Page 1 of 4 123 ... LastLast
Results 1 to 10 of 31
  1. #1
    Newbie
    Join Date
    May 2020
    Posts
    2

    Question Open VPN Failing since 15.1 Update

    Hi Everyone,

    Has anyone had issues with OpenVPN throwing following the recent update - i have rebooted appliance and created new profile with no luck

    Untangle is running as the router as well. I have never had issue like this before.

    UDP: Unknown error (code=10054) on new OpenVPN client


    Older client:

    Mon May 25 10:15:39 2020 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
    Mon May 25 10:15:41 2020 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
    Mon May 25 10:15:45 2020 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
    Mon May 25 10:15:53 2020 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
    Mon May 25 10:16:09 2020 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
    Last edited by KFACTA; 05-24-2020 at 05:19 PM.

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,785

    Default

    How old? Have you tried updating the client software version? Hit up OpenVPN.net and get the latest client version and install it.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Newbie
    Join Date
    May 2020
    Posts
    2

    Default

    Yeah have done that. We run Untangle for all our clients (300) odd. I have submitted ticket with support, but hoping someone else was having same issue.

  4. #4
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,279

    Wink Welcome

    ...to the forums!

    This error usually indicates a port accessibility problem and/or poor connection between client and server.
    Something is blocking your connection from even starting. So somehow, your port is blocked.

    Make sure the IP you are trying to connect to (in client config "mi-server"), is in fact the correct IP of the server.
    People see ports blocked in one direction or the other.

    One guy shot himself in the foot when he tried to log in from inside the network.

    ˇWINDOWS FIREWALL!

    Some suggestions in the OpenVPN forums are to switch the protocol to TCP. Don't bother with that here.
    This was a particularly unhelpful thread:
    https://forums.untangle.com/openvpn/...e-10054-a.html
    Last edited by Jim.Alles; 05-24-2020 at 10:44 PM.

  5. #5
    Newbie
    Join Date
    May 2015
    Posts
    3

    Default

    Hi, I've the same issue after the 15.0 to 15.1 upgrade: openvpn client won't connect anymore. They do connect to a backup server that is still on 15.0. Have you found a solution?

  6. #6
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,893

    Default

    Quote Originally Posted by a1vdu View Post
    Hi, I've the same issue after the 15.0 to 15.1 upgrade: openvpn client won't connect anymore. They do connect to a backup server that is still on 15.0. Have you found a solution?
    https://forums.untangle.com/openvpn/...tml#post243204
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  7. #7
    Untangle Ninja
    Join Date
    Jan 2011
    Posts
    1,281

    Default

    ok, just to clarify, are we saying that on OpenVPN server with an MD5 certificate can't work at all any more? previously it was just a matter of making the client accept the MD5... is there any similar hack to get a 15.1 server working with MD5 temporarily?

    I've got a site with a dozen remote users dead in the water.

    If this is a no recovery situation, it would've been great if you at least mentioned it in the changelog, or better yet had your upgrade script check for an MD5 certificate and then block the upgrade. Just having this all die suddenly is really bad.

  8. #8
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,785

    Default

    *I* am saying that, and it WAS mentioned in the change-log... ages ago.

    If you're on MD5 certificates NOW, honestly... you kind of deserve it. Those things are a security nightmare TWO YEARS past reasonable mitigation.

    You can't blame Untangle for that, because there's no reasonable way for them to know about this stuff until someone runs into it. Heck, how would they test that? Drag out an install from 10.0 and upgrade it all the way?
    hpaunet and CMcNaughton like this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  9. #9
    Untangler
    Join Date
    May 2018
    Posts
    54

    Default

    Just in case there might be any other users still using MD5 certificates, we have added a note in the changelog.
    Heather P
    Untangle Product Team

  10. #10
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,785

    Default

    Quote Originally Posted by hpaunet View Post
    Just in case there might be any other users still using MD5 certificates, we have added a note in the changelog.
    Can we also please confirm that default settings on v15.1 also eliminate the compress verb? Because I'd hate to recommend a nuke and pave only to set installs up for yet another one.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Page 1 of 4 123 ... LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2