Also, we observed very rare situations when switching to tcp instead of udp
resolved similar issues (did not have a chance to dig deeper)
Can you try to switch to tcp?
4 сент. 2017 г. 19:40 пользователь "Stuart Dallas" <stu...@stut.net>
написал:
> Happy to provide the configs, but as noted the configuration works
> perfectly when the server is on another internet connection.
>
> Server:
>
> local 0.0.0.0
> port [redacted_port]
> proto udp
> dev cloudvpn
> dev-type tun
> ca cloud-ca.crt
> cert cloud-server.crt
> key cloud-server.key
> dh cloud-dh2048.pem
> topology subnet
> server 10.10.1.0 255.255.255.0
> ifconfig-pool-persist cloud-ipp.txt
> client-config-dir cloud-ccd
> keepalive 10 120
> tls-auth cloud-ta.key 0
> cipher AES-256-CBC
> user nobody
> group nobody
> persist-key
> persist-tun
> status cloud-openvpn-status.log
> status-version 3
> verb 3
> mute 20
>
> Client:
>
> client
> dev tun
> proto udp
> remote [redacted_ip] [redacted_port]
> resolv-retry infinite
> nobind
> user nobody
> group nobody
> persist-key
> persist-tun
> ca cloud-ca.crt
> cert cloud-client.crt
> key cloud-client.key
> remote-cert-tls server
> tls-auth cloud-ta.key 1
> cipher AES-256-CBC
> mute 20
>
> Thanks.
>
> -Stuart
>
> On 4 Sep 2017, 15:34 +0100, Илья Шипицин <chipits...@gmail.com>, wrote:
>
> Please, provide both server and client config.
>
> (We saw similar situation, when server was "comp-lzo yes" and client
> "comp-lzo no")
>
> 4 сент. 2017 г. 19:25 пользователь "Stuart Dallas" <stu...@stut.net>
> написал:
>
>> We’ve got a very odd issue happening at a new customer’s site.
>>
>>
>> The VPN is established quite happily at their site and unencrypted
>> traffic through that VPN works perfectly (HTTP requests).
>>
>>
>> However, encrypted traffic does not (HTTPS and SSH). SSH connections get
>> this far before appearing to hang:
>>
>>
>> <snip>
>>
>> debug1: Enabling compatibility mode for protocol 2.0
>>
>> debug1: Local version string SSH-2.0-OpenSSH_6.6.1
>>
>> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
>>
>> debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
>>
>> debug2: fd 3 setting O_NONBLOCK
>>
>> debug3: put_host_port: [10.10.1.1]:26513
>>
>> debug1: SSH2_MSG_KEXINIT sent
>>
>>
>> Thie eventually times out.
>>
>>
>> We moved the server to a standard broadband connection and everything
>> works, including HTTPS and SSH connections.
>>
>>
>> Is it possible there’s something on the path from their connection that’s
>> causing this? As far as I’m aware all traffic through the VPN will appear
>> as random bytes to anything it passes through, so I’m at a loss to explain
>> this.
>>
>>
>> Any help would be greatly appreciated.
>>
>>
>> Thanks.
>>
>>
>> -Stuart
>>
>>
>> ------------------------------------------------------------
>> ------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> Openvpn-users mailing list
>> Openvpn-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>>
>>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
