Thanks Peter for a quick reply. Yes we have a connection with reciving server, in wireshark I can see that vi get three ack:s on establishment. As I understand it, on third Ack the TLS is supposed to be sent, but instead my Stunnel halts on 10 sek. And there I stand..... The reciving server is not reply to non-crypted communication. //Janne
-----Ursprungligt meddelande----- Från: Peter Pentchev <[email protected]> Skickat: den 13 mars 2020 11:44 Till: Jan Falk <[email protected]> Kopia: [email protected] Ämne: Re: [stunnel-users] S-tunnel will not send TLS On Fri, Mar 13, 2020 at 09:42:27AM +0000, Jan Falk wrote: > Hi. > Can someone tell me why Stunnel stops at wating 10s? Log: > > 2020.03.12 09:43:36 LOG6[main]: Initializing service > [x3_x4_DICOM_BFT_client] [snip] > 2020.03.12 09:44:37 LOG7[0]: Service [x3_x4_HL7_BFT_client] started > 2020.03.12 09:44:37 LOG7[0]: Setting local socket options (FD=508) > 2020.03.12 09:44:37 LOG7[0]: Option TCP_NODELAY set on local socket > 2020.03.12 09:44:37 LOG5[0]: Service [x3_x4_HL7_BFT_client] accepted > connection from 127.0.0.1:50299 > 2020.03.12 09:44:37 LOG6[0]: s_connect: connecting 10.67.6.106:6161 > 2020.03.12 09:44:37 LOG7[0]: s_connect: s_poll_wait 10.67.6.106:6161: > waiting 10 seconds Have you made sure that there is something listening on port 6161 of the 10.67.6.106 host and that the host that stunnel is running on can establish a connection to it? No firewalls, no routing problems or anything like that? What happens if you run - on the host that stunnel runs on - this: nc -v -z 10.67.6.106 6161 ...and also, if stunnel is supposed to establish a secure connection to that host (that is, if stunnel is working in client mode): openssl s_client -connect 10.67.6.106:6161 The first command should exit immediately and tell you that a TCP connection was established successfully; the second one should also try to negotiate a TLS connection and show you what the server on the other side tells you after the connection has been established. G'luck, Peter -- Peter Pentchev roam@{ringlet.net,debian.org,FreeBSD.org} [email protected] PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 _______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
