Problem with establishing VPN connections with client

Tony Zhou tonytzhou at
Thu Nov 14 17:01:09 EST 2013

I cloned the current one in git and tried with sample config. no avail.

BTW, by default configuration ocserv does seems to listen on IPv6. Tried 
listen-host= to fix it on IPv4 interface, but smoothconnect still 
does not I guess it's not ipv6 related.

By saying "disable certificate check" do you mean allowing the client to 
override cert errors (such as allowing self-signed cert)? If so I have 
those options on.


On 11/14/2013 4:40 PM, Nikos Mavrogiannopoulos wrote:
> On Thu, 2013-11-14 at 13:12 -0500, Tony Zhou wrote:
>> I don't think the problem is from ipv6 since neither my box nor my phone
>> has ipv6 connection. And ipv6 entries were commented out in the conf file.
> There were IPv6 addresses sent in the previous log you sent.
>> I'm not quite sure about what does this log tell, does it look legit?
>> Nov 15 03:07:01 hostname ocserv[2864]: [client.ip.addr]:31328 received
>> -110 byte(s) (TLS)
>> Nov 15 03:07:01 hostname ocserv[2864]: GnuTLS error (at
>> worker-vpn.c:1161): The TLS connection was non-properly terminated.
> Yes it is normal except for the last lines. There it says that the peer
> terminated the connection. It is on the client you're going to find out
> the disconnection reason and the smoothconnect thing had a log.
> Did you try to disable certificate checking etc from the client?
> You didn't answer whether you tried with the default configuration.
> regards,
> Nikos

More information about the openconnect-devel mailing list