Reputation: 21
OpenVpn from C# - Weird Timeout
i am trying to start OpenVpn from my C# Windows Service. Basically like this:
VpnProcess = new Process();
VpnProcess.StartInfo.FileName = "<Path to openvpn.exe in Program dir>";
VpnProcess.StartInfo.Arguments = "--config " + "<vpnConfigName>" + " --log vpn.log";
VpnProcess.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
VpnProcess.StartInfo.UseShellExecute = false;
VpnProcess.StartInfo.CreateNoWindow = true;
VpnProcess.StartInfo.WorkingDirectory = <Program dir>;
VpnProcess.Start();
so far so good, here is the resulting log:
Tue Sep 01 11:01:15 2015 OpenVPN 2.3.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug 4 2015
Tue Sep 01 11:01:15 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Tue Sep 01 11:01:16 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 01 11:01:16 2015 UDPv4 link local: [undef]
Tue Sep 01 11:01:16 2015 UDPv4 link remote: [AF_INET]217.79.181.93:1194
Tue Sep 01 11:01:16 2015 TLS: Initial packet from [AF_INET]217.79.181.93:1194, sid=a7a52cba 93615557
Tue Sep 01 11:01:16 2015 VERIFY OK: depth=1, CN=<censored>
Tue Sep 01 11:01:16 2015 VERIFY OK: nsCertType=SERVER
Tue Sep 01 11:01:16 2015 VERIFY OK: depth=0, C=<censored>, ST=<censored>, L=<censored>, O=<censored>, OU=<censored>, CN=<censored>, name=<censored>, emailAddress=<censored>
Tue Sep 01 11:02:16 2015 [<censored>] Inactivity timeout (--ping-restart), restarting
Tue Sep 01 11:02:16 2015 SIGUSR1[soft,ping-restart] received, process restarting
Tue Sep 01 11:02:16 2015 Restart pause, 2 second(s)
Tue Sep 01 11:02:18 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Sep 01 11:02:19 2015 UDPv4 link local: [undef]
Tue Sep 01 11:02:19 2015 UDPv4 link remote: [AF_INET]217.79.181.93:1194
Tue Sep 01 11:02:19 2015 TLS: Initial packet from [AF_INET]217.79.181.93:1194, sid=4963868b 6f0eecb7
Tue Sep 01 11:02:20 2015 VERIFY OK: depth=1, CN=<censored>
Tue Sep 01 11:02:20 2015 VERIFY OK: nsCertType=SERVER
Tue Sep 01 11:02:20 2015 VERIFY OK: depth=0, C=<censored>, ST=<censored>, L=<censored>, O=<censored>, OU=<censored>, CN=<censored>, name=<censored>, emailAddress=<censored>
Tue Sep 01 11:02:21 2015 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
[...]
Tue Sep 01 11:02:28 2015 Initialization Sequence Completed
So, vpn hangs after VERIFY, then restarts itself, then its working fine. If i start openvn via cmd or Powershell with the exact same conditions and params, it connects successfully in the first try.
I spent several days trying to find out why this happens, no success. I tried all sensible combinations of StartInfo-Properties and checked whether the executing user changes after the soft restart. Nope, both times it's LocalSystem.
Upvotes: 0
Views: 1760
Answers (2)
Reputation: 1
Check your OpenVPN config file do you have option 'auth-nocache'. I got a similar effect when I've added this option to client configuration. I use username / password to authenticate.
Upvotes: 0
Reputation: 21
Cause: server time was 1 minute ahead of time. So the freshly downloaded certificate on client was 'from the future', leading to rejection by the server. Server log showed this, but never client log
Upvotes: 2
Related Questions
- OpenVPN Connection Using Python (Windows)
- Vpn client in xamarin
- Connection to OPENVPN using c#
- HttpClient.GetAsync times out when connected to VPN
- Connecting to OpenVPN in VB.NET
- DEVCON.EXE (driver tool) and OpenVPN
- C# - Close OpenVPN Cleanly
- Timeout on TCP Connection Attempt
- Problem disconnecting OpenVpn from application