Problem with establishing VPN connections with client
Tony Zhou
tonytzhou at gmail.com
Thu Nov 14 17:01:09 EST 2013
I cloned the current one in git and tried with sample config. no avail.
BTW, by default configuration ocserv does seems to listen on IPv6. Tried
listen-host=0.0.0.0 to fix it on IPv4 interface, but smoothconnect still
does not work...so I guess it's not ipv6 related.
By saying "disable certificate check" do you mean allowing the client to
override cert errors (such as allowing self-signed cert)? If so I have
those options on.
Thanks,
TZ
On 11/14/2013 4:40 PM, Nikos Mavrogiannopoulos wrote:
> On Thu, 2013-11-14 at 13:12 -0500, Tony Zhou wrote:
>> I don't think the problem is from ipv6 since neither my box nor my phone
>> has ipv6 connection. And ipv6 entries were commented out in the conf file.
> There were IPv6 addresses sent in the previous log you sent.
>
>> I'm not quite sure about what does this log tell, does it look legit?
>> Nov 15 03:07:01 hostname ocserv[2864]: [client.ip.addr]:31328 received
>> -110 byte(s) (TLS)
>> Nov 15 03:07:01 hostname ocserv[2864]: GnuTLS error (at
>> worker-vpn.c:1161): The TLS connection was non-properly terminated.
> Yes it is normal except for the last lines. There it says that the peer
> terminated the connection. It is on the client you're going to find out
> the disconnection reason and the smoothconnect thing had a log.
>
> Did you try to disable certificate checking etc from the client?
>
> You didn't answer whether you tried with the default configuration.
>
> regards,
> Nikos
>
>
More information about the openconnect-devel
mailing list