search

jpetazzo / dockvpn

Recipe to build an OpenVPN image for Docker
Apache License 2.0
834 stars 295 forks source link

Can't Connect #22

Closed uptownhr closed 9 years ago

uptownhr commented 9 years ago

Server starts, and I used to be able to connect perfectly using the downloaded profile. Using Viscosity as my client and again used to work. However, the connection is not made anymore. Here's the logs from Client and Server. Please help debug....

Client

Jul 07 13:46:50: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jul 07 13:46:50: UDPv4 link local: [undef]
Jul 07 13:46:50: UDPv4 link remote: [AF_INET]107.170.193.144:1194
Jul 07 13:46:51: TLS_ERROR: BIO read tls_read_plaintext error: error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small
Jul 07 13:46:51: TLS Error: TLS object -> incoming plaintext read error
Jul 07 13:46:51: TLS Error: TLS handshake failed
Jul 07 13:46:51: SIGUSR1[soft,tls-error] received, process restarting
Jul 07 13:47:00: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jul 07 13:47:00: UDPv4 link local: [undef]
Jul 07 13:47:00: UDPv4 link remote: [AF_INET]107.170.193.144:1194
Jul 07 13:47:01: TLS_ERROR: BIO read tls_read_plaintext error: error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small
Jul 07 13:47:01: TLS Error: TLS object -> incoming plaintext read error
Jul 07 13:47:01: TLS Error: TLS handshake failed
Jul 07 13:47:01: SIGUSR1[soft,tls-error] received, process restarting
Jul 07 13:47:11: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jul 07 13:47:11: UDPv4 link local: [undef]
Jul 07 13:47:11: UDPv4 link remote: [AF_INET]107.170.193.144:1194
Jul 07 13:47:13: TLS_ERROR: BIO read tls_read_plaintext error: error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small
Jul 07 13:47:13: TLS Error: TLS object -> incoming plaintext read error
Jul 07 13:47:13: TLS Error: TLS handshake failed
Jul 07 13:47:13: SIGUSR1[soft,tls-error] received, process restarting
Jul 07 13:47:22: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jul 07 13:47:22: UDPv4 link local: [undef]
Jul 07 13:47:22: UDPv4 link remote: [AF_INET]107.170.193.144:1194
Jul 07 13:47:27: TLS_ERROR: BIO read tls_read_plaintext error: error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small
Jul 07 13:47:27: TLS Error: TLS object -> incoming plaintext read error
Jul 07 13:47:27: TLS Error: TLS handshake failed
Jul 07 13:47:27: SIGUSR1[soft,tls-error] received, process restarting
Jul 07 13:47:32: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jul 07 13:47:32: UDPv4 link local: [undef]
Jul 07 13:47:32: UDPv4 link remote: [AF_INET]107.170.193.144:1194
Jul 07 13:47:33: TLS_ERROR: BIO read tls_read_plaintext error: error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small
Jul 07 13:47:33: TLS Error: TLS object -> incoming plaintext read error
Jul 07 13:47:33: TLS Error: TLS handshake failed
Jul 07 13:47:33: SIGUSR1[soft,tls-error] received, process restarting
Jul 07 13:47:43: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jul 07 13:47:43: UDPv4 link local: [undef]
Jul 07 13:47:43: UDPv4 link remote: [AF_INET]107.170.193.144:1194
Jul 07 13:47:45: TLS_ERROR: BIO read tls_read_plaintext error: error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small
Jul 07 13:47:45: TLS Error: TLS object -> incoming plaintext read error
Jul 07 13:47:45: TLS Error: TLS handshake failed
Jul 07 13:47:45: SIGUSR1[soft,tls-error] received, process restarting
Jul 07 13:47:53: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jul 07 13:47:53: UDPv4 link local: [undef]
Jul 07 13:47:53: UDPv4 link remote: [AF_INET]107.170.193.144:1194
Jul 07 13:47:54: TLS_ERROR: BIO read tls_read_plaintext error: error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small
Jul 07 13:47:54: TLS Error: TLS object -> incoming plaintext read error
Jul 07 13:47:54: TLS Error: TLS handshake failed
Jul 07 13:47:54: SIGUSR1[soft,tls-error] received, process restarting
Jul 07 13:48:04: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jul 07 13:48:04: UDPv4 link local: [undef]
Jul 07 13:48:04: UDPv4 link remote: [AF_INET]107.170.193.144:1194
Jul 07 13:48:06: TLS_ERROR: BIO read tls_read_plaintext error: error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small
Jul 07 13:48:06: TLS Error: TLS object -> incoming plaintext read error
Jul 07 13:48:06: TLS Error: TLS handshake failed
Jul 07 13:48:06: SIGUSR1[soft,tls-error] received, process restarting
Jul 07 13:48:14: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jul 07 13:48:14: UDPv4 link local: [undef]
Jul 07 13:48:14: UDPv4 link remote: [AF_INET]107.170.193.144:1194
Jul 07 13:48:15: TLS_ERROR: BIO read tls_read_plaintext error: error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small
Jul 07 13:48:15: TLS Error: TLS object -> incoming plaintext read error
Jul 07 13:48:15: TLS Error: TLS handshake failed
Jul 07 13:48:15: SIGUSR1[soft,tls-error] received, process restarting
Jul 07 13:48:25: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jul 07 13:48:25: UDPv4 link local: [undef]
Jul 07 13:48:25: UDPv4 link remote: [AF_INET]107.170.193.144:1194
Jul 07 13:48:26: SIGTERM[hard,] received, process exiting

Server

==> tcp443.log <==
Tue Jul  7 20:42:44 2015 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Mar 30 2012

==> udp1194.log <==
Tue Jul  7 20:42:44 2015 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Mar 30 2012
Tue Jul  7 20:42:44 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Jul  7 20:42:44 2015 Diffie-Hellman initialized with 512 bit key
Tue Jul  7 20:42:44 2015 TLS-Auth MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]

==> tcp443.log <==
Tue Jul  7 20:42:44 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

==> udp1194.log <==
Tue Jul  7 20:42:44 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]

==> tcp443.log <==
Tue Jul  7 20:42:44 2015 Diffie-Hellman initialized with 512 bit key

==> udp1194.log <==
Tue Jul  7 20:42:44 2015 ROUTE default_gateway=172.17.42.1

==> tcp443.log <==
Tue Jul  7 20:42:44 2015 TLS-Auth MTU parms [ L:1543 D:140 EF:40 EB:0 ET:0 EL:0 ]

==> udp1194.log <==
Tue Jul  7 20:42:44 2015 TUN/TAP device tun1194 opened
Tue Jul  7 20:42:44 2015 TUN/TAP TX queue length set to 100
Tue Jul  7 20:42:44 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Jul  7 20:42:44 2015 /sbin/ifconfig tun1194 192.168.255.129 pointopoint 192.168.255.130 mtu 1500

==> tcp443.log <==
Tue Jul  7 20:42:44 2015 Socket Buffers: R=[87380->131072] S=[87380->131072]
Tue Jul  7 20:42:44 2015 ROUTE default_gateway=172.17.42.1
Tue Jul  7 20:42:44 2015 TUN/TAP device tun443 opened
Tue Jul  7 20:42:44 2015 TUN/TAP TX queue length set to 100
Tue Jul  7 20:42:44 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Jul  7 20:42:44 2015 /sbin/ifconfig tun443 192.168.255.1 pointopoint 192.168.255.2 mtu 1500

==> udp1194.log <==
Tue Jul  7 20:42:44 2015 /sbin/route add -net 192.168.255.128 netmask 255.255.255.128 gw 192.168.255.130

==> tcp443.log <==
Tue Jul  7 20:42:44 2015 /sbin/route add -net 192.168.255.0 netmask 255.255.255.128 gw 192.168.255.2

==> udp1194.log <==
Tue Jul  7 20:42:44 2015 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:42:44 2015 UDPv4 link local (bound): [undef]
Tue Jul  7 20:42:44 2015 UDPv4 link remote: [undef]
Tue Jul  7 20:42:44 2015 MULTI: multi_init called, r=256 v=256
Tue Jul  7 20:42:44 2015 IFCONFIG POOL: base=192.168.255.132 size=30, ipv6=0
Tue Jul  7 20:42:44 2015 Initialization Sequence Completed

==> tcp443.log <==
Tue Jul  7 20:42:44 2015 Data Channel MTU parms [ L:1543 D:1450 EF:43 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:42:44 2015 Listening for incoming TCP connection on [undef]
Tue Jul  7 20:42:44 2015 TCPv4_SERVER link local (bound): [undef]
Tue Jul  7 20:42:44 2015 TCPv4_SERVER link remote: [undef]
Tue Jul  7 20:42:44 2015 MULTI: multi_init called, r=256 v=256
Tue Jul  7 20:42:44 2015 IFCONFIG POOL: base=192.168.255.4 size=30, ipv6=0
Tue Jul  7 20:42:44 2015 MULTI: TCP INIT maxclients=1024 maxevents=1028
Tue Jul  7 20:42:44 2015 Initialization Sequence Completed

==> http8080.log <==
2015/07/07 20:45:02 socat[6] N listening on AF=2 0.0.0.0:8080
2015/07/07 20:45:24 socat[6] N accepting connection from AF=2 173.196.143.197:14727 on AF=2 172.17.0.11:8080
2015/07/07 20:45:24 socat[6] N forked off child process 7
2015/07/07 20:45:24 socat[6] N listening on AF=2 0.0.0.0:8080
2015/07/07 20:45:24 socat[7] N no peer certificate and no check
2015/07/07 20:45:24 socat[7] N SSL connection using AES128-GCM-SHA256
2015/07/07 20:45:24 socat[7] N forking off child, using socket for reading and writing
2015/07/07 20:45:24 socat[7] N forked off child process 8
2015/07/07 20:45:24 socat[7] N forked off child process 8
2015/07/07 20:45:24 socat[7] N starting data transfer loop with FDs [5,5] and [4,4]
2015/07/07 20:45:24 socat[8] N execvp'ing "cat"
2015/07/07 20:45:24 socat[7] N socket 2 (fd 4) is at EOF
2015/07/07 20:45:24 socat[7] N socket 1 (fd 5) is at EOF
2015/07/07 20:45:24 socat[7] N socket 2 (fd 4) is at EOF
2015/07/07 20:45:24 socat[7] N exiting with status 0
2015/07/07 20:45:24 socat[6] N accepting connection from AF=2 173.196.143.197:58687 on AF=2 172.17.0.11:8080
2015/07/07 20:45:24 socat[6] N forked off child process 9
2015/07/07 20:45:24 socat[6] N listening on AF=2 0.0.0.0:8080
2015/07/07 20:45:25 socat[9] N no peer certificate and no check
2015/07/07 20:45:25 socat[9] N SSL connection using AES128-GCM-SHA256
2015/07/07 20:45:25 socat[9] N forking off child, using socket for reading and writing
2015/07/07 20:45:25 socat[9] N forked off child process 10
2015/07/07 20:45:25 socat[9] N forked off child process 10
2015/07/07 20:45:25 socat[9] N starting data transfer loop with FDs [5,5] and [4,4]
2015/07/07 20:45:25 socat[10] N execvp'ing "cat"
2015/07/07 20:45:25 socat[9] N socket 2 (fd 4) is at EOF
2015/07/07 20:45:25 socat[9] N socket 1 (fd 5) is at EOF
2015/07/07 20:45:25 socat[9] N socket 2 (fd 4) is at EOF
2015/07/07 20:45:25 socat[9] N exiting with status 0
2015/07/07 20:45:28 socat[6] N accepting connection from AF=2 173.196.143.197:36264 on AF=2 172.17.0.11:8080
2015/07/07 20:45:28 socat[6] N forked off child process 11
2015/07/07 20:45:28 socat[6] N listening on AF=2 0.0.0.0:8080
2015/07/07 20:45:28 socat[11] N no peer certificate and no check
2015/07/07 20:45:28 socat[11] N SSL connection using AES128-GCM-SHA256
2015/07/07 20:45:28 socat[11] N forking off child, using socket for reading and writing
2015/07/07 20:45:28 socat[11] N forked off child process 12
2015/07/07 20:45:28 socat[11] N forked off child process 12
2015/07/07 20:45:28 socat[11] N starting data transfer loop with FDs [5,5] and [4,4]
2015/07/07 20:45:28 socat[12] N execvp'ing "cat"
2015/07/07 20:45:28 socat[11] N socket 2 (fd 4) is at EOF
2015/07/07 20:45:28 socat[11] E write(4, 0x9ab550, 360): Broken pipe
2015/07/07 20:45:28 socat[11] N exit(1)
2015/07/07 20:45:28 socat[6] W waitpid(): child 11 exited with status 1

==> udp1194.log <==
Tue Jul  7 20:46:39 2015 MULTI: multi_create_instance called
Tue Jul  7 20:46:39 2015 173.196.143.197:63499 Re-using SSL/TLS context
Tue Jul  7 20:46:39 2015 173.196.143.197:63499 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:46:39 2015 173.196.143.197:63499 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:46:39 2015 173.196.143.197:63499 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:46:39 2015 173.196.143.197:63499 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:46:39 2015 173.196.143.197:63499 TLS: Initial packet from [AF_INET]173.196.143.197:63499, sid=436b9d23 31027dcd
Tue Jul  7 20:46:40 2015 MULTI: multi_create_instance called
Tue Jul  7 20:46:40 2015 173.196.143.197:10228 Re-using SSL/TLS context
Tue Jul  7 20:46:40 2015 173.196.143.197:10228 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:46:40 2015 173.196.143.197:10228 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:46:40 2015 173.196.143.197:10228 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:46:40 2015 173.196.143.197:10228 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:46:40 2015 173.196.143.197:10228 TLS: Initial packet from [AF_INET]173.196.143.197:10228, sid=633434e2 7fdc5cf9
Tue Jul  7 20:46:41 2015 MULTI: multi_create_instance called
Tue Jul  7 20:46:41 2015 173.196.143.197:62443 Re-using SSL/TLS context
Tue Jul  7 20:46:41 2015 173.196.143.197:62443 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:46:41 2015 173.196.143.197:62443 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:46:41 2015 173.196.143.197:62443 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:46:41 2015 173.196.143.197:62443 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:46:41 2015 173.196.143.197:62443 TLS: Initial packet from [AF_INET]173.196.143.197:62443, sid=368acda9 dbe98357

==> http8080.log <==
2015/07/07 20:46:48 socat[6] N exiting on signal 2

==> udp1194.log <==
Tue Jul  7 20:46:51 2015 MULTI: multi_create_instance called
Tue Jul  7 20:46:51 2015 173.196.143.197:63278 Re-using SSL/TLS context
Tue Jul  7 20:46:51 2015 173.196.143.197:63278 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:46:51 2015 173.196.143.197:63278 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:46:51 2015 173.196.143.197:63278 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:46:51 2015 173.196.143.197:63278 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:46:51 2015 173.196.143.197:63278 TLS: Initial packet from [AF_INET]173.196.143.197:63278, sid=46fd8d93 8fee3867
Tue Jul  7 20:47:02 2015 MULTI: multi_create_instance called
Tue Jul  7 20:47:02 2015 173.196.143.197:59896 Re-using SSL/TLS context
Tue Jul  7 20:47:02 2015 173.196.143.197:59896 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:47:02 2015 173.196.143.197:59896 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:47:02 2015 173.196.143.197:59896 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:47:02 2015 173.196.143.197:59896 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:47:02 2015 173.196.143.197:59896 TLS: Initial packet from [AF_INET]173.196.143.197:59896, sid=952b3b4f 777e5c4b
Tue Jul  7 20:47:13 2015 MULTI: multi_create_instance called
Tue Jul  7 20:47:13 2015 173.196.143.197:10161 Re-using SSL/TLS context
Tue Jul  7 20:47:13 2015 173.196.143.197:10161 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:47:13 2015 173.196.143.197:10161 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:47:13 2015 173.196.143.197:10161 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:47:13 2015 173.196.143.197:10161 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:47:13 2015 173.196.143.197:10161 TLS: Initial packet from [AF_INET]173.196.143.197:10161, sid=4f91f491 3d287a4d
Tue Jul  7 20:47:26 2015 MULTI: multi_create_instance called
Tue Jul  7 20:47:26 2015 173.196.143.197:64817 Re-using SSL/TLS context
Tue Jul  7 20:47:26 2015 173.196.143.197:64817 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:47:26 2015 173.196.143.197:64817 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:47:26 2015 173.196.143.197:64817 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:47:26 2015 173.196.143.197:64817 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:47:26 2015 173.196.143.197:64817 TLS: Initial packet from [AF_INET]173.196.143.197:64817, sid=135d41f6 0a7ce20b
Tue Jul  7 20:47:34 2015 MULTI: multi_create_instance called
Tue Jul  7 20:47:34 2015 173.196.143.197:61270 Re-using SSL/TLS context
Tue Jul  7 20:47:34 2015 173.196.143.197:61270 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:47:34 2015 173.196.143.197:61270 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:47:34 2015 173.196.143.197:61270 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:47:34 2015 173.196.143.197:61270 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:47:34 2015 173.196.143.197:61270 TLS: Initial packet from [AF_INET]173.196.143.197:61270, sid=6c1e099a de10e3f5
Tue Jul  7 20:47:39 2015 173.196.143.197:63499 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:47:39 2015 173.196.143.197:63499 TLS Error: TLS handshake failed
Tue Jul  7 20:47:39 2015 173.196.143.197:63499 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul  7 20:47:40 2015 173.196.143.197:10228 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:47:40 2015 173.196.143.197:10228 TLS Error: TLS handshake failed
Tue Jul  7 20:47:40 2015 173.196.143.197:10228 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul  7 20:47:41 2015 173.196.143.197:62443 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:47:41 2015 173.196.143.197:62443 TLS Error: TLS handshake failed
Tue Jul  7 20:47:41 2015 173.196.143.197:62443 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul  7 20:47:45 2015 MULTI: multi_create_instance called
Tue Jul  7 20:47:45 2015 173.196.143.197:63806 Re-using SSL/TLS context
Tue Jul  7 20:47:45 2015 173.196.143.197:63806 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:47:45 2015 173.196.143.197:63806 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:47:45 2015 173.196.143.197:63806 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:47:45 2015 173.196.143.197:63806 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:47:45 2015 173.196.143.197:63806 TLS: Initial packet from [AF_INET]173.196.143.197:63806, sid=977b96f8 fea15730
Tue Jul  7 20:47:51 2015 173.196.143.197:63278 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:47:51 2015 173.196.143.197:63278 TLS Error: TLS handshake failed
Tue Jul  7 20:47:51 2015 173.196.143.197:63278 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul  7 20:47:55 2015 MULTI: multi_create_instance called
Tue Jul  7 20:47:55 2015 173.196.143.197:7187 Re-using SSL/TLS context
Tue Jul  7 20:47:55 2015 173.196.143.197:7187 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:47:55 2015 173.196.143.197:7187 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:47:55 2015 173.196.143.197:7187 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:47:55 2015 173.196.143.197:7187 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:47:55 2015 173.196.143.197:7187 TLS: Initial packet from [AF_INET]173.196.143.197:7187, sid=1c6ff237 703747bc
Tue Jul  7 20:48:02 2015 173.196.143.197:59896 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:48:02 2015 173.196.143.197:59896 TLS Error: TLS handshake failed
Tue Jul  7 20:48:02 2015 173.196.143.197:59896 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul  7 20:48:05 2015 MULTI: multi_create_instance called
Tue Jul  7 20:48:05 2015 173.196.143.197:9654 Re-using SSL/TLS context
Tue Jul  7 20:48:05 2015 173.196.143.197:9654 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:48:05 2015 173.196.143.197:9654 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:48:05 2015 173.196.143.197:9654 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:48:05 2015 173.196.143.197:9654 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:48:05 2015 173.196.143.197:9654 TLS: Initial packet from [AF_INET]173.196.143.197:9654, sid=d640e615 61914848
Tue Jul  7 20:48:13 2015 173.196.143.197:10161 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:48:13 2015 173.196.143.197:10161 TLS Error: TLS handshake failed
Tue Jul  7 20:48:13 2015 173.196.143.197:10161 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul  7 20:48:16 2015 MULTI: multi_create_instance called
Tue Jul  7 20:48:16 2015 173.196.143.197:1832 Re-using SSL/TLS context
Tue Jul  7 20:48:16 2015 173.196.143.197:1832 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:48:16 2015 173.196.143.197:1832 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:48:16 2015 173.196.143.197:1832 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:48:16 2015 173.196.143.197:1832 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:48:16 2015 173.196.143.197:1832 TLS: Initial packet from [AF_INET]173.196.143.197:1832, sid=507c749c b6c88b61
Tue Jul  7 20:48:26 2015 173.196.143.197:64817 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:48:26 2015 173.196.143.197:64817 TLS Error: TLS handshake failed
Tue Jul  7 20:48:26 2015 173.196.143.197:64817 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul  7 20:48:27 2015 MULTI: multi_create_instance called
Tue Jul  7 20:48:27 2015 173.196.143.197:5793 Re-using SSL/TLS context
Tue Jul  7 20:48:27 2015 173.196.143.197:5793 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jul  7 20:48:27 2015 173.196.143.197:5793 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Jul  7 20:48:27 2015 173.196.143.197:5793 Local Options hash (VER=V4): '239669a8'
Tue Jul  7 20:48:27 2015 173.196.143.197:5793 Expected Remote Options hash (VER=V4): '3514370b'
Tue Jul  7 20:48:27 2015 173.196.143.197:5793 TLS: Initial packet from [AF_INET]173.196.143.197:5793, sid=6fc806fd bf60d7d5
Tue Jul  7 20:48:34 2015 173.196.143.197:61270 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:48:34 2015 173.196.143.197:61270 TLS Error: TLS handshake failed
Tue Jul  7 20:48:34 2015 173.196.143.197:61270 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul  7 20:48:46 2015 173.196.143.197:63806 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:48:46 2015 173.196.143.197:63806 TLS Error: TLS handshake failed
Tue Jul  7 20:48:46 2015 173.196.143.197:63806 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul  7 20:48:55 2015 173.196.143.197:7187 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:48:55 2015 173.196.143.197:7187 TLS Error: TLS handshake failed
Tue Jul  7 20:48:55 2015 173.196.143.197:7187 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul  7 20:49:06 2015 173.196.143.197:9654 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:49:06 2015 173.196.143.197:9654 TLS Error: TLS handshake failed
Tue Jul  7 20:49:06 2015 173.196.143.197:9654 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul  7 20:49:16 2015 173.196.143.197:1832 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:49:16 2015 173.196.143.197:1832 TLS Error: TLS handshake failed
Tue Jul  7 20:49:16 2015 173.196.143.197:1832 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Jul  7 20:49:28 2015 173.196.143.197:5793 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jul  7 20:49:28 2015 173.196.143.197:5793 TLS Error: TLS handshake failed
Tue Jul  7 20:49:28 2015 173.196.143.197:5793 SIGUSR1[soft,tls-error] received, client-instance restarting
jpetazzo commented 9 years ago

I don't know what could be wrong here, sorry. I'd suggest to try to regenerate a config and see if it changes anything.

ClashTheBunny commented 9 years ago 
Jul 07 13:46:51: TLS_ERROR: BIO read tls_read_plaintext error: error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small

This is fixed by this: https://github.com/jpetazzo/dockvpn/commit/eb6efc5ef36d7e56be2531143b7a89cd3e95d51b

You need a new dh. New OpenSSL versions don't support smaller than 768 because of a downgrade attack. Just generate a new setup and you're good to go.

jpetazzo commented 9 years ago

Oh, indeed! Thanks @ClashTheBunny. Very well obvserved!