OpenVPN Service

Advanced feature discussion, beta programs and unsupported "Labs" features.
110 posts Page 11 of 11
by guarino » Fri Jul 06, 2018 2:38 pm
Hey folks,

I just want to call attention to the fact that we'll be doing system updates tonight, and ovpn.sonic.net is in the list of systems that will see service interruptions during the maintenance window.

https://sonicstatus.com/2018/07/06/1000006651/

Thanks,
Justin
Justin Guarino
Sonic System Operations
by forest » Sat Jul 07, 2018 9:27 am
beta.vpn.sonic.net wasn't mentioned, yet it apparently went down right about midnight, and now seems to be failing TLS negotion just as ovpn.sonic.net did a while back. Did you guys forget to keep TLS 1.0 enabled?
by guarino » Sat Jul 07, 2018 1:04 pm
Hello Forest,

beta.vpn.sonic.net still has TLS 1.0 enabled, and no changes were made to openvpn on that host last night (it was just one of the few hundred or so servers that was rebooted for kernel updates).

I'm not sure you're running into the same issue as I see you were able to auth, set up a control channel, then a data channel before the following:

SIGTERM[soft,remote-exit] received, client-instance exiting.

The first attempts I saw from you this morning were around 9am though, so after this message was posted. Were you trying from another device and succeeded? I do see several more attempts on the production server (ovpn.sonic.net) but just the one on beta.

Thanks,
Justin
Justin Guarino
Sonic System Operations
by forest » Sat Jul 07, 2018 5:00 pm
Thanks for the info, Justin.

The successes you saw in the logs were probably me connecting from an independent computer while troubleshooting the problem.

Turns out my router reverted ovpn.sonic.net when it couldn't reach beta.vpn for a while (I had forgotten I still had that fallback in place), and that's where it was choking on the TLS handshake. Fixed now.

Cheers!
by jessieandrob » Mon Jul 09, 2018 9:32 pm
hi Sonic folks, any chance of ipv6 support for the VPN?
by nathrak » Fri Aug 03, 2018 7:05 pm
I haven't been able to connect to the OpenVPN service for some time through the website or the client. I can login to ovpn.sonic.net but can't connect, and the client won't connect either. Is it just me?
by ankh » Sun Aug 12, 2018 9:43 am
Same problem. Firefox and Safari.

I get:

Unexpected error:

DNS lookup failed on host u’ovpn.sonic.net’: [Errno 8] nodename nor servname provided, or not known

Emailed Support; the reply is:

Unfortunately, the information you are looking for is unsupported by Sonic's technical support department. We recommend going to https://forums.sonic.net/ and searching for your problem in case other users have been experiencing a similar issue. Otherwise, post a new topic with as much detail as you can, and a member of our Network Operations team will review the situation.
by kgc » Mon Aug 13, 2018 10:31 am
ankh wrote:
... host u’ovpn.sonic.net’:


If that error is verbatim, it looks like you've got u' in front of the hostname in a config file?
Kelsey Cummings
System Architect, Sonic.net, Inc.
by forest » Mon Aug 13, 2018 10:56 am
u'This is also' the way python 2.x represents unicode strings. If ankh is using an openvpn front-end written in python, the extra u and ' could be a red herring, or it could be that the string is being passed between components incorrectly, or maybe an ancient version of python is being used to run code that assumes a newer version?
by ankh » Mon Aug 13, 2018 12:01 pm
I'm using the Mac client from https://openvpn.net/index.php/open-sour ... loads.html
and the config file I get from Sonic's vpn page. Nothing fiddled with on my end.
110 posts Page 11 of 11

Who is online

In total there are 5 users online :: 0 registered, 0 hidden and 5 guests (based on users active over the past 5 minutes)
Most users ever online was 422 on Sat May 26, 2012 5:28 am

Users browsing this forum: No registered users and 5 guests