I can't connect to my openvpn server using the option 'tls-cipher TLS-SRP-SHA-DSS-WITH-AES-256-CBC-SHA'. This is the only change I made to the server and client configs. They were working perfectly before this. Here are the relevant log info
Client log Sun Nov 03 21:00:26 2013 OpenVPN 2.3.2 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug 22 2013 Enter Management Password: Sun Nov 03 21:00:26 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340 Sun Nov 03 21:00:26 2013 Need hold release from management interface, waiting... Sun Nov 03 21:00:26 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340 Sun Nov 03 21:00:26 2013 MANAGEMENT: CMD 'state on' Sun Nov 03 21:00:26 2013 MANAGEMENT: CMD 'log all on' Sun Nov 03 21:00:26 2013 MANAGEMENT: CMD 'hold off' Sun Nov 03 21:00:26 2013 MANAGEMENT: CMD 'hold release' Sun Nov 03 21:00:27 2013 Control Channel Authentication: using 'c:\Program Files (x86)\OpenVPN\config\ta.key' as a OpenVPN static key file Sun Nov 03 21:00:27 2013 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication Sun Nov 03 21:00:27 2013 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication Sun Nov 03 21:00:27 2013 Socket Buffers: R=[8192->8192] S=[8192->8192] Sun Nov 03 21:00:27 2013 MANAGEMENT:>STATE:1383534027,RESOLVE,,, Sun Nov 03 21:00:27 2013 UDPv4 link local: [undef] Sun Nov 03 21:00:27 2013 UDPv4 link remote: [AF_INET]**.**.**.232:1194 Sun Nov 03 21:00:27 2013 MANAGEMENT:>STATE:1383534027,WAIT,,, Sun Nov 03 21:00:27 2013 MANAGEMENT:>STATE:1383534027,AUTH,,, Sun Nov 03 21:00:27 2013 TLS: Initial packet from [AF_INET]**.**.**.232:1194, sid=cc4ea058 9f0a9c59 Sun Nov 03 21:00:57 2013 [UNDEF] Inactivity timeout (--ping-restart), restarting Sun Nov 03 21:00:57 2013 SIGUSR1[soft,ping-restart] received, process restarting Sun Nov 03 21:00:57 2013 MANAGEMENT:>STATE:1383534057,RECONNECTING,ping-restart,, Sun Nov 03 21:00:57 2013 Restart pause, 2 second(s) Sun Nov 03 21:00:58 2013 SIGTERM[hard,init_instance] received, process exiting Sun Nov 03 21:00:58 2013 MANAGEMENT:>STATE:1383534058,EXITING,init_instance,, Server log Wed Dec 31 18:00:59 1969 OpenVPN 2.3.2 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Oct 22 2013 - - Sun Nov 3 20:59:29 2013 Initialization Sequence Completed Sun Nov 3 21:00:26 2013 192.168.1.116:51126 TLS: Initial packet from [AF_INET]192.168.1.116:51126, sid=9edfecdb 4157f6ff Sun Nov 3 21:00:26 2013 192.168.1.116:51126 TLS_ERROR: BIO read tls_read_plaintext error: error:1408A0C1:lib(20):func(138):reason(193) Sun Nov 3 21:00:26 2013 192.168.1.116:51126 TLS Error: TLS object -> incoming plaintext read error Sun Nov 3 21:00:26 2013 192.168.1.116:51126 TLS Error: TLS handshake failed Sun Nov 3 21:00:26 2013 192.168.1.116:51126 SIGUSR1[soft,tls-error] received, client-instance restarting What does the TLS error mean? ------------------------------------------------------------------------------ Android is increasing in popularity, but the open development platform that developers love is also attractive to malware creators. Download this white paper to learn more about secure code signing practices that can help keep Android apps secure. http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
