Hi Lee, On 12-10-10 01:29 PM, Lee Garrett wrote: > I just spent quite some time debugging a problem with openvpn > disconnecting on the first TLS renogotiation.
Are you using the --user directive? If yes, did you tune the memlock limit for both root and the user in question? > It all boils down to the "mlock" option. If it is set on the client > side, the initial connect will succeed, but after reneg-sec there will > be a TLS key negotiation. Looking at your problem description and assuming you are using "--user", it could be that the first negotiation works because it is done as root but the first renegotiation fails because it is done a another user lacking the memlock limit adjustment? Regards, Simon -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
