iitb open vpn server(accessing iitb websites from outside iit)

[gauravlulu]

http://www.cc.iitb.ac.in/home/31-articles/217-vpn.html
I have tried following instructions on this page but cant seem to
connect myself to IITBdomain.
Has anybody successfully tried it?
Anyhelp would be appreciated..

[Nikunj Maheshwari]

its working for me. 

and u wil be asked for the ldap id and password

--
You received this message because you are subscribed to the Google
Group for the Web and Coding Club of IIT Bombay.
The website for the club is http://stab-iitb.org/wncc
To post to this group, send email to wncc...@googlegroups.com
To unsubscribe from this group, send email to wncc_iitb+...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/wncc_iitb?hl=en_US?hl=en

[deeksha sinha]

I tried accessing asc.iitb.ac.in from outside after following the above procedure. It dint work.

--
Deeksha Sinha
Undergraduate
Electrical engineering
IIT Bombay

[Ashutosh Sharma]

Its working fine with me .... even DC works !!

[Shahansad K.P]

for accessing asc.iitb.ac.in  the problem is with the dns server.

set the dns server address as 10.200.1.11 and 10.200.11.1 and things should work out. also note that you will have to set netmon as proxy to access any website outside iit when the vpn is on.

[Saswat Padhi]

It's working.

For those having issues,
Note that all your connections will be tunneled through NETMON, so you can only access local pages without proxy ..
[Basically, your machine behaves as if it's in the IITB network.]

----------------------------------------------------------------------------------------
Saswat Padhi [http://saswatpadhi.co.cc]
Mobile : 9820721898

1st year BTech, CSE
Hostel-4, IIT-Bombay

[gauravlulu]

My ISP provides me with a definite DNS and gateway which i need to
enter under LAN settings otherwise my broadband wont work.
Is that causing any problem in connecting with open VPN server??
For anyone who can rectify it here's what appears on my openVPN client
when I try to connect:
Sun May 08 12:37:27 2011 NOTE: --user option is not implemented on
Windows
Sun May 08 12:37:27 2011 NOTE: --group option is not implemented on
Windows
Sun May 08 12:37:27 2011 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2]
[PKCS11] built on Aug 20 2010
Sun May 08 12:37:38 2011 NOTE: OpenVPN 2.1 requires '--script-security
2' or higher to call user-defined scripts or executables
Sun May 08 12:37:39 2011 LZO compression initialized
Sun May 08 12:37:39 2011 Control Channel MTU parms [ L:1544 D:140 EF:
40 EB:0 ET:0 EL:0 ]
Sun May 08 12:37:39 2011 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun May 08 12:37:39 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44
EB:135 ET:0 EL:0 AF:3/1 ]
Sun May 08 12:37:39 2011 Local Options hash (VER=V4): '69109d17'
Sun May 08 12:37:39 2011 Expected Remote Options hash (VER=V4):
'c0103fa8'
Sun May 08 12:37:39 2011 Attempting to establish TCP connection with
59.162.23.129:1194
Sun May 08 12:37:39 2011 TCP connection established with
59.162.23.129:1194
Sun May 08 12:37:39 2011 TCPv4_CLIENT link local: [undef]
Sun May 08 12:37:39 2011 TCPv4_CLIENT link remote: 59.162.23.129:1194
Sun May 08 12:37:39 2011 TLS: Initial packet from 59.162.23.129:1194,
sid=44b90a5a 457ccdc4
Sun May 08 12:37:39 2011 WARNING: this configuration may cache
passwords in memory -- use the auth-nocache option to prevent this
Sun May 08 12:37:41 2011 VERIFY OK: depth=1, /C=IN/ST=MH/L=Mumbai/
O=IITB/OU=cc/CN=dwar-openvpn/name=dwar-openvpn/emailAddress=dwar
Sun May 08 12:37:41 2011 VERIFY OK: nsCertType=SERVER
Sun May 08 12:37:41 2011 VERIFY OK: depth=0, /C=IN/ST=MH/L=Mumbai/
O=IITB/OU=cc/CN=IITB_openvpn_server/name=server/emailAddress=dwar
Sun May 08 12:37:45 2011 Data Channel Encrypt: Cipher 'BF-CBC'
initialized with 128 bit key
Sun May 08 12:37:45 2011 Data Channel Encrypt: Using 160 bit message
hash 'SHA1' for HMAC authentication
Sun May 08 12:37:45 2011 Data Channel Decrypt: Cipher 'BF-CBC'
initialized with 128 bit key
Sun May 08 12:37:45 2011 Data Channel Decrypt: Using 160 bit message
hash 'SHA1' for HMAC authentication
Sun May 08 12:37:45 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3
DHE-RSA-AES256-SHA, 1024 bit RSA
Sun May 08 12:37:45 2011 [IITB_openvpn_server] Peer Connection
Initiated with 59.162.23.129:1194
Sun May 08 12:37:48 2011 SENT CONTROL [IITB_openvpn_server]:
'PUSH_REQUEST' (status=1)
Sun May 08 12:37:48 2011 AUTH: Received AUTH_FAILED control message
Sun May 08 12:37:48 2011 TCP/UDP: Closing socket
Sun May 08 12:37:48 2011 SIGTERM[soft,auth-failure] received, process
exiting
Sun May 08 12:37:48 2011 NOTE: --user option is not implemented on
Windows
Sun May 08 12:37:48 2011 NOTE: --group option is not implemented on
Windows
Sun May 08 12:37:48 2011 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2]
[PKCS11] built on Aug 20 2010

I am sure that i am entering the correct LDAP.

Regards
Gaurav Lulu
EE deptt

[Chhatoi Pritam Baral]

not workin for me either.

Tried the local server, www.iitb.ac.in, asc.iitb.ac.in, 10.2.10.10, no response. Even ping returns negative.

I'm using Shrewsoft VPN Manager, essentially the same client described for Windows on the site, but it has a linux version too.

 

Regards,
Chhatoi Pritam Baral

[Chhatoi Pritam Baral]

Works the normal way though, using racoon.

[Nikunj Maheshwari]

Did u configure the proxy and the DNS servers?? Shrewsoft is working awesome for me 

--

[vinayak gagrani]

@nikunj : please elaborate what exactly to do ....

--

Vinayak Gagrani

Sophomore

Computer Science and Engineering,

Indian Institute of Technology, Bombay

Contact no: +91-99-202-42-601

http://www.cse.iitb.ac.in/~gagrani

[praful patil]

got DC working
just go to settings->connection settings->set incoming connection to passive mode
and HALLELUJAH!!!!

love u guyz!
thanks

[praful patil]

were u able to download from DC?
 coz the hubs are connected but i was not able to download!?
help

[Saswat Padhi]

@ Gaurav Lulu

My guess (as to why your AUTHentication fails), is because IIT-B VPN also requires a mutual PSK along with XAuth [your LDAP].
The .vpn file that's provided in the CC's VPN page, mentions the authentication as PSK+XAuth ...
.. your client only sends the XAuth info.
I don't see it, exchanging the PSK.
Please check the configuration again :)

--

You received this message because you are subscribed to the Google
Group for the Web and Coding Club of IIT Bombay.
The website for the club is http://stab-iitb.org/wncc
To post to this group, send email to wncc...@googlegroups.com
To unsubscribe from this group, send email to wncc_iitb+...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/wncc_iitb?hl=en_US?hl=en

--

[harshad patil]

I tried racoon in ubuntu

it works!!!!

Regards,

Harshad Patil

Senior Undergraduate,
Department of Aerospace,
IIT Bombay



+91 99694 74744

[Nikunj Maheshwari]

@vinayak : configure the DNS servers in the lan properties, set the proxy NETMON... int the internet options->kan settings, and follow the instructions at http://www.cc.iitb.ac.in/home/31-articles/217-vpn.html .. If it does nt work then restart and try loging in again.. 

[vinayak gagrani]

config loaded for site 'iitbvpnclient1.vpn'
configuring client settings ...
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
ipcomp proposal configured
client configured
local id configured
remote id configured
pre-shared key configured
bringing up tunnel ...
negotiation timout occurred
tunnel disabled
detached from key daemon ...


this is wat it says
I am on windows now
i have lan settings in internet options as netmon and everything else
suggest something may be this info is useful

[Saswat Padhi]

@ vinayak :

i don't think you need to configure anything else, except the proxy thing ... [atleast, it works for me].
try removing the DNS and IP settings if you have made and let the proxy settings remain.

@ nikunj :

if we change the DNS settings in LAN properties .. then the default DNS for our internet connection will be set to IITB's DNS (which would be unreachable, from our side).
so, i don't think configuring name server to IITB's DNS; before connecting to the DNS would work ..
.. and actually, that might cause the time out error, because the name "vpn.iitb.ac.in" could not be resolved by the (unreachable) DNS.

[Nikunj Maheshwari]

@saswat: u r right that configuring the DNS does not matter. Although, even though i had configured it, it did not matter and the iit b network could be accessed

On 8 May 2011 22:39, Saswat Padhi <saswat...@gmail.com> wrote:

@ vinayak :

i don't think you need to configure anything else, except the proxy thing ... [atleast, it works for me].

[gauravlulu]

My router firewall was creating the problem, Now I am connected!!
Thanx to all for helping :)

Gaurav Lulu

[Shahansad K.P]

with out configuring dns are you able to access asc.iitb.ac.in ??

[Saswat Padhi]

@Shahansad:
yup.
And, I don't think that's strange, because IIT-B VPN uses split DNS.

[deeksha sinha]

Though most of the insti sites are opening, the PT Cell blog is still not. It says , "You don't have permission to access /trainingblog/ on this server."

Any suggestions?

[Kaushal Jain]

anybody successful in getting ftp access to local servers (bighome, sharada etc??)

Kaushal Jain
UG Second Year,
Electrical Engineering Department,
IIT Bombay

[Yatish Turakhia]

@vinayak: i am facing the same problem. if you have found a solution to it please post it on the group.

Yatish Turakhia
Undergraduate Student
Department of Electrical Engineering
IIT Bombay

[Saswat Padhi]

@ Kaushal :

Able to access bighome and IITB's FTP ..
While connecting to bighome, I used passive mode.

[Yatish Turakhia]

I am getting this message:

bringing up tunnel ...

negotiation timout occurred

tunnel disabled

detached from key daemon ...

Some please suggest a solution to it...

On Wed, May 11, 2011 at 11:32 AM, Yatish Turakhia <yatisht...@gmail.com> wrote:

[Kaushal Jain]

@Saswat: Yeah .. bighome connection could be done! thanks... but what about department servers?

[Saswat Padhi]

@Kaushal :
no idea .... i guess, i don't have login credentials for one. :P
someone else might clarify :)

[Aakash N S]

I'm facing the same problem as Vinayak and Yatish. Has anybody found a solution to this?

bringing up tunnel ...

negotiation timout occurred

tunnel disabled

detached from key daemon ...

I also tried using OpenVPN. Here's what it says:

Thu May 19 12:14:05 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key

Thu May 19 12:14:05 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Thu May 19 12:14:05 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key

Thu May 19 12:14:05 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Thu May 19 12:14:05 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA

Thu May 19 12:14:05 2011 [IITB_openvpn_server] Peer Connection Initiated with 59.162.23.129:1194

Thu May 19 12:14:07 2011 SENT CONTROL [IITB_openvpn_server]: 'PUSH_REQUEST' (status=1)

Thu May 19 12:14:07 2011 AUTH: Received AUTH_FAILED control message

Thu May 19 12:14:07 2011 TCP/UDP: Closing socket

Thu May 19 12:14:07 2011 SIGTERM[soft,auth-failure] received, process exiting

Thu May 19 12:14:08 2011 NOTE: --user option is not implemented on Windows

Thu May 19 12:14:08 2011 NOTE: --group option is not implemented on Windows

Thu May 19 12:14:08 2011 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010

Aakash N S
Department of Computer Science and Engineering
IIT Bombay

[vinayak gagrani]

your net connection is slow ...
this is what i figured out ... :-/

Vinayak Gagrani
Junior Undergraduate

[sagar chordia]

Mine VPN works in office but i face same problem as your's in hostel.

Some ISP block specific types of TCP/IP traffic that prevent VPN connectivity.

Try to connect to VPN through some different network.

On Thu, May 19, 2011 at 8:50 AM, Aakash N S <aakash...@gmail.com> wrote:

I'm facing the same problem as Vinayak and Yatish. Has anybody found a solution to this?

bringing up tunnel ...

negotiation timout occaurred

--

cheers,

Sagar Chordia

II Year CSE student,

IIT Bombay.

[Sumit Gupta]

Hello,
     I am using 'open vpn connection' as per the instructions given here http://www.cc.iitb.ac.in/home/31-articles/217-vpn.html . The problem is it asks for my ldap username and password again and again ...

see if you can help me out

log:

Sat Jun 18 21:57:33 2011 NOTE: --user option is not implemented on Windows
Sat Jun 18 21:57:33 2011 NOTE: --group option is not implemented on Windows
Sat Jun 18 21:57:33 2011 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
Sat Jun 18 21:57:38 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Jun 18 21:57:39 2011 LZO compression initialized
Sat Jun 18 21:57:39 2011 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Jun 18 21:57:39 2011 Socket Buffers: R=[516096->516096] S=[172032->172032]
Sat Jun 18 21:57:39 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Jun 18 21:57:39 2011 Local Options hash (VER=V4): '69109d17'
Sat Jun 18 21:57:39 2011 Expected Remote Options hash (VER=V4): 'c0103fa8'
Sat Jun 18 21:57:39 2011 Attempting to establish TCP connection with 59.162.23.129:1194
Sat Jun 18 21:57:39 2011 TCP connection established with 59.162.23.129:1194
Sat Jun 18 21:57:39 2011 TCPv4_CLIENT link local: [undef]
Sat Jun 18 21:57:39 2011 TCPv4_CLIENT link remote: 59.162.23.129:1194
Sat Jun 18 21:57:39 2011 TLS: Initial packet from 59.162.23.129:1194, sid=9d4db82d f795a407
Sat Jun 18 21:57:39 2011 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Jun 18 21:57:42 2011 VERIFY OK: depth=1, /C=IN/ST=MH/L=Mumbai/O=IITB/OU=cc/CN=dwar-openvpn/name=dwar-openvpn/emailAddress=dwar
Sat Jun 18 21:57:42 2011 VERIFY OK: nsCertType=SERVER
Sat Jun 18 21:57:42 2011 VERIFY OK: depth=0, /C=IN/ST=MH/L=Mumbai/O=IITB/OU=cc/CN=IITB_openvpn_server/name=server/emailAddress=dwar
Sat Jun 18 21:57:49 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Jun 18 21:57:49 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Jun 18 21:57:49 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Jun 18 21:57:49 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Jun 18 21:57:49 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Jun 18 21:57:49 2011 [IITB_openvpn_server] Peer Connection Initiated with 59.162.23.129:1194
Sat Jun 18 21:57:50 2011 Connection reset, restarting [0]
Sat Jun 18 21:57:50 2011 TCP/UDP: Closing socket
Sat Jun 18 21:57:50 2011 SIGUSR1[soft,connection-reset] received, process restarting
Sat Jun 18 21:57:50 2011 Restart pause, 5 second(s)
Sat Jun 18 21:57:55 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Jun 18 21:57:55 2011 Re-using SSL/TLS context
Sat Jun 18 21:57:55 2011 LZO compression initialized
Sat Jun 18 21:57:55 2011 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Jun 18 21:57:55 2011 Socket Buffers: R=[516096->516096] S=[172032->172032]
Sat Jun 18 21:57:55 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Jun 18 21:57:55 2011 Local Options hash (VER=V4): '69109d17'
Sat Jun 18 21:57:55 2011 Expected Remote Options hash (VER=V4): 'c0103fa8'
Sat Jun 18 21:57:55 2011 Attempting to establish TCP connection with 59.162.23.129:1194
Sat Jun 18 21:57:55 2011 TCP connection established with 59.162.23.129:1194
Sat Jun 18 21:57:55 2011 TCPv4_CLIENT link local: [undef]
Sat Jun 18 21:57:55 2011 TCPv4_CLIENT link remote: 59.162.23.129:1194
Sat Jun 18 21:57:55 2011 TLS: Initial packet from 59.162.23.129:1194, sid=bc2448d2 c1eb75a8
Sat Jun 18 21:57:55 2011 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Jun 18 21:57:58 2011 VERIFY OK: depth=1, /C=IN/ST=MH/L=Mumbai/O=IITB/OU=cc/CN=dwar-openvpn/name=dwar-openvpn/emailAddress=dwar
Sat Jun 18 21:57:58 2011 VERIFY OK: nsCertType=SERVER
Sat Jun 18 21:57:58 2011 VERIFY OK: depth=0, /C=IN/ST=MH/L=Mumbai/O=IITB/OU=cc/CN=IITB_openvpn_server/name=server/emailAddress=dwar
Sat Jun 18 21:58:07 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Jun 18 21:58:07 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Jun 18 21:58:07 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Jun 18 21:58:07 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Jun 18 21:58:07 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Jun 18 21:58:07 2011 [IITB_openvpn_server] Peer Connection Initiated with 59.162.23.129:1194
Sat Jun 18 21:58:09 2011 SENT CONTROL [IITB_openvpn_server]: 'PUSH_REQUEST' (status=1)
Sat Jun 18 21:58:10 2011 AUTH: Received AUTH_FAILED control message
Sat Jun 18 21:58:10 2011 TCP/UDP: Closing socket
Sat Jun 18 21:58:10 2011 SIGTERM[soft,auth-failure] received, process exiting
Sat Jun 18 21:58:10 2011 NOTE: --user option is not implemented on Windows
Sat Jun 18 21:58:10 2011 NOTE: --group option is not implemented on Windows
Sat Jun 18 21:58:10 2011 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010

[vijay ch.a.v]

dont use open vpn..  use shrewsoft

--

You received this message because you are subscribed to the Google
Group for the Web and Coding Club of IIT Bombay.
The website for the club is http://stab-iitb.org/wncc
To post to this group, send email to wncc...@googlegroups.com
To unsubscribe from this group, send email to wncc_iitb+...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/wncc_iitb?hl=en_US?hl=en

--
Ch.A.V.Vijay
Electrical Department
Sophomore
IIT Bombay

[aayush singhal]

works for me on windows, but not on ubuntu either ways, seems like something is broken.

Anyways whole cc site is broken. Whenever i login for purchasing softwares, it saves my login, and doesn't let me logout.

It seriously needs some fix.

[Sumit Gupta]

getting the same problem with shrew soft also....

--

[Chiraag Juvekar]

Hey

@gaurav: What was the exact issue. I think I am getting a similar problem on Ubuntu with openvpn

Openvpn log:

Tue Jul 19 17:29:42 2011 OpenVPN 2.1.0 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 20 2010

Tue Jul 19 17:29:48 2011 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Tue Jul 19 17:29:48 2011 PLUGIN_INIT: POST /usr/lib/openvpn/openvpn-down-root.so '[/usr/lib/openvpn/openvpn-down-root.so] [/etc/openvpn/client.down]' intercepted=PLUGIN_UP|PLUGIN_DOWN 

Tue Jul 19 17:29:48 2011 WARNING: file '/etc/openvpn/keys/IITB_openvpn_client.key' is group or others accessible

Tue Jul 19 17:29:48 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>

Tue Jul 19 17:29:48 2011 LZO compression initialized

Tue Jul 19 17:29:48 2011 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]

Tue Jul 19 17:29:48 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]

Tue Jul 19 17:29:48 2011 Local Options hash (VER=V4): '69109d17'

Tue Jul 19 17:29:48 2011 Expected Remote Options hash (VER=V4): 'c0103fa8'

Tue Jul 19 17:29:48 2011 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay

Tue Jul 19 17:29:48 2011 Attempting to establish TCP connection with [AF_INET]59.162.23.129:1194 [nonblock]

Tue Jul 19 17:29:49 2011 TCP connection established with [AF_INET]59.162.23.129:1194

Tue Jul 19 17:29:49 2011 Socket Buffers: R=[87380->131072] S=[16384->131072]

Tue Jul 19 17:29:49 2011 TCPv4_CLIENT link local: [undef]

Tue Jul 19 17:29:49 2011 TCPv4_CLIENT link remote: [AF_INET]59.162.23.129:1194

Tue Jul 19 17:29:49 2011 TLS: Initial packet from [AF_INET]59.162.23.129:1194, sid=5358fcf4 9fd4ccc8

Tue Jul 19 17:29:49 2011 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

Tue Jul 19 17:29:52 2011 VERIFY OK: depth=1, /C=IN/ST=MH/L=Mumbai/O=IITB/OU=cc/CN=dwar-openvpn/name=dwar-openvpn/emailAddress=dwar

Tue Jul 19 17:29:52 2011 VERIFY OK: nsCertType=SERVER

Tue Jul 19 17:29:52 2011 VERIFY OK: depth=0, /C=IN/ST=MH/L=Mumbai/O=IITB/OU=cc/CN=IITB_openvpn_server/name=server/emailAddress=dwar

Tue Jul 19 17:30:00 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key

Tue Jul 19 17:30:00 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Tue Jul 19 17:30:00 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key

Tue Jul 19 17:30:00 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Tue Jul 19 17:30:00 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA

Tue Jul 19 17:30:00 2011 [IITB_openvpn_server] Peer Connection Initiated with [AF_INET]59.162.23.129:1194

Tue Jul 19 17:30:02 2011 SENT CONTROL [IITB_openvpn_server]: 'PUSH_REQUEST' (status=1)

Tue Jul 19 17:30:02 2011 AUTH: Received AUTH_FAILED control message

Tue Jul 19 17:30:02 2011 TCP/UDP: Closing socket

Tue Jul 19 17:30:02 2011 PLUGIN_CLOSE: /usr/lib/openvpn/openvpn-down-root.so

Tue Jul 19 17:30:02 2011 SIGTERM[soft,auth-failure] received, process exiting

Can someone provide a log of a connections that works?

--
Chiraag

You can't have everything in life, 

In particular, the list of all lists that do not contain themselves.