id summary reporter owner description type status priority milestone component version severity resolution keywords cc 787 Connection breaking after a few seconds leaving no useful debugging traces doertedev "Oy. This is the first time in my entire life where I cannot seem to make something work that reliably works on a) macs, b) ubuntus and c) my android phone (if that wasnt WTF enough): Okay so: I successfully connect to a server (in AWS), have proper DNS resolution (all server's who I'm failing to talk to are properly resolved), but either doing https or ssh fails after a few seconds. How does this feel like? SSH to a machine via ssh -i $keyfile 10.x.x.x (vpn IP), fire the first command after the greeting message and the connection hangs itself up. Same for https: call the URl in the browser, get a htpasswd auth response, type in the credentials, and the connection hangs again until the timeout says nope and throws an error at me. Weirdly enough a) my colleagues report everything working properly and b) everything is working on my android phone. It has the same settings and same config et al... I'm pretty clueless here. {{{ openvpn --cd /etc/openvpn/client --config AWS.conf --daemon openvpn-aws --syslog openvpn --log /tmp/openvpn.log --verb 5 --client --dev tun0 --up /etc/openvpn/up.sh --down /etc/openvpn/down.sh --script-security 2 }}} == Version info == {{{ [I] net-misc/openvpn Verfügbare Versionen: 2.3.12 (~)2.3.13 [m](~)2.4_rc1-r1 [m]**9999 {down-root examples inotify iproute2 libressl lz4 +lzo mbedtls pam pkcs11 +plugins polarssl selinux socks +ssl static systemd test USERLAND=""BSD""} Installierte Versionen: 2.3.13(23:03:07 09.12.2016)(iproute2 lzo pam pkcs11 plugins ssl systemd -down-root -examples -libressl -polarssl -selinux -socks -static USERLAND=""-BSD"") Startseite: http://openvpn.net/ Beschreibung: Robust and highly flexible tunneling application compatible with many OSes [I] dev-libs/openssl Verfügbare Versionen: (0.9.8) 0.9.8z_p8^d (0) 1.0.1g[1] (~)1.0.1g-r1[1] 1.0.1h-r2[1] 1.0.1i[1] 1.0.1j[1] 1.0.1k[1] 1.0.1l-r1^d[1] 1.0.1m^d[1] 1.0.1o^d[1] 1.0.1p^d[1] (~)1.0.2-r3^d[1] (~)1.0.2a^d[1] (~)1.0.2c^d[1] 1.0.2d^d[1] (~)1.0.2d-r2^d[1] 1.0.2e^d[1] 1.0.2f^d[1] 1.0.2g-r2^d[1] 1.0.2h^d[1] 1.0.2h-r2^d[1] 1.0.2i^d[1] 1.0.2j^d 1.0.2j^d[1] [M](~)1.1.0c(0/1.1)^d {+asm bindist gmp kerberos rfc3779 sctp sse2 sslv2 +sslv3 static-libs test (+)tls-heartbeat vanilla zlib ABI_MIPS=""n32 n64 o32"" ABI_PPC=""32 64"" ABI_S390=""32 64"" ABI_X86=""32 64 x32"" CPU_FLAGS_X86=""sse2""} Installierte Versionen: 1.0.2j^d[1](19:07:17 07.12.2016)(asm rfc3779 sctp tls-heartbeat zlib -bindist -gmp -kerberos -sslv2 -sslv3 -static-libs -test -vanilla ABI_MIPS=""-n32 -n64 -o32"" ABI_PPC=""-32 -64"" ABI_S390=""-32 -64"" ABI_X86=""64 -32 -x32"" CPU_FLAGS_X86=""sse2"") Startseite: http://www.openssl.org/ Beschreibung: full-strength general purpose cryptography library (including SSL and TLS) }}} == Server config == {{{ port 1194 proto udp dev tun keepalive 10 120 comp-lzo local 10.255.192.103 push ""dhcp-option DNS 10.255.192.2"" push ""dhcp-option DOMAIN aws.lol"" push ""dhcp-option DNSMODE full"" push ""route 10.255.255.0 255.255.255.0"" push ""route 10.255.192.0 255.255.224.0"" push ""route 10.255.128.0 255.255.192.0"" push ""route 10.255.64.0 255.255.192.0"" keepalive 10 30 ca /etc/openvpn/pki/cabundle.pem key /etc/openvpn/pki/server.key.pem cert /etc/openvpn/pki/server.pem dh /etc/openvpn/pki/dh.pem client-config-dir /etc/openvpn/clients ifconfig-pool-persist /etc/openvpn/ipp.txt server 10.255.255.0 255.255.255.0 user nobody group nogroup persist-key persist-tun status /etc/openvpn/openvpn-status.log log-append /var/log/openvpn.log verb 1 mute 10 script-security 1 }}} == Client config == {{{ client dev tun proto udp remote x.x.x.x 1194 udp resolv-retry infinite remote-cert-tls server nobind persist-key persist-tun ca /etc/openvpn/cabundle.pem cert /etc/openvpn/aws.pem key /etc/openvpn/aws-key.pem comp-lzo verb 5 log /tmp/openvpn.log }}} " Bug / Defect closed major release 2.3.13 Networking OpenVPN 2.3.13 (Community Ed) Not set (select this one, unless your'e a OpenVPN developer) notabug connection,breaking,gentoo,client