Re: [Openvpn-users] VPN allows unencrypted traffic but not encrypted

Mon, 04 Sep 2017 07:42:08 -0700 

Happy to provide the configs, but as noted the configuration works perfectly 
when the server is on another internet connection.

Server:

local 0.0.0.0
port [redacted_port]
proto udp
dev cloudvpn
dev-type tun
ca cloud-ca.crt
cert cloud-server.crt
key cloud-server.key
dh cloud-dh2048.pem
topology subnet
server 10.10.1.0 255.255.255.0
ifconfig-pool-persist cloud-ipp.txt
client-config-dir cloud-ccd
keepalive 10 120
tls-auth cloud-ta.key 0
cipher AES-256-CBC
user nobody
group nobody
persist-key
persist-tun
status cloud-openvpn-status.log
status-version 3
verb 3
mute 20

Client:

client
dev tun
proto udp
remote [redacted_ip] [redacted_port]
resolv-retry infinite
nobind
user nobody
group nobody
persist-key
persist-tun
ca cloud-ca.crt
cert cloud-client.crt
key cloud-client.key
remote-cert-tls server
tls-auth cloud-ta.key 1
cipher AES-256-CBC
mute 20

Thanks.

-Stuart

On 4 Sep 2017, 15:34 +0100, Илья Шипицин <chipits...@gmail.com>, wrote:
> Please, provide both server and client config.
>
> (We saw similar situation, when server was "comp-lzo yes" and client 
> "comp-lzo no")
>
> > 4 сент. 2017 г. 19:25 пользователь "Stuart Dallas" <stu...@stut.net> 
> > написал:
> > > We’ve got a very odd issue happening at a new customer’s site.
> > >
> > > The VPN is established quite happily at their site and unencrypted 
> > > traffic through that VPN works perfectly (HTTP requests).
> > >
> > > However, encrypted traffic does not (HTTPS and SSH). SSH connections get 
> > > this far before appearing to hang:
> > >
> > > <snip>
> > > debug1: Enabling compatibility mode for protocol 2.0
> > > debug1: Local version string SSH-2.0-OpenSSH_6.6.1
> > > debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
> > > debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
> > > debug2: fd 3 setting O_NONBLOCK
> > > debug3: put_host_port: [10.10.1.1]:26513
> > > debug1: SSH2_MSG_KEXINIT sent
> > >
> > > Thie eventually times out.
> > >
> > > We moved the server to a standard broadband connection and everything 
> > > works, including HTTPS and SSH connections.
> > >
> > > Is it possible there’s something on the path from their connection that’s 
> > > causing this? As far as I’m aware all traffic through the VPN will appear 
> > > as random bytes to anything it passes through, so I’m at a loss to 
> > > explain this.
> > >
> > > Any help would be greatly appreciated.
> > >
> > > Thanks.
> > >
> > > -Stuart
> > >
> > >
> > > ------------------------------------------------------------------------------
> > > Check out the vibrant tech community on one of the world's most
> > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> > > _______________________________________________
> > > Openvpn-users mailing list
> > > Openvpn-users@lists.sourceforge.net
> > > https://lists.sourceforge.net/lists/listinfo/openvpn-users
> > >

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to