Jump to content


Photo

connection refused (61), osx, avpn with ssl tunnel


  • Please log in to reply
11 replies to this topic

#1 darckhart

darckhart

    Member

  • Members
  • PipPip
  • 16 posts

Posted 14 April 2014 - 03:30 AM

as per the announcement, after upgrading, i am unable to connect using airvpn with ssl tunnel. any help appreciated!

 

 

background: i am on a mid 2012 macbook air running osx v10.9.2 mavericks which apparently comes with openssl v0.9.8y

 

i use tunnelblick as recommended for a simple gui for openvpn. i downloaded and installed v3.4 b22 on top of my previous version as recommended in their instructions.

 

after installing the new version of tunnelblick, i performed the following:

 

1. removed all previous tunnelblick configurations by (1) deleting them from tunnelblick settings menu, then exit tunnelblick, (2) manually deleting the folders.

2. logged into airvpn config generator and selected osx, my preferred server, advanced mode ssl tunnel port 443, and checked the box for bundle executable as instructed by this page: https://airvpn.org/ssl/

3. saved the generated files in a zip, then unzipped to a folder

4. launched tunnelblick, where upon it detected no configs, asked me to make some. i followed the message prompts as instructed.

5. finally, as i used to do, opened a terminal and cd into my unzipped folder, launch stunnel using the generated ssl config file, switch back to tunnelblick and choose to connect using the imported ovpn config file.

 

at this point, before upgrades, i could see in the terminal connections occurring fine. today, after upgrade, i receive the error message (edited):

 

timestamp LOGx [bunch of numbers: more numbers] : Service [openvpn] accepted connection from 127.0.0.1:64180

timestamp LOGx [bunch of numbers: more numbers] : connect_blocking: connecting my_preferred_server:443

timestamp LOGx [bunch of numbers: more numbers] : connect_blocking: connect my_preferred_server:443: Connection refused (61)

timestamp LOGx [bunch of numbers: more numbers] : Connection reset : 0 byte(s) sent to SSL, 0 byte(s) sent to socket

 

and then it keeps retrying. any ideas? thanks!



#2 secure1

secure1

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 14 April 2014 - 03:45 AM

I'm seeing the same thing on Windows 7 using stunnel after the upgrade.

 

2014.04.13 23:37:46 LOG5[6132]: Service [openvpn] accepted connection from 127.0.0.1:58555
2014.04.13 23:37:46 LOG6[6132]: s_connect: connecting 46.21.154.84:443
2014.04.13 23:37:56 LOG3[6132]: s_connect: s_poll_wait 46.21.154.84:443: TIMEOUTconnect exceeded
2014.04.13 23:37:56 LOG5[6132]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket

 

Stunnel worked for me before the upgrade.  I downloaded the new configs after the upgrade.  I can connect fine without stunnel, but not using stunnel.



#3 Picobuntu

Picobuntu

    Newbie

  • Members
  • Pip
  • 2 posts

Posted 14 April 2014 - 05:53 AM

as per the announcement, after upgrading, i am unable to connect using airvpn with ssl tunnel. any help appreciated!

 

 

background: i am on a mid 2012 macbook air running osx v10.9.2 mavericks which apparently comes with openssl v0.9.8y

 

i use tunnelblick as recommended for a simple gui for openvpn. i downloaded and installed v3.4 b22 on top of my previous version as recommended in their instructions.

 

after installing the new version of tunnelblick, i performed the following:

 

1. removed all previous tunnelblick configurations by (1) deleting them from tunnelblick settings menu, then exit tunnelblick, (2) manually deleting the folders.

2. logged into airvpn config generator and selected osx, my preferred server, advanced mode ssl tunnel port 443, and checked the box for bundle executable as instructed by this page: https://airvpn.org/ssl/

3. saved the generated files in a zip, then unzipped to a folder

4. launched tunnelblick, where upon it detected no configs, asked me to make some. i followed the message prompts as instructed.

5. finally, as i used to do, opened a terminal and cd into my unzipped folder, launch stunnel using the generated ssl config file, switch back to tunnelblick and choose to connect using the imported ovpn config file.

 

at this point, before upgrades, i could see in the terminal connections occurring fine. today, after upgrade, i receive the error message (edited):

 

timestamp LOGx [bunch of numbers: more numbers] : Service [openvpn] accepted connection from 127.0.0.1:64180

timestamp LOGx [bunch of numbers: more numbers] : connect_blocking: connecting my_preferred_server:443

timestamp LOGx [bunch of numbers: more numbers] : connect_blocking: connect my_preferred_server:443: Connection refused (61)

timestamp LOGx [bunch of numbers: more numbers] : Connection reset : 0 byte(s) sent to SSL, 0 byte(s) sent to socket

 

and then it keeps retrying. any ideas? thanks!

 

I've got the same problem as you under Windows !
It worked well just before the update. 

 

I've got Stunnel 5.01 and OpenVPN 2.3.3. Here what I have on screen :

 

Stunnel :

2014.04.14 07:45:08 LOG5[6096]: stunnel 5.01 on x86-pc-msvc-1500 platform
2014.04.14 07:45:08 LOG5[6096]: Compiled/running with OpenSSL 1.0.1g-fips 7 Apr 2014
2014.04.14 07:45:08 LOG5[6096]: Threading:WIN32 Sockets:SELECT,IPv6 SSL:ENGINE,OCSP,FIPS
2014.04.14 07:45:08 LOG5[6096]: Reading configuration from file stunnel.conf
2014.04.14 07:45:08 LOG5[6096]: FIPS mode disabled
2014.04.14 07:45:08 LOG6[6096]: Initializing service [openvpn]
2014.04.14 07:45:08 LOG5[6096]: Configuration successful
2014.04.14 07:45:13 LOG5[4532]: Service [openvpn] accepted connection from 127.0.0.1:64412
2014.04.14 07:45:13 LOG6[4532]: s_connect: connecting 46.165.208.109:443
2014.04.14 07:45:13 LOG5[4532]: s_connect: connected 46.165.208.109:443
2014.04.14 07:45:13 LOG5[4532]: Service [openvpn] connected remote server from 10.0.0.3:64413
2014.04.14 07:45:14 LOG3[4532]: SSL_connect: Peer suddenly disconnected
2014.04.14 07:45:14 LOG5[4532]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2014.04.14 07:45:19 LOG5[5448]: Service [openvpn] accepted connection from 127.0.0.1:64414
2014.04.14 07:45:19 LOG6[5448]: s_connect: connecting 46.165.208.109:443
2014.04.14 07:45:19 LOG5[5448]: s_connect: connected 46.165.208.109:443
2014.04.14 07:45:19 LOG5[5448]: Service [openvpn] connected remote server from 10.0.0.3:64415
2014.04.14 07:45:19 LOG3[5448]: SSL_connect: Peer suddenly disconnected
2014.04.14 07:45:19 LOG5[5448]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2014.04.14 07:45:24 LOG5[6036]: Service [openvpn] accepted connection from 127.0.0.1:64416
2014.04.14 07:45:24 LOG6[6036]: s_connect: connecting 46.165.208.109:443
2014.04.14 07:45:24 LOG5[6036]: s_connect: connected 46.165.208.109:443
2014.04.14 07:45:24 LOG5[6036]: Service [openvpn] connected remote server from 10.0.0.3:64417
2014.04.14 07:45:24 LOG3[6036]: SSL_connect: Peer suddenly disconnected
2014.04.14 07:45:24 LOG5[6036]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2014.04.14 07:45:29 LOG5[1644]: Service [openvpn] accepted connection from 127.0.0.1:64418
2014.04.14 07:45:29 LOG6[1644]: s_connect: connecting 46.165.208.109:443
2014.04.14 07:45:29 LOG5[1644]: s_connect: connected 46.165.208.109:443
2014.04.14 07:45:29 LOG5[1644]: Service [openvpn] connected remote server from 10.0.0.3:64419
2014.04.14 07:45:29 LOG3[1644]: SSL_connect: Peer suddenly disconnected
2014.04.14 07:45:29 LOG5[1644]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket

OpenVPN :

 

Mon Apr 14 07:45:13 2014 OpenVPN 2.3.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Apr  9 2014
Enter Management Password:
Mon Apr 14 07:45:13 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Apr 14 07:45:13 2014 Need hold release from management interface, waiting...
Mon Apr 14 07:45:13 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Apr 14 07:45:13 2014 MANAGEMENT: CMD 'state on'
Mon Apr 14 07:45:13 2014 MANAGEMENT: CMD 'log all on'
Mon Apr 14 07:45:13 2014 MANAGEMENT: CMD 'hold off'
Mon Apr 14 07:45:13 2014 MANAGEMENT: CMD 'hold release'
Mon Apr 14 07:45:13 2014 Control Channel Authentication: tls-auth using INLINE static key file
Mon Apr 14 07:45:13 2014 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr 14 07:45:13 2014 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr 14 07:45:13 2014 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Apr 14 07:45:13 2014 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413
Mon Apr 14 07:45:13 2014 MANAGEMENT: >STATE:1397454313,TCP_CONNECT,,,
Mon Apr 14 07:45:13 2014 TCP connection established with [AF_INET]127.0.0.1:1413
Mon Apr 14 07:45:13 2014 TCPv4_CLIENT link local: [undef]
Mon Apr 14 07:45:13 2014 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:1413
Mon Apr 14 07:45:13 2014 MANAGEMENT: >STATE:1397454313,WAIT,,,
Mon Apr 14 07:45:14 2014 Connection reset, restarting [-1]
Mon Apr 14 07:45:14 2014 SIGUSR1[soft,connection-reset] received, process restarting
Mon Apr 14 07:45:14 2014 MANAGEMENT: >STATE:1397454314,RECONNECTING,connection-reset,,
Mon Apr 14 07:45:14 2014 Restart pause, 5 second(s)
Mon Apr 14 07:45:19 2014 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Apr 14 07:45:19 2014 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413
Mon Apr 14 07:45:19 2014 MANAGEMENT: >STATE:1397454319,TCP_CONNECT,,,
Mon Apr 14 07:45:19 2014 TCP connection established with [AF_INET]127.0.0.1:1413
Mon Apr 14 07:45:19 2014 TCPv4_CLIENT link local: [undef]
Mon Apr 14 07:45:19 2014 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:1413
Mon Apr 14 07:45:19 2014 MANAGEMENT: >STATE:1397454319,WAIT,,,
Mon Apr 14 07:45:19 2014 Connection reset, restarting [-1]
Mon Apr 14 07:45:19 2014 SIGUSR1[soft,connection-reset] received, process restarting
Mon Apr 14 07:45:19 2014 MANAGEMENT: >STATE:1397454319,RECONNECTING,connection-reset,,
Mon Apr 14 07:45:19 2014 Restart pause, 5 second(s)
Mon Apr 14 07:45:24 2014 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Apr 14 07:45:24 2014 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413
Mon Apr 14 07:45:24 2014 MANAGEMENT: >STATE:1397454324,TCP_CONNECT,,,
Mon Apr 14 07:45:24 2014 TCP connection established with [AF_INET]127.0.0.1:1413
Mon Apr 14 07:45:24 2014 TCPv4_CLIENT link local: [undef]
Mon Apr 14 07:45:24 2014 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:1413
Mon Apr 14 07:45:24 2014 MANAGEMENT: >STATE:1397454324,WAIT,,,
Mon Apr 14 07:45:24 2014 Connection reset, restarting [-1]
Mon Apr 14 07:45:24 2014 SIGUSR1[soft,connection-reset] received, process restarting
Mon Apr 14 07:45:24 2014 MANAGEMENT: >STATE:1397454324,RECONNECTING,connection-reset,,
Mon Apr 14 07:45:24 2014 Restart pause, 5 second(s)
Mon Apr 14 07:45:29 2014 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Apr 14 07:45:29 2014 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413
Mon Apr 14 07:45:29 2014 MANAGEMENT: >STATE:1397454329,TCP_CONNECT,,,
Mon Apr 14 07:45:29 2014 TCP connection established with [AF_INET]127.0.0.1:1413
Mon Apr 14 07:45:29 2014 TCPv4_CLIENT link local: [undef]
Mon Apr 14 07:45:29 2014 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:1413
Mon Apr 14 07:45:29 2014 MANAGEMENT: >STATE:1397454329,WAIT,,,
Mon Apr 14 07:45:29 2014 Connection reset, restarting [-1]
Mon Apr 14 07:45:29 2014 SIGUSR1[soft,connection-reset] received, process restarting
Mon Apr 14 07:45:29 2014 MANAGEMENT: >STATE:1397454329,RECONNECTING,connection-reset,,
Mon Apr 14 07:45:29 2014 Restart pause, 5 second(s)

It's only a problem using SSL. With my phone on the carrier network, I've being able to connect to the same server with latest configs.

 

Please help us:) 



#4 M-Z

M-Z

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 14 April 2014 - 08:52 AM

I confirm problems with stunnel connections (OpenVPN 2.3.3 @Windows 7 64bit, stunnel 5.00).

 

In openvpn log I receive:

Mon Apr 14 10:43:00 2014 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413
Mon Apr 14 10:43:00 2014 MANAGEMENT: >STATE:1397464980,TCP_CONNECT,,,
Mon Apr 14 10:43:00 2014 TCP connection established with [AF_INET]127.0.0.1:1413
Mon Apr 14 10:43:00 2014 TCPv4_CLIENT link local: [undef]
Mon Apr 14 10:43:00 2014 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:1413
Mon Apr 14 10:43:00 2014 MANAGEMENT: >STATE:1397464980,WAIT,,,
Mon Apr 14 10:43:01 2014 Connection reset, restarting [-1]
Mon Apr 14 10:43:01 2014 SIGUSR1[soft,connection-reset] received, process restarting
Mon Apr 14 10:43:01 2014 MANAGEMENT: >STATE:1397464981,RECONNECTING,connection-reset,,
Mon Apr 14 10:43:01 2014 Restart pause, 5 second(s)
Mon Apr 14 10:43:06 2014 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Apr 14 10:43:06 2014 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413
Mon Apr 14 10:43:06 2014 MANAGEMENT: >STATE:1397464986,TCP_CONNECT,,,
Mon Apr 14 10:43:06 2014 TCP connection established with [AF_INET]127.0.0.1:1413
Mon Apr 14 10:43:06 2014 TCPv4_CLIENT link local: [undef]
Mon Apr 14 10:43:06 2014 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:1413
Mon Apr 14 10:43:06 2014 MANAGEMENT: >STATE:1397464986,WAIT,,,
Mon Apr 14 10:43:06 2014 Connection reset, restarting [-1]
Mon Apr 14 10:43:06 2014 SIGUSR1[soft,connection-reset] received, process restarting
Mon Apr 14 10:43:06 2014 MANAGEMENT: >STATE:1397464986,RECONNECTING,connection-reset,,
Mon Apr 14 10:43:06 2014 Restart pause, 5 second(s)

 

In stunnel 5.00 I receive:

2014.04.14 10:42:48 LOG6[1020]: Initializing service [openvpn]
2014.04.14 10:42:48 LOG5[1020]: Configuration successful
2014.04.14 10:43:00 LOG5[3556]: Service [openvpn] accepted connection from 127.0.0.1:51356
2014.04.14 10:43:00 LOG6[3556]: s_connect: connecting W.X.Y.Z:443   //W.X.Y.Z - IP of AirVPN server
2014.04.14 10:43:00 LOG5[3556]: s_connect: connected W.X.Y.Z:443
2014.04.14 10:43:00 LOG5[3556]: Service [openvpn] connected remote server from 10.72.96.96:51357   //10.72.96.96 - my IP in my local network
2014.04.14 10:43:01 LOG3[3556]: SSL_connect: Peer suddenly disconnected
2014.04.14 10:43:01 LOG5[3556]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2014.04.14 10:43:06 LOG5[3544]: Service [openvpn] accepted connection from 127.0.0.1:51358
2014.04.14 10:43:06 LOG6[3544]: s_connect: connecting W.X.Y.Z:443
2014.04.14 10:43:06 LOG5[3544]: s_connect: connected W.X.Y.Z:443
2014.04.14 10:43:06 LOG5[3544]: Service [openvpn] connected remote server from 10.72.96.96:51359
2014.04.14 10:43:06 LOG3[3544]: SSL_connect: Peer suddenly disconnected
2014.04.14 10:43:06 LOG5[3544]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket

 

I have set up my own OpenVPN + stunnel server at home and everything works OK, in case anybody may be wondering if my employer blocked something... ;)



#5 Helios210

Helios210

    Newbie

  • Members
  • Pip
  • 8 posts

Posted 14 April 2014 - 10:55 AM

I'm having the same issue but with Windows and stunnel, emailed support so just waiting for them to get back to me, will post a solution if I find one.



#6 amnesty

amnesty

    Advanced Member

  • Members
  • PipPipPip
  • 199 posts

Posted 14 April 2014 - 01:22 PM

Confirmed. I ended up going with OpenVPN over SSH for now.

I created a 2nd batch file to run openvpn from the cmd (as an admin) line but instead of running

openvpn "AirVPN <..> - SSH <..>.ovpn"

you can run:

openvpn --config "c:\Program Files\OpenVPN\config\AirVPN <..> - SSH <..>.ovpn"

 

whatever the path is to your .ovpn file.



#7 darckhart

darckhart

    Member

  • Members
  • PipPip
  • 16 posts

Posted 14 April 2014 - 05:26 PM

i have switched to using over ssh as well for now, but would love to get ssl tunnel working as the performance hit is not as severe. plus, ssl tunnel doesn't seem to drop connection as often.



#8 Helios210

Helios210

    Newbie

  • Members
  • Pip
  • 8 posts

Posted 15 April 2014 - 12:16 AM

Was able to connect over SSL again this morning, hopefully that will be the problem fixed for everyone.

 

Edit:

 

Checked my support messages and had this:
 

"Hello!

We're very sorry, the upgrade included a bug on SSL system, which has been fixed now. Can you please try again? Have a look also to the new instructions in our SSL instructions page.

Kind regards
AirVPN Support Team"

 

So it would seem they've fixed it, happy days!



#9 secure1

secure1

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 15 April 2014 - 04:40 AM

Awesome. It's working for me now as well.  Thanks for posting the update for those of us too lazy to submit a ticket. :)



#10 M-Z

M-Z

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 15 April 2014 - 06:32 AM

Was able to connect over SSL again this morning, hopefully that will be the problem fixed for everyone.

 

(...)

 

So it would seem they've fixed it, happy days!

 

Me too. Works like charm again...



#11 darckhart

darckhart

    Member

  • Members
  • PipPip
  • 16 posts

Posted 15 April 2014 - 06:51 AM

yup. seems to work fine here now too. thanks!



#12 Flex

Flex

    Member

  • Members
  • PipPip
  • 22 posts

Posted 23 May 2014 - 07:55 PM

Confirmed OpenVPN over SSL on Lesath, Cephei working as of right now







Similar Topics Collapse

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Servers online. Online Sessions: 13841 - BW: 44659 Mbit/sYour IP: 54.205.211.87Guest Access.