Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 0 replies
  • Subscribers 38 subscribers
  • Views 1334 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

openvpn mit SSL über IPv6

LennySimpsons
Hallo zusammen,

ich habe den openvpn Server auf ipv6 umgestellt, da ich einen IPv6-Light Anschluss besitze.

Das Mapping von IPv4 zu IPv6 übernimmt ein Account bei feste-ip.net.

Bis zur UTM komme ich, jedoch erhalte ich dann immer die Fehlermeldung, dass "Die Zugangsdaten (Passphrase oder Benutzername/Password) wurde vom VPN-Server nicht akzeptiert" erscheint.

Im Logfile des Servers steht SENT CONTROL [USER]: 'AUTH_FAILED' (status=1)


Auszug aus dem Logfile vom Server (UTM SG115 mit der SW-Version 9.312-8):

): P_CONTROL_V1 kid=0 [ ] pid=30 DATA len=78
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 TLS: Username/Password authentication deferred for username 'USER' [CN SET]
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 TCPv6_SERVER WRITE [126] to [AF_INET6]2001:4ba0:34a:fe23::1:39158 (via [AF_INET6]2a00:61e0:3201:4523:::29930
): P_CONTROL_V1 kid=0 [ 30 ] pid=27 DATA len=100
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 TCPv6_SERVER WRITE [114] to [AF_INET6]2001:4ba0:34a:fe23::1:39158 (via [AF_INET6]2a00:61e0:3201:4523:::29930
): P_CONTROL_V1 kid=0 [ ] pid=28 DATA len=100
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 TCPv6_SERVER WRITE [96] to [AF_INET6]2001:4ba0:34a:fe23::1:39158 (via [AF_INET6]2a00:61e0:3201:4523:::29930)
: P_CONTROL_V1 kid=0 [ ] pid=29 DATA len=82
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 TCPv6_SERVER READ [22] from [AF_INET6]2001:4ba0:34a:fe23::1:39158 (via [AF_INET6]2a00:61e0:3201:4523:::29930
): P_ACK_V1 kid=0 [ 27 ]
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 TCPv6_SERVER READ [26] from [AF_INET6]2001:4ba0:34a:fe23::1:39158 (via [AF_INET6]2a00:61e0:3201:4523:::29930
): P_ACK_V1 kid=0 [ 28 29 ]
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2015:06:10-16:50:06 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 [USER] Peer Connection Initiated with [AF_INET6]2001:4ba0:34a:fe23::1:39158 (via [AF_INET6]2a00:61e0:4085:590
1:::29930)
2015:06:10-16:50:09 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 TCPv6_SERVER READ [104] from [AF_INET6]2001:4ba0:34a:fe23::1:39158 (via [AF_INET6]2a00:61e0:3201:4523:::2993
0): P_CONTROL_V1 kid=0 [ ] pid=31 DATA len=90
2015:06:10-16:50:09 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 PUSH: Received control message: 'PUSH_REQUEST'
2015:06:10-16:50:09 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 TCPv6_SERVER WRITE [22] to [AF_INET6]2001:4ba0:34a:fe23::1:39158 (via [AF_INET6]2a00:61e0:3201:4523:::29930)
: P_ACK_V1 kid=0 [ 31 ]
2015:06:10-16:50:14 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 TCPv6_SERVER READ [88] from [AF_INET6]2001:4ba0:34a:fe23::1:39158 (via [AF_INET6]2a00:61e0:3201:4523:::29930
): P_CONTROL_V1 kid=0 [ ] pid=32 DATA len=74
2015:06:10-16:50:14 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 PUSH: Received control message: 'PUSH_REQUEST'
2015:06:10-16:50:14 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 Delayed exit in 5 seconds
2015:06:10-16:50:14 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 SENT CONTROL [USER]: 'AUTH_FAILED' (status=1)
2015:06:10-16:50:14 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 TCPv6_SERVER WRITE [22] to [AF_INET6]2001:4ba0:34a:fe23::1:39158 (via [AF_INET6]2a00:61e0:3201:4523:::29930)
: P_ACK_V1 kid=0 [ 32 ]
2015:06:10-16:50:14 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 TCPv6_SERVER WRITE [104] to [AF_INET6]2001:4ba0:34a:fe23::1:39158 (via [AF_INET6]2a00:61e0:3201:4523:::29930
): P_CONTROL_V1 kid=0 [ ] pid=30 DATA len=90
2015:06:10-16:50:14 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 Connection reset, restarting [0]
2015:06:10-16:50:14 astaro openvpn[25774]: 2001:4ba0:34a:fe23::1 SIGUSR1[soft,connection-reset] received, client-instance restarting


Hat jemand eine Idee, woran dies liegen könnte?


This thread was automatically locked due to age.
Unfiltered HTML