2.1.0 and openssl 0.9.8; the same machine is an openvpn server for many Windows clients an a BUC 3.1 client with no problems (it is in production since early 2009) I have tried to search on google about the TSL BIO error and it seems to be an openssl bug: give a look here https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=538456 https://bugzilla.redhat.com/show_bug.cgi?id=537962 Someone have some suggestions? Or I must install an old BUC version? Upgrading the OpenSUSE 11.2 vpn concentrator is not an option :-( ! thanks Ciao Graziano ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnnow-d2d ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/