Ubuntu 14.04 + OpenVPN + Stunnel + Windows 10 Client
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Ubuntu 14.04 + OpenVPN + Stunnel + Windows 10 Client
I've spent the last week looking for a solution to this and haven't found anything that will help me get this working...
Server 1: This is a Ubuntu 14.04 Server sitting in a datacenter. It is connected through the local network to another server (server 2). Server 1 does not have access to the internet. Server 1 is running OpenVPN.
Server 2: This is a Ununtu 14.04 Server as well sitting at the same datacenter. This server does have internet access and has a separate network card connecting it to the same network as Server 1. This server is running Stunnel4.
Windows PC: I have a laptop running Windows 10. This laptop is trying to connect to openvpn over the internet.
CONFIG FILES:
-------------
Server 1 Open VPN:
Quote:
port 1194
proto tcp
dev tun
ca ca.crt
cert my_domain.crt
key my_donain.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
max-clients 10
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log /etc/openvpn/openvpn.log
verb 6
mute 20
client
dev tun
proto tcp
remote xxx.xxx.xxx.xxx 1194
resolv-retry infinite
persist-key
persist-tun
ca "C:\\Users\\xxx\\Documents\\openvpn\\ca.crt"
cert "C:\\Users\\xxx\\Documents\\openvpn\\client1.crt"
key "C:\\Users\\xxx\\Documents\\openvpn\\client1.key"
comp-lzo
verb 3
LOG FILES:
----------
Server 1 OpenVPN:
Quote:
Sun Apr 24 17:16:09 2016 us=209698 GID set to nogroup
Sun Apr 24 17:16:09 2016 us=209770 UID set to nobody
Sun Apr 24 17:16:09 2016 us=209793 Listening for incoming TCP connection on [undef]
Sun Apr 24 17:16:09 2016 us=209811 TCPv4_SERVER link local (bound): [undef]
Sun Apr 24 17:16:09 2016 us=209820 TCPv4_SERVER link remote: [undef]
Sun Apr 24 17:16:09 2016 us=209833 MULTI: multi_init called, r=256 v=256
Sun Apr 24 17:16:09 2016 us=209882 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Sun Apr 24 17:16:09 2016 us=209894 IFCONFIG POOL LIST
Sun Apr 24 17:16:09 2016 us=209907 MULTI: TCP INIT maxclients=10 maxevents=14
Sun Apr 24 17:16:09 2016 us=209924 Initialization Sequence Completed
Sun Apr 24 17:19:27 2016 us=72369 MULTI: multi_create_instance called
Sun Apr 24 17:19:27 2016 us=72424 Re-using SSL/TLS context
Sun Apr 24 17:19:27 2016 us=72444 LZO compression initialized
Sun Apr 24 17:19:27 2016 us=72507 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sun Apr 24 17:19:27 2016 us=72533 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Apr 24 17:19:27 2016 us=72565 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sun Apr 24 17:19:27 2016 us=72579 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sun Apr 24 17:19:27 2016 us=72601 Local Options hash (VER=V4): 'c0103fa8'
Sun Apr 24 17:19:27 2016 us=72640 Expected Remote Options hash (VER=V4): '69109d17'
Sun Apr 24 17:19:27 2016 us=72668 TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:51843
Sun Apr 24 17:19:27 2016 us=72683 TCPv4_SERVER link local: [undef]
Sun Apr 24 17:19:27 2016 us=72698 TCPv4_SERVER link remote: [AF_INET]xxx.xxx.xxx.xxx:51843
Sun Apr 24 17:19:27 2016 us=72755 xxx.xxx.xxx.xxx:51843 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1544 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Sun Apr 24 17:19:27 2016 us=72787 xxx.xxx.xxx.xxx:51843 Connection reset, restarting [0]
Sun Apr 24 17:19:27 2016 us=72801 xxx.xxx.xxx.xxx:51843 SIGUSR1[soft,connection-reset] received, client-instance restarting
Sun Apr 24 17:19:27 2016 us=72840 TCP/UDP: Closing socket
Server 2 Stunnel:
xxx.xxx.xxx.xxx = My Laptop IP
yyy.yyy.yyy.yyy = Server 1 IP
zzz.zzz.zzz.zzz = Server 2 IP that connected to Server 1
Quote:
2016.04.24 17:19:27 LOG5[20217:140554691237632]: Service [openvpn] accepted connection from xxx.xxx.xxx.xxx:56373
2016.04.24 17:19:27 LOG5[20217:140554691237632]: connect_blocking: connected yyy.yyy.yyy.yyy:1194
2016.04.24 17:19:27 LOG5[20217:140554691237632]: Service [openvpn] connected remote server from zzz.zzz.zzz.zzz:51843
2016.04.24 17:19:27 LOG3[20217:140554691237632]: SSL_connect: Peer suddenly disconnected
2016.04.24 17:19:27 LOG5[20217:140554691237632]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
Windows 10 Client:
Quote:
Sun Apr 24 17:19:21 2016 OpenVPN 2.3.10 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Mar 10 2016
Sun Apr 24 17:19:21 2016 Windows version 6.2 (Windows 8 or greater)
Sun Apr 24 17:19:21 2016 library versions: OpenSSL 1.0.1s 1 Mar 2016, LZO 2.09
Enter Management Password:
Sun Apr 24 17:19:21 2016 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sun Apr 24 17:19:21 2016 Need hold release from management interface, waiting...
Sun Apr 24 17:19:22 2016 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sun Apr 24 17:19:22 2016 MANAGEMENT: CMD 'state on'
Sun Apr 24 17:19:22 2016 MANAGEMENT: CMD 'log all on'
Sun Apr 24 17:19:22 2016 MANAGEMENT: CMD 'hold off'
Sun Apr 24 17:19:22 2016 MANAGEMENT: CMD 'hold release'
Sun Apr 24 17:19:22 2016 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun Apr 24 17:19:22 2016 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sun Apr 24 17:19:22 2016 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.xxx:1194 [nonblock]
Sun Apr 24 17:19:22 2016 MANAGEMENT: >STATE:1461532762,TCP_CONNECT,,,
Sun Apr 24 17:19:23 2016 TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:1194
Sun Apr 24 17:19:23 2016 TCPv4_CLIENT link local: [undef]
Sun Apr 24 17:19:23 2016 TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
Sun Apr 24 17:19:23 2016 MANAGEMENT: >STATE:1461532763,WAIT,,,
Sun Apr 24 17:19:23 2016 Connection reset, restarting [-1]
Sun Apr 24 17:19:23 2016 SIGUSR1[soft,connection-reset] received, process restarting
Sun Apr 24 17:19:23 2016 MANAGEMENT: >STATE:1461532763,RECONNECTING,connection-reset,,
Sun Apr 24 17:19:23 2016 Restart pause, 5 second(s)
Sun Apr 24 17:19:25 2016 SIGTERM[hard,init_instance] received, process exiting
Sun Apr 24 17:19:25 2016 MANAGEMENT: >STATE:1461532765,EXITING,init_instance,,
If anyone can help with this, it would be appreciated!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.