Connection terminated by CODE 13 (Client) & CODE 11 (Server)

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
nelbren
Posts: 3
Joined: Wed Apr 22, 2015 4:37 pm

Connection terminated by CODE 13 (Client) & CODE 11 (Server)

Post by nelbren » Mon Apr 27, 2015 7:28 pm

The first three connections works well:

$ /usr/local/softether/vpncmd 127.0.0.1:443 /SERVER /HUB:VPN01 /CMD:StatusGet | grep Sessions
Sessions |4
Sessions (Client) |3 <===== (3 sessions works well)
Sessions (Bridge) |0

But in the fourth connection the connection fail, showing the following error codes:

CLIENT SIDE:
---------------------------------------------------------------------------------
The client connect for a few seconds, but pass the seconds the client gets the message:

"Error (Error Code 13): Time-out occurred during VPN session communication. It's is possible the connectionfrom the client to the VPN Server has been disconnected." <============ (CODE 13)

SERVER SIDE:
---------------------------------------------------------------------------------
And in the side of the server gets the CODE 11:

2015-04-27 12:42:33.933 On the TCP Listener (Port 443), a Client (IP address XX.XX.XX.1, Host name "XX.XX.XX.1", Port number 58600) has connected.
2015-04-27 12:42:33.933 For the client (IP address: XX.XX.XX.1, host name: "XX.XX.XX.1", port number: 58600), connection "CID-388" has been created.
2015-04-27 12:42:33.953 SSL communication for connection "CID-388" has been started. The encryption algorithm name is "RC4-MD5".
2015-04-27 12:42:34.004 [HUB "VPN01"] The connection "CID-388" (IP address: XX.XX.XX.1, Host name: XX.XX.XX.1, Port number: 58600, Client name: "SoftEther VPN Client", Version: 4.14, Build: 9529) is attempting to connect to the Virtual Hub. The auth type provided is "Password authentication" and the user name is "uservpn".
2015-04-27 12:42:34.004 [HUB "VNP01"] Connection "CID-388": Successfully authenticated as user "uservpn".
2015-04-27 12:42:34.004 [HUB "VNP01"] Connection "CID-388": The new session "SID-USERVPN-155" has been created. (IP address: XX.XX.XX.1, Port number: 58600, Physical underlying protocol: "Standard TCP/IP (IPv4)")
2015-04-27 12:42:34.014 [HUB "VPN01"] Session "SID-USERVPN-155": The parameter has been set. Max number of TCP connections: 2, Use of encryption: No, Use of compression: No, Use of Half duplex communication: No, Timeout: 20 seconds.
2015-04-27 12:42:34.014 [HUB "VPN01"] Session "SID-USERVPN-155": VPN Client details: (Client product name: "SoftEther VPN Client", Client version: 414, Client build number: 9529, Server product name: "SoftEther VPN Server (32 bit)", Server version: 415, Server build number: 9546, Client OS name: "Windows 7", Client OS version: "Build 7601, Multiprocessor Free, Service Pack 1 (7601.win7sp1_gdr.150316-1654)", Client product ID: "--", Client host name: "WIN701", Client IP address: "YY.YY.YY.217", Client port number: 58600, Server host name: "ZZ.ZZ.ZZ.109", Server IP address: "ZZ.ZZ.ZZ.109", Server port number: 8443, Proxy host name: "", Proxy IP address: "0.0.0.0", Proxy port number: 0, Virtual Hub name: "VPN01", Client unique ID: "EC08225DC6AA9ED6DBC843A8CDC7232C")
2015-04-27 12:42:34.034 [HUB "VPN01"] Session "SID-USERVPN-155": The session has been terminated. The statistical information is as follows: Total outgoing data size: 128 bytes, Total incoming data size: 261 bytes.

2015-04-27 12:42:34.065 Connection "CID-388" terminated by the cause "The VPN session has been deleted. It is possible that either the administrator disconnected the session or the connection from the client to the VPN Server has been disconnected." (code 11). <================= (CODE 11)

2015-04-27 12:42:34.065 Connection "CID-388" has been terminated.
2015-04-27 12:42:34.065 The connection with the client (IP address XX.XX.XX.1, Port number 58600) has been disconnected.

Exist some limit or timeouts to check?

nelbren
Posts: 3
Joined: Wed Apr 22, 2015 4:37 pm

Re: Connection terminated by CODE 13 (Client) & CODE 11 (Ser

Post by nelbren » Tue Apr 28, 2015 6:31 pm

SOLUTION TO THE PROBLEM:
------------------------------------------

Trying to fix the problem, the first step was "Disable UDP acceleration" (view the image), and the 4th connection works well.

Then to permanently solve the problem, were allowed to spend the UDP traffic was blocked (view the next line).

Apr 28 10:57:44 debXXX kernel: [1718655.377254] [DROP-PUBLIC_1-OUT]_IN= OUT=eth0 SRC=QQ.QQ.QQ.QQ DST=WW.WW.WW.WW LEN=108 TOS=0x00 PREC=0x00 TTL=64 ID=56142 DF PROTO=UDP SPT=40003 DPT=57514 LEN=88
You do not have the required permissions to view the files attached to this post.

nelbren
Posts: 3
Joined: Wed Apr 22, 2015 4:37 pm

Re: Connection terminated by CODE 13 (Client) & CODE 11 (Ser

Post by nelbren » Fri Nov 20, 2015 11:30 pm

I have IPTABLES running in the VPN for better NAT, but the firewall block some UDP traffic, please try Enable or Disable this option: "Disable UDP acceleration", and do your test...

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Connection terminated by CODE 13 (Client) & CODE 11 (Ser

Post by thisjun » Thu Sep 07, 2017 8:28 am

I think you success connection. It is different problem from this topic.

Did you configure localbridge or SecureNAT on VPN server?

rajan.rana
Posts: 2
Joined: Wed Sep 19, 2018 10:24 am

Re: Connection terminated by CODE 13 (Client) & CODE 11 (Server)

Post by rajan.rana » Wed Sep 19, 2018 11:33 am

Thank you so much, this solution works well.

top-master
Posts: 6
Joined: Sun Apr 15, 2018 10:25 am

Re: Connection terminated by CODE 13 (Client) & CODE 11 (Server)

Post by top-master » Sun Oct 14, 2018 12:45 pm

Did personally with another developer have a look inside the source-codes and will try to explain:

The problem: The `SoftEther-protocol` code at `SessionMain(...)` function (which is a loop that runs as long we are connected to SE-Server) does keep track of last communication time (data Upload/Download time) and when there is nothing received in the time-limit it will terminate the connection with `ERR_SESSION_TIMEOUT`

Possible reasons:
1- the `Firewall` of `SE-Host` is partially blocking the `SE-service` (allows connection but prevents some required protocol-part)
2- the network band-width of either of the two sides (server and/or client) is really bad
3- the server is customized and is not allowed to respond connections from older versions/protocols

Possible solution:
1- disable `Firewall` of `SE-Host` temporally and test/try the connection
2- try another network provider with better speed/bandwidth
3- update/downgrade the SoftEther related programs of client/server and try again

Post Reply