Unstable VPN Tunnel
Posted: Sat Mar 02, 2013 1:06 am
Hello
I've a strange behaviour with viscosity and windows firewall on a windows 7 machine: the vpn tunnel is unstable it automatically reconnect.
I've this setup: Client with Viscosity ---> OPENVPN SERVER ---> WEBSERVER
- VPN uses certificate to perform authentication
- Web Server requires SSL CLient authenticaiton (same VPN certificate is used)
- WEB Server run an Applet that communicate with the server on some specific ports
On my machine with Windows 7 the vpn and the access to the server and everything works well.
As soon as I switch on the windows firewall I get a reconnection problem:
mar 1 01:33:04: Connection reset, restarting [-1]
mar 1 01:33:04: SIGUSR1[soft,connection-reset] received, process restarting
mar 01 01:33:04: State changed to Connecting
I also realized that this reconneciton sometimes happen when the Java Applet is in some way activate.
Do you have any idea?
The full logs:
mar 01 01:27:36: State changed to Connecting
mar 01 01:27:36: Viscosity 1.4.2 (1178)
mar 01 01:27:36: Running on Microsoft Windows 7 Professional
mar 01 01:27:36: Bringing up interface...
mar 01 01:27:43: Controllo la raggiungibilità della connessione…
mar 01 01:27:46: Connessione raggiungibile, inizio connessione.
mar 01 01:27:46: OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Jan 4 2012
mar 1 01:29:14: PKCS#11: Adding PKCS#11 provider 'C:\Windows\System32\eTPKCS11.dll'
mar 1 01:29:14: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
mar 1 01:29:14: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
mar 1 01:29:20: Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
mar 1 01:29:20: LZO compression initialized
mar 1 01:29:20: Attempting to establish TCP connection with xxx.xxx.xxx.xxx
mar 1 01:29:20: TCP connection established with xxx.xxx.xxx.xxx
mar 1 01:29:20: TCPv4_CLIENT link local: [undef]
mar 1 01:29:20: TCPv4_CLIENT link remote: xxx.xxx.xxx.xxx
mar 1 01:29:20: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
mar 1 01:29:26: [VPN_Gateway] Peer Connection Initiated with XXX.XXX.XXX.XXX
mar 1 01:29:29: TAP-WIN32 device [VPN_CERT] opened: \\.\Global\{DA8BC8F6-6C4E-4FD5-9267-E606F7092B07}.tap
mar 1 01:29:29: Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.0.8.6/255.255.255.252 on interface {DA8BC8F6-6C4E-4FD5-9267-E606F7092B07} [DHCP-serv: 10.0.8.5, lease-time: 31536000]
mar 1 01:29:29: Successful ARP Flush on interface [27] {DA8BC8F6-6C4E-4FD5-9267-E606F7092B07}
mar 1 01:29:34: Initialization Sequence Completed
mar 01 01:29:34: State changed to Connected
mar 1 01:33:04: Connection reset, restarting [-1]
mar 1 01:33:04: SIGUSR1[soft,connection-reset] received, process restarting
mar 01 01:33:04: State changed to Connecting
TIA
I've a strange behaviour with viscosity and windows firewall on a windows 7 machine: the vpn tunnel is unstable it automatically reconnect.
I've this setup: Client with Viscosity ---> OPENVPN SERVER ---> WEBSERVER
- VPN uses certificate to perform authentication
- Web Server requires SSL CLient authenticaiton (same VPN certificate is used)
- WEB Server run an Applet that communicate with the server on some specific ports
On my machine with Windows 7 the vpn and the access to the server and everything works well.
As soon as I switch on the windows firewall I get a reconnection problem:
mar 1 01:33:04: Connection reset, restarting [-1]
mar 1 01:33:04: SIGUSR1[soft,connection-reset] received, process restarting
mar 01 01:33:04: State changed to Connecting
I also realized that this reconneciton sometimes happen when the Java Applet is in some way activate.
Do you have any idea?
The full logs:
mar 01 01:27:36: State changed to Connecting
mar 01 01:27:36: Viscosity 1.4.2 (1178)
mar 01 01:27:36: Running on Microsoft Windows 7 Professional
mar 01 01:27:36: Bringing up interface...
mar 01 01:27:43: Controllo la raggiungibilità della connessione…
mar 01 01:27:46: Connessione raggiungibile, inizio connessione.
mar 01 01:27:46: OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Jan 4 2012
mar 1 01:29:14: PKCS#11: Adding PKCS#11 provider 'C:\Windows\System32\eTPKCS11.dll'
mar 1 01:29:14: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
mar 1 01:29:14: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
mar 1 01:29:20: Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
mar 1 01:29:20: LZO compression initialized
mar 1 01:29:20: Attempting to establish TCP connection with xxx.xxx.xxx.xxx
mar 1 01:29:20: TCP connection established with xxx.xxx.xxx.xxx
mar 1 01:29:20: TCPv4_CLIENT link local: [undef]
mar 1 01:29:20: TCPv4_CLIENT link remote: xxx.xxx.xxx.xxx
mar 1 01:29:20: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
mar 1 01:29:26: [VPN_Gateway] Peer Connection Initiated with XXX.XXX.XXX.XXX
mar 1 01:29:29: TAP-WIN32 device [VPN_CERT] opened: \\.\Global\{DA8BC8F6-6C4E-4FD5-9267-E606F7092B07}.tap
mar 1 01:29:29: Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.0.8.6/255.255.255.252 on interface {DA8BC8F6-6C4E-4FD5-9267-E606F7092B07} [DHCP-serv: 10.0.8.5, lease-time: 31536000]
mar 1 01:29:29: Successful ARP Flush on interface [27] {DA8BC8F6-6C4E-4FD5-9267-E606F7092B07}
mar 1 01:29:34: Initialization Sequence Completed
mar 01 01:29:34: State changed to Connected
mar 1 01:33:04: Connection reset, restarting [-1]
mar 1 01:33:04: SIGUSR1[soft,connection-reset] received, process restarting
mar 01 01:33:04: State changed to Connecting
TIA