Endian VPN Jungfrau möchte auch tunneln lernen

    2017-08-01 02:08:17 MANAGEMENT: >STATE:1501546097,WAIT,,,,,,
    2017-08-01 02:08:17 New OpenVPN Status (WAIT->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): ,,,,,
    2017-08-01 02:08:17 New OpenVPN Status (WAIT->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): ,,,,,
    2017-08-01 02:08:20 TLS Error: Unroutable control packet received from [AF_INET]188.144.135.6:1194 (si=3 op=P_ACK_V1)
    2017-08-01 02:08:50 MANAGEMENT: >STATE:1501546130,AUTH,,,,,,
    2017-08-01 02:08:50 New OpenVPN Status (AUTH->LEVEL_CONNECTING_SERVER_REPLIED): ,,,,,
    2017-08-01 02:08:50 New OpenVPN Status (AUTH->LEVEL_CONNECTING_SERVER_REPLIED): ,,,,,
    2017-08-01 02:08:50 TLS: Initial packet from [AF_INET]188.144.135.6:1194, sid=b0ad5312 df599081
    2017-08-01 02:08:50 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    2017-08-01 02:08:53 VERIFY OK: depth=1, C=IT, O=efw, CN=efw CA
    2017-08-01 02:08:53 VERIFY X509NAME ERROR: C=DE, CN=vpntest, must be grenzwert.selfhost.eu
    2017-08-01 02:08:53 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
    2017-08-01 02:08:53 TLS_ERROR: BIO read tls_read_plaintext error
    2017-08-01 02:08:53 TLS Error: TLS object -> incoming plaintext read error
    2017-08-01 02:08:53 TLS Error: TLS handshake failed
    2017-08-01 02:08:53 New OpenVPN Status (RECONNECTING->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): tls-error,,,,,
    2017-08-01 02:08:53 New OpenVPN Status (RECONNECTING->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): tls-error,,,,,
    2017-08-01 02:08:53 TCP/UDP: Closing socket
    2017-08-01 02:08:53 SIGUSR1[soft,tls-error] received, process restarting
    2017-08-01 02:08:53 MANAGEMENT: >STATE:1501546133,RECONNECTING,tls-error,,,,,
    2017-08-01 02:08:53 New OpenVPN Status (CONNECTRETRY->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): 2
    2017-08-01 02:08:53 New OpenVPN Status (CONNECTRETRY->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): 2
    2017-08-01 02:08:53 Warte 2s Sekunden zwischen zwei Verbindungsversuchen
    2017-08-01 02:08:55 MANAGEMENT: CMD 'hold release'
    2017-08-01 02:08:55 MANAGEMENT: CMD 'proxy NONE'
    2017-08-01 02:08:55 MANAGEMENT: CMD 'bytecount 2'
    2017-08-01 02:08:55 MANAGEMENT: CMD 'state on'
    2017-08-01 02:08:56 LZO compression initializing
    2017-08-01 02:08:56 New OpenVPN Status (RESOLVE->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): ,,,,,
    2017-08-01 02:08:56 New OpenVPN Status (RESOLVE->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): ,,,,,
    2017-08-01 02:08:56 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
    2017-08-01 02:08:56 MANAGEMENT: >STATE:1501546136,RESOLVE,,,,,,
    2017-08-01 02:08:56 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
    2017-08-01
    02:08:56 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu
    1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize
    128,key-method 2,tls-client'
    2017-08-01 02:08:56 Expected Remote
    Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu
    1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method
    2,tls-server'
    2017-08-01 02:08:56 TCP/UDP: Preserving recently used remote address: [AF_INET]188.144.135.6:1194
    2017-08-01 02:08:56 Socket Buffers: R=[163840->163840] S=[163840->163840]
    2017-08-01 02:08:56 MANAGEMENT: CMD 'needok 'PROTECTFD' ok'
    2017-08-01 02:08:56 UDP link local (bound): [AF_INET][undef]:1194
    2017-08-01 02:08:56 UDP link remote: [AF_INET]188.144.135.6:1194
    2017-08-01 02:08:56 MANAGEMENT: >STATE:1501546136,WAIT,,,,,,
    2017-08-01 02:08:56 New OpenVPN Status (WAIT->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): ,,,,,
    2017-08-01 02:08:56 New OpenVPN Status (WAIT->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): ,,,,,
    2017-08-01 02:08:56 MANAGEMENT: >STATE:1501546136,AUTH,,,,,,
    2017-08-01 02:08:56 TLS: Initial packet from [AF_INET]188.144.135.6:1194, sid=b6f99a5f 41fd2167
    2017-08-01 02:08:56 New OpenVPN Status (AUTH->LEVEL_CONNECTING_SERVER_REPLIED): ,,,,,
    2017-08-01 02:08:56 New OpenVPN Status (AUTH->LEVEL_CONNECTING_SERVER_REPLIED): ,,,,,
    2017-08-01 02:08:56 VERIFY OK: depth=1, C=IT, O=efw, CN=efw CA
    2017-08-01 02:08:56 VERIFY X509NAME ERROR: C=DE, CN=vpntest, must be grenzwert.selfhost.eu
    2017-08-01 02:08:56 New OpenVPN Status (RECONNECTING->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): tls-error,,,,,
    2017-08-01 02:08:56 New OpenVPN Status (RECONNECTING->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): tls-error,,,,,
    2017-08-01 02:08:56 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
    2017-08-01 02:08:56 TLS_ERROR: BIO read tls_read_plaintext error
    2017-08-01 02:08:56 TLS Error: TLS object -> incoming plaintext read error
    2017-08-01 02:08:56 TLS Error: TLS handshake failed
    2017-08-01 02:08:56 TCP/UDP: Closing socket
    2017-08-01 02:08:56 SIGUSR1[soft,tls-error] received, process restarting
    2017-08-01 02:08:56 MANAGEMENT: >STATE:1501546136,RECONNECTING,tls-error,,,,,
    2017-08-01 02:08:56 New OpenVPN Status (CONNECTRETRY->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): 2
    2017-08-01 02:08:56 New OpenVPN Status (CONNECTRETRY->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): 2
    2017-08-01 02:08:56 Warte 2s Sekunden zwischen zwei Verbindungsversuchen
    2017-08-01 02:09:01 MANAGEMENT: CMD 'hold release'
    2017-08-01 02:09:01 MANAGEMENT: CMD 'proxy NONE'
    2017-08-01 02:09:01 MANAGEMENT: CMD 'bytecount 2'
    2017-08-01 02:09:01 MANAGEMENT: CMD 'state on'
    2017-08-01 02:09:02 LZO compression initializing
    2017-08-01 02:09:02 New OpenVPN Status (RESOLVE->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): ,,,,,
    2017-08-01 02:09:02 New OpenVPN Status (RESOLVE->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): ,,,,,
    2017-08-01 02:09:02 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
    2017-08-01 02:09:02 MANAGEMENT: >STATE:1501546142,RESOLVE,,,,,,
    2017-08-01 02:09:02 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
    2017-08-01
    02:09:02 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu
    1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize
    128,key-method 2,tls-client'
    2017-08-01 02:09:02 Expected Remote
    Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu
    1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method
    2,tls-server'
    2017-08-01 02:09:02 TCP/UDP: Preserving recently used remote address: [AF_INET]188.144.135.6:1194
    2017-08-01 02:09:02 Socket Buffers: R=[163840->163840] S=[163840->163840]
    2017-08-01 02:09:02 MANAGEMENT: CMD 'needok 'PROTECTFD' ok'
    2017-08-01 02:09:02 UDP link local (bound): [AF_INET][undef]:1194
    2017-08-01 02:09:02 UDP link remote: [AF_INET]188.144.135.6:1194
    2017-08-01 02:09:02 MANAGEMENT: >STATE:1501546142,WAIT,,,,,,
    2017-08-01 02:09:02 New OpenVPN Status (WAIT->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): ,,,,,
    2017-08-01 02:09:02 New OpenVPN Status (WAIT->LEVEL_CONNECTING_NO_SERVER_REPLY_YET): ,,,,,
    2017-08-01 02:09:02 TLS Error: Unroutable control packet received from [AF_INET]188.104.135.6:1194 (si=3 op=P_CONTROL_V1)
    2017-08-01 02:09:04 TLS Error: Unroutable control packet received from [AF_INET]188.104.135.6:1194 (si=3 op=P_ACK_V1)
    2017-08-01 02:09:05 TLS Error: Unroutable control packet received from [AF_INET]188.104.135.6:1194 (si=3 op=P_CONTROL_V1)
    2017-08-01 02:09:08 TLS Error: Unroutable control packet received from [AF_INET]188.104.135.6:1194 (si=3 op=P_ACK_V1)
    2017-08-01 02:09:11 TLS Error: Unroutable control packet received from [AF_INET]188.104.135.6:1194 (si=3 op=P_CONTROL_V1)
    2017-08-01 02:09:17 TLS Error: Unroutable control packet received from [AF_INET]188.104.135.6:1194 (si=3 op=P_ACK_V1)





    ------------------ Kannst du rauslesen was der wichtigste Fehlergrund ist ?

    • Official Post

    ganz schnell würde ich sagen.


    2017-08-01 02:08:53 VERIFY X509NAME ERROR: C=DE, CN=vpntest, must be grenzwert.selfhost.eu
    2017-08-01 02:08:53 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
    2017-08-01 02:08:53 TLS_ERROR: BIO read tls_read_plaintext error
    2017-08-01 02:08:53 TLS Error: TLS object -> incoming plaintext read error
    2017-08-01 02:08:53 TLS Error: TLS handshake failed
    2017-08-01 02:08:53 New OpenVPN Status


    Dem fehlt die CA.

    Braucht die App zwingend ein korrektes Zertifikat obwohl nur User/Password ausgewählt ist ?


    Im Moment würde ich sagen das zwar ein Tunnel mit der App aufgebaut wird, aber es gehen keine Daten durch. Die lokale IP wird allerdings korrekt von der Endian ans Handy eingestellt.
    Hast du das denn mit Zertifikat an der App laufen oder ging es ohne?

    • Official Post

    Also zum damaligen Zeitpunkt nur die CA Zert was es bei OpenVPN gibt.
    Das hatte ich hinterlegt sonst gar nix.


    Damit lief das ganze auch recht gut eigentlich.
    Siehst du an der Firewall ob Pakete eingehend zu sehen sind?