Xavier Poinsard wrote:
Tu as bien mis sur le client et le serveur :
persist-key
persist-tun
Oui, aucun soucis ici...
as-tu essayé de changer le keepalive ? :
keepalive 30 200
Je viens de le faire...
Le temps s'allonge (non plus 10, mais 24 secondes, mais pas les 30 du
timeout)
Toujours le même log...
Thu Nov 10 15:19:02 2005 TUN/TAP device tun0 opened
Thu Nov 10 15:19:02 2005 ifconfig tun0 192.168.99.14 pointopoint
192.168.99.13 mtu 1500
Thu Nov 10 15:19:02 2005 route add -net 192.168.4.0 netmask
255.255.255.0 gw 192.168.99.13
Thu Nov 10 15:19:02 2005 route add -net 192.168.99.1 netmask
255.255.255.255 gw 192.168.99.13
Thu Nov 10 15:19:02 2005 Initialization Sequence Completed
Connected successfully
Thu Nov 10 15:19:26 2005 Connection reset, restarting [0]
Thu Nov 10 15:19:26 2005 TCP/UDP: Closing socket
Thu Nov 10 15:19:26 2005 SIGUSR1[soft,connection-reset] received,
process restarting
Thu Nov 10 15:19:26 2005 Restart pause, 5 second(s)
En revanche, côté serveur, j'ai ça :
Thu Nov 10 15:19:14 2005 xxxx:21685 Data Channel Encrypt: Cipher
'AES-128-CBC' initialized with 128 bit key
Thu Nov 10 15:19:14 2005 xxxx:21685 Data Channel Encrypt: Using 160 bit
message hash 'SHA1' for HMAC authentication
Thu Nov 10 15:19:14 2005 xxxx:21685 Data Channel Decrypt: Cipher
'AES-128-CBC' initialized with 128 bit key
Thu Nov 10 15:19:14 2005 xxxx:21685 Data Channel Decrypt: Using 160 bit
message hash 'SHA1' for HMAC authentication
Thu Nov 10 15:19:14 2005 xxxx:21685 Control Channel: TLSv1, cipher
TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 10 15:19:14 2005 xxxx:21685 [florian] Peer Connection Initiated
with xxxx:21685
Thu Nov 10 15:19:14 2005 florian/xxxx:21685 MULTI: Learn: 192.168.99.14
-> florian/xxxx:21685
Thu Nov 10 15:19:14 2005 florian/xxxx:21685 MULTI: primary virtual IP
for florian/xxxx:21685: 192.168.99.14
Thu Nov 10 15:19:15 2005 florian/xxxx:21685 PUSH: Received control
message: 'PUSH_REQUEST'
Thu Nov 10 15:19:15 2005 florian/xxxx:21685 SENT CONTROL [florian]:
'PUSH_REPLY,route 192.168.4.0 255.255.255.0,route 192.168.99.1,ping
30,ping-restart 220,ifconfig 192.168.99.14 192.168.99.13' (status=1)
Thu Nov 10 15:19:40 2005 florian/xxxx:21685 Authenticate/Decrypt packet
error: cipher final failed
Thu Nov 10 15:19:40 2005 florian/xxxx:21685 Fatal decryption error
(process_incoming_link), restarting
Thu Nov 10 15:19:40 2005 florian/xxxx:21685
SIGUSR1[soft,decryption-error] received, client-instance restarting
Rien de significatif sur google à propos de cette erreur "cipher final
failed" à part un soucis d'openssl...
help :(
--
Pensez à lire la FAQ de la liste avant de poser une question :
http://wiki.debian.net/?DebianFrench
Pensez à rajouter le mot ``spam'' dans vos champs "From" et "Reply-To:"
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]