SoftEther VPN User Forum

Hi Everyone,
I have problem with openvpn clients connecting to my softether server. The server is running under CentOS, the openvpn clients are running under windows 7.
When openvpn client try to connect to the server it get's to the verify stage, when the certificate is being verified and stops there. There is no push options or what ever ... so the client aborts the connection and tries to re-connect ... and so on...
This is no issue with SoftEther client. I tried various configurations with the same result.
Am I missing something?
Thanks.

icmpbg wrote:
> Hi Everyone,
> I have problem with openvpn clients connecting to my softether server. The
> server is running under CentOS, the openvpn clients are running under
> windows 7.
> When openvpn client try to connect to the server it get's to the verify
> stage, when the certificate is being verified and stops there. There is no
> push options or what ever ... so the client aborts the connection and tries
> to re-connect ... and so on...
> This is no issue with SoftEther client. I tried various configurations
> with the same result.
> Am I missing something?
> Thanks.

I have a similar issue. What sort of setup do you have?

I tried almost every possible scenario:
- L2 bridging
- L3 routing
- the so called virtual nat,
with the same result every time.

icmpbg wrote:
> I tried almost every possible scenario:
> - L2 bridging
> - L3 routing
> - the so called virtual nat,
> with the same result every time.

I suggest that you try port forwarding instead of using the Virtual NAT setup. What ISP and router are you on?

Please show server and client log.

Sorry for the late answer.
Server log:
2015-09-13 14:32:17.954 ------------------------------------------------------
2015-09-13 14:32:17.954 SoftEther VPN Server Version 4.18 Build 9570 (English)
2015-09-13 14:32:17.954 Compiled 2015/07/26 15:19:27 by yagi at pc30
2015-09-13 14:32:17.954 Log Messages are written with UTF-8 Encoding Format.
2015-09-13 14:32:17.954 The SoftEther VPN Server has been started.
2015-09-13 14:32:17.954 IPsec Module: The IPsec ver 2.0 (ISAKMP/IKEv1) processing module is started.
2015-09-13 14:32:17.954 OpenVPN Module: The OpenVPN Server Module is starting.
2015-09-13 14:32:17.954 Loading the configuration file.
2015-09-13 14:32:17.984 Monitoring the directory "/usr/local/vpnserver". If the amount of available free disk space becomes less than 100.00 MBytes, the backup files for log files and configurations that are saved on the sub-directories of this directory will be automatically deleted in the order of oldest first. The amount of free disk space that determines when to start deletion can be modified by changing the "AutoDeleteCheckDiskFreeSpaceMin" item in the configuration file.
2015-09-13 14:32:17.984 Virtual Hub "ID123456789" has been started.
2015-09-13 14:32:17.984 The MAC address of Virtual Hub "ID123456789" is "00-AE-7C-09-3B-6D".
2015-09-13 14:32:17.984 [HUB "ID123456789"] SecureNAT has started. The SecureNAT session "SID-SECURENAT-1" was created.
2015-09-13 14:32:17.994 [HUB "ID123456789"] The Virtual Hub is now online.
2015-09-13 14:32:17.994 TCP Listener (port 443) is starting.
2015-09-13 14:32:17.994 TCP Listener (port 443) has started. Now listening for connection from client.
2015-09-13 14:32:17.994 TCP Listener (port 992) is starting.
2015-09-13 14:32:17.994 TCP Listener (port 992) has started. Now listening for connection from client.
2015-09-13 14:32:17.994 TCP Listener (port 1194) is starting.
2015-09-13 14:32:17.994 TCP Listener (port 1194) has started. Now listening for connection from client.
2015-09-13 14:32:17.994 TCP Listener (port 5555) is starting.
2015-09-13 14:32:17.994 TCP Listener (port 5555) has started. Now listening for connection from client.
2015-09-13 14:32:17.994 The configuration file has been loaded.
2015-09-13 14:32:17.994 Starting the automatically saving background task. The interval between auto-saves is 300 seconds. You can change the interval by changing the parameter AutoSaveConfigSpan in the configuration file.
2015-09-13 14:33:34.172 OpenVPN Session 1 (80.215.*.*:64955 -> 210.10.*.*:1194): A new session is created. Protocol: UDP
2015-09-13 14:33:34.172 OpenVPN Session 1 (80.215.*.*:64955 -> 210.10.*.*:1194) Channel 0: A new channel is created.
2015-09-13 14:33:54.584 OpenVPN Session 2 (80.215.*.*:64125 -> 210.10.*.*:1194): A new session is created. Protocol: UDP
2015-09-13 14:33:54.584 OpenVPN Session 2 (80.215.*.*:64125 -> 210.10.*.*:1194) Channel 0: A new channel is created.
2015-09-13 14:34:05.067 OpenVPN Session 1 (80.215.*.*:64955 -> 210.10.*.*:1194): Deleting the session.
2015-09-13 14:34:24.835 OpenVPN Session 2 (80.215.*.*:64125 -> 210.10.*.*:1194): Deleting the session.
___________________________
Client log:
Sun Sep 13 14:32:33 2015 OpenVPN 2.1.1 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Dec 11 2009
Sun Sep 13 14:32:52 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun Sep 13 14:32:52 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Sep 13 14:32:53 2015 Control Channel MTU parms [ L:1589 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun Sep 13 14:32:53 2015 Data Channel MTU parms [ L:1589 D:1450 EF:57 EB:4 ET:32 EL:0 ]
Sun Sep 13 14:32:53 2015 Local Options hash (VER=V4): 'df9aa7c6'
Sun Sep 13 14:32:53 2015 Expected Remote Options hash (VER=V4): 'e6ffcd12'
Sun Sep 13 14:32:53 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Sep 13 14:32:53 2015 UDPv4 link local: [undef]
Sun Sep 13 14:32:53 2015 UDPv4 link remote: 210.10.*.*:1194
Sun Sep 13 14:33:35 2015 TLS: Initial packet from 210.10.*.*:1194, sid=5ab37542 c3226752
Sun Sep 13 14:33:35 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Sep 13 14:33:35 2015 VERIFY OK: depth=0, /CN=none/O=none/OU=none/C=UK/ST=NN/L=NN
Sun Sep 13 14:33:53 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Sep 13 14:33:53 2015 TLS Error: TLS handshake failed
Sun Sep 13 14:33:53 2015 TCP/UDP: Closing socket
Sun Sep 13 14:33:53 2015 SIGUSR1[soft,tls-error] received, process restarting
Sun Sep 13 14:33:53 2015 Restart pause, 2 second(s)
Sun Sep 13 14:33:55 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun Sep 13 14:33:55 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Sep 13 14:33:55 2015 Re-using SSL/TLS context
Sun Sep 13 14:33:55 2015 Control Channel MTU parms [ L:1589 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun Sep 13 14:33:55 2015 Data Channel MTU parms [ L:1589 D:1450 EF:57 EB:4 ET:32 EL:0 ]
Sun Sep 13 14:33:55 2015 Local Options hash (VER=V4): 'df9aa7c6'
Sun Sep 13 14:33:55 2015 Expected Remote Options hash (VER=V4): 'e6ffcd12'
Sun Sep 13 14:33:55 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Sep 13 14:33:55 2015 UDPv4 link local: [undef]
Sun Sep 13 14:33:55 2015 UDPv4 link remote: 210.10.*.*:1194
Sun Sep 13 14:33:55 2015 TLS: Initial packet from 210.10.*.*:1194, sid=2a84972a 2846057e
Sun Sep 13 14:33:55 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Sep 13 14:33:55 2015 VERIFY OK: depth=0, /CN=none/O=none/OU=none/C=UK/ST=NN/L=NN
Sun Sep 13 14:33:55 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Sep 13 14:33:55 2015 TLS Error: TLS handshake failed
Sun Sep 13 14:33:55 2015 TCP/UDP: Closing socket
Sun Sep 13 14:33:55 2015 SIGUSR1[soft,tls-error] received, process restarting
Sun Sep 13 14:33:55 2015 Restart pause, 2 second(s)
________________________________
Both server and client are directly connected to internet (they have real ip addresses). All firewalls are down during the test. OpenVPN client configuration is generated by the admin tool.
Thank you.

Could you update the OpenVPN client?

Could you update the OpenVPN client?