- Status Nouveau
- Percent Complete
- Task Type Anomalie
- Category Services locaux → Client VPN
- Assigned To No-one
- Operating System Freebox Server V8 (Pop)
- Severity Medium
- Priority Very Low
- Reported Version 4.7.8
- Due in Version Undecided
-
Due Date
Undecided
- Votes
- Private
Opened by Snoogle - 28/12/2023
FS#38850 - Incapacité de connexion à l'hôte (Ovpn Seedbox)
Bonjour, j’ai créé une connexion client Vpn en openvpn et il m’est impossible de me connecter.
Je précise que le serveur distant n’est pas down et que je parviens à m’y connecter en openvpn sur mon ordi avec le même fichier de configuration
Voici le log de mon serveur freebox pop :
2023-12-28 10:55:59 openvpn: output: 2023-12-28 10:55:59 Outgoing Control Channel Encryption: Cipher ‘AES-256-CTR’ initialized with 256 bit key
2023-12-28 10:55:59 openvpn: output: 2023-12-28 10:55:59 Outgoing Control Channel Encryption: Using 256 bit message hash ‘SHA256’ for HMAC authentication
2023-12-28 10:55:59 openvpn: output: 2023-12-28 10:55:59 Incoming Control Channel Encryption: Cipher ‘AES-256-CTR’ initialized with 256 bit key
2023-12-28 10:55:59 openvpn: output: 2023-12-28 10:55:59 Incoming Control Channel Encryption: Using 256 bit message hash ‘SHA256’ for HMAC authentication
2023-12-28 10:55:59 openvpn: output: 2023-12-28 10:55:59 TCP/UDP: Preserving recently used remote address: [AF_INET]178.33.61.116:1194
2023-12-28 10:55:59 openvpn: output: 2023-12-28 10:55:59 Socket Buffers: R=[212992→212992] S=[212992→212992]
2023-12-28 10:55:59 openvpn: output: 2023-12-28 10:55:59 UDP link local: (not bound)
2023-12-28 10:55:59 openvpn: output: 2023-12-28 10:55:59 UDP link remote: [AF_INET]178.33.61.116:1194
2023-12-28 10:55:59 openvpn: output: 2023-12-28 10:55:59 MANAGEMENT: >STATE:1703757359,WAIT,,,,,,
2023-12-28 10:55:59 openvpn: rx: >STATE:1703757359,WILL_CONNECT,178.33.61.116,,,,,
2023-12-28 10:55:59 openvpn: rx: >STATE:1703757359,WAIT,,,,,,
2023-12-28 10:56:59 openvpn: output: 2023-12-28 10:56:59 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2023-12-28 10:56:59 openvpn: output: 2023-12-28 10:56:59 TLS Error: TLS handshake failed
2023-12-28 10:56:59 openvpn: output: 2023-12-28 10:56:59 SIGTERM[soft,tls-error] received, process exiting
2023-12-28 10:56:59 openvpn: output: 2023-12-28 10:56:59 MANAGEMENT: >STATE:1703757419,EXITING,tls-error,,,,,
2023-12-28 10:56:59 openvpn: rx: >STATE:1703757419,EXITING,tls-error,,,,,
2023-12-28 10:56:59 l3 is now stable
2023-12-28 10:56:59 l3 does not fulfil config requirement
2023-12-28 10:56:59 l3 state change ‘l3_wait_stable’ ⇒ ‘l3_bring_down’ 2023-12-28 10:56:59 waiting for l3 providers to go down
2023-12-28 10:56:59 l3 state change ‘l3_bring_down’ ⇒ ‘l3_wait_down’ 2023-12-28 10:56:59 l3 state change ‘l3_wait_down’ ⇒ ‘l3_cleanup_start’ 2023-12-28 10:56:59 calling helper script at ‘/etc/fbxconnman/conn.post-down’ 2023-12-28 10:56:59 l3 state change ‘l3_cleanup_start’ ⇒ ‘l3_wait_postdown_helper’ 2023-12-28 10:56:59 l3 state change ‘l3_wait_postdown_helper’ ⇒ ‘l3_cleanup_finish’ 2023-12-28 10:56:59 l3 state change ‘l3_cleanup_finish’ ⇒ ‘l3_finished’ 2023-12-28 10:56:59 state change ‘wait_l3_up’ ⇒ ‘wait_l3_down’ 2023-12-28 10:56:59 l3 state change ‘l3_finished’ ⇒ ‘l3_down’ 2023-12-28 10:56:59 state is now DOWN
2023-12-28 10:56:59 state change ‘wait_l3_down’ ⇒ ‘l3_finished’ 2023-12-28 10:56:59 state change ‘l3_finished’ ⇒ ‘wait_l2_down’ 2023-12-28 10:56:59 l2 state change ‘l2_up’ ⇒ ‘l2_cleanup’ 2023-12-28 10:56:59 l2 state change ‘l2_cleanup’ ⇒ ‘l2_down’ 2023-12-28 10:56:59 state change ‘wait_l2_down’ ⇒ ‘down’ 2023-12-28 11:01:59 state change ‘down’ ⇒ ‘wait_l2_up’ 2023-12-28 11:01:59 l2 state change ‘l2_down’ ⇒ ‘l2_up’ 2023-12-28 11:01:59 state change ‘wait_l2_up’ ⇒ ‘l2_up’ 2023-12-28 11:01:59 state change ‘l2_up’ ⇒ ‘wait_l3_up’ 2023-12-28 11:01:59 l3 state change ‘l3_down’ ⇒ ‘l3_start’ 2023-12-28 11:01:59 starting
2023-12-28 11:01:59 calling helper script at ‘/etc/fbxconnman/conn.pre-up’ 2023-12-28 11:01:59 l3 state change ‘l3_start’ ⇒ ‘l3_wait_preup_helper’ 2023-12-28 11:01:59 l3 state change ‘l3_wait_preup_helper’ ⇒ ‘l3_wait_stable’ 2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 OpenVPN 2.5.3 aarch64-unknown-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul 11 2023
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 library versions: OpenSSL 1.1.1s 1 Nov 2022, LZO 2.09
2023-12-28 11:01:59 openvpn: connected to management interface
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 MANAGEMENT: Connected to management server at unix_mgt.sock
2023-12-28 11:01:59 openvpn: rx: >INFO:OpenVPN Management Interface Version 3 – type ‘help’ for more info
2023-12-28 11:01:59 openvpn: rx: >HOLD:Waiting for hold release:0
2023-12-28 11:01:59 openvpn: tx: hold release
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 MANAGEMENT: CMD ‘hold release’ 2023-12-28 11:01:59 openvpn: rx: SUCCESS: hold release succeeded
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 MANAGEMENT: CMD ‘state on’ 2023-12-28 11:01:59 openvpn: rx: SUCCESS: real-time state notification set to ON
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 MANAGEMENT: >STATE:1703757719,WILL_CONNECT,178.33.61.116,,,,,
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 Outgoing Control Channel Encryption: Cipher ‘AES-256-CTR’ initialized with 256 bit key
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 Outgoing Control Channel Encryption: Using 256 bit message hash ‘SHA256’ for HMAC authentication
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 Incoming Control Channel Encryption: Cipher ‘AES-256-CTR’ initialized with 256 bit key
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 Incoming Control Channel Encryption: Using 256 bit message hash ‘SHA256’ for HMAC authentication
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 TCP/UDP: Preserving recently used remote address: [AF_INET]178.33.61.116:1194
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 Socket Buffers: R=[212992→212992] S=[212992→212992]
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 UDP link local: (not bound)
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 UDP link remote: [AF_INET]178.33.61.116:1194
2023-12-28 11:01:59 openvpn: output: 2023-12-28 11:01:59 MANAGEMENT: >STATE:1703757719,WAIT,,,,,,
2023-12-28 11:01:59 openvpn: rx: >STATE:1703757719,WILL_CONNECT,178.33.61.116,,,,,
2023-12-28 11:01:59 openvpn: rx: >STATE:1703757719,WAIT,,,,,,
2023-12-28 11:02:59 openvpn: output: 2023-12-28 11:02:59 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2023-12-28 11:02:59 openvpn: output: 2023-12-28 11:02:59 TLS Error: TLS handshake failed
2023-12-28 11:02:59 openvpn: output: 2023-12-28 11:02:59 SIGTERM[soft,tls-error] received, process exiting
2023-12-28 11:02:59 openvpn: output: 2023-12-28 11:02:59 MANAGEMENT: >STATE:1703757779,EXITING,tls-error,,,,,
2023-12-28 11:02:59 openvpn: rx: >STATE:1703757779,EXITING,tls-error,,,,,
2023-12-28 11:02:59 l3 is now stable
2023-12-28 11:02:59 l3 does not fulfil config requirement
2023-12-28 11:02:59 l3 state change ‘l3_wait_stable’ ⇒ ‘l3_bring_down’ 2023-12-28 11:02:59 waiting for l3 providers to go down
2023-12-28 11:02:59 l3 state change ‘l3_bring_down’ ⇒ ‘l3_wait_down’ 2023-12-28 11:02:59 l3 state change ‘l3_wait_down’ ⇒ ‘l3_cleanup_start’ 2023-12-28 11:02:59 calling helper script at ‘/etc/fbxconnman/conn.post-down’ 2023-12-28 11:02:59 l3 state change ‘l3_cleanup_start’ ⇒ ‘l3_wait_postdown_helper’ 2023-12-28 11:02:59 l3 state change ‘l3_wait_postdown_helper’ ⇒ ‘l3_cleanup_finish’ 2023-12-28 11:02:59 l3 state change ‘l3_cleanup_finish’ ⇒ ‘l3_finished’ 2023-12-28 11:02:59 state change ‘wait_l3_up’ ⇒ ‘wait_l3_down’ 2023-12-28 11:02:59 l3 state change ‘l3_finished’ ⇒ ‘l3_down’ 2023-12-28 11:02:59 state is now DOWN
2023-12-28 11:02:59 state change ‘wait_l3_down’ ⇒ ‘l3_finished’ 2023-12-28 11:02:59 state change ‘l3_finished’ ⇒ ‘wait_l2_down’ 2023-12-28 11:02:59 l2 state change ‘l2_up’ ⇒ ‘l2_cleanup’ 2023-12-28 11:02:59 l2 state change ‘l2_cleanup’ ⇒ ‘l2_down’ 2023-12-28 11:02:59 state change ‘wait_l2_down’ ⇒ ‘down’
Merci de votre aide et bonne journée.
Loading...
Available keyboard shortcuts
- Alt + ⇧ Shift + l Login Dialog / Logout
- Alt + ⇧ Shift + a Add new task
- Alt + ⇧ Shift + m My searches
- Alt + ⇧ Shift + t focus taskid search
Tasklist
- o open selected task
- j move cursor down
- k move cursor up
Task Details
- n Next task
- p Previous task
- Alt + ⇧ Shift + e ↵ Enter Edit this task
- Alt + ⇧ Shift + w watch task
- Alt + ⇧ Shift + y Close Task
Task Editing
- Alt + ⇧ Shift + s save task
Connexion avec OpenVPN Cipher ‘AES-256-CTR’ obsolète ou non-implémenté !
Changement pour OpenVPN Cipher ‘AES-256-CGM’
Merci de ce commentaire
Pour info, voici le debut de mon fichier ovpn :
client
proto udp
remote 178.33.61.116 1194
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_l6ykLjHfY3OmN8kJ name
auth SHA256
auth-nocache
cipher AES-128-GCM
tls-client
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
setenv opt block-outside-dns
verb 0
Je vois ceci = cipher AES-128-GCM
Dois-je ou puis-je modifier cette ligne ??? Que faire ?
Changement de fournisseur OpenVPN conseillé…
P.S : Certificat OpenVPN obsolète, le "cipher AES-256-CBC" fonctionne correctement.
Est-ce que le login/mot de passe est correct ?
Est-ce que le serveur VPN fournit bien une connectivité IPv4 ?
Négatif, fichier .ovpn incompatible avec freeboxOS…