Error while processing ID

Michael Munger michael at highpoweredhelp.com
Wed Mar 12 08:27:59 CET 2014 

Andrew:

I just went through a very similar issue today.


1.      Subnet should be the IP address on the VPN that you want the VPN adapter on your machine to use. (I made the same mistake you did! Guus corrected me on it).

2.      Address is the LAN or WAN address that the system should contact in order to connect.

Usually, an error processing ID points to mis-matched RSA keys.

I documented my setup (similar to yours) here. It might be worth a look.

http://learnlinuxonline.com/servers/setting-up-a-vpn-with-tinc-vpn-software


Michael Munger, dCAP, MCPS, MCNPS, MBSS
High Powered Help, Inc.
Microsoft Certified Professional
Microsoft Certified Small Business Specialist
Digium Certified Asterisk Professional
michael at highpoweredhelp.com<mailto:michael at highpoweredhelp.com>

From: tinc [mailto:tinc-bounces at tinc-vpn.org] On Behalf Of Andrew Burns
Sent: Wednesday, March 12, 2014 12:01 AM
To: tinc at tinc-vpn.org
Subject: Error while processing ID

Hello all, my apologies if I have failed to RTFM, but the PDF manual and google were no help.

I am trying to get a simple two node tunnel setup.  I have verified that the up scripts bring up the interfaces as they are written; however my gut feeling is that there is something wrong there, but I am not sure exactly what.

Misc items:
  * I have a Port line in horcrux because I ran INIT as a user, but I run tinc with sudo to access the tun device.
  * Tinc is being ran as root on the linux box.
  * I want the tunnel to be a 192.168.13.0/24<http://192.168.13.0/24> network.

I would love to know more on how to troubleshoot this, but the tubes turn up nothing for the Error while processing ID message.  They are both the same build (source downloaded and built, minutes apart from each other).

horcrux
OSX 10.9.2
IP: 10.0.1.70
VPN IP: 192.168.13.70

electrum
Ubuntu 12.04.3
IP 10.0.1.108
VPN IP 192.168.13.108

hosts/horcrux
-----RSA PUBLIC KEY SNIPPED FROM POSTING-----
ECDSAPublicKey = <snipped>
Port = 32096
Subnet = 192.168.13.0/24<http://192.168.13.0/24>
Address = 10.0.1.70

hosts/electrum
-----RSA PUBLIC KEY SNIPPED FROM POSTING-----
ECDSAPublicKey = <snipped>
Subnet = 192.168.13.0/24<http://192.168.13.0/24>
Address = 10.0.1.108

horcrux/tinc-up
ifconfig $INTERFACE 192.168.13.70 192.168.13.1 mtu 1500 netmask 255.255.255.255

electrum/tinc-up
ifconfig $INTERFACE 192.168.13.108 netmask 255.255.255.0

electrum console output:
$ tinc -n bat start -D --bypass-security -d5
tincd 1.1pre10 (Mar 11 2014 20:55:22) starting, debug level 5
/dev/net/tun is a Linux tun/tap device (tun mode)
Listening on 0.0.0.0 port 655
Listening on :: port 655
Executing script tinc-up
Ready
Connection from 10.0.1.70 port 63525
Sending ID to <unknown> (10.0.1.70 port 63525): 0 electrum 17.3
Sending 16 bytes of metadata to <unknown> (10.0.1.70 port 63525)
Got ID from <unknown> (10.0.1.70 port 63525): 0 horcrux 17.3
Sending ACK to horcrux (10.0.1.70 port 63525): 4 655 0 300000c
Sending 16 bytes of metadata to horcrux (10.0.1.70 port 63525)
Handshake phase not finished yet
Error while processing ID from horcrux (10.0.1.70 port 63525)
Closing connection with horcrux (10.0.1.70 port 63525)

horcrux console output:
$ sudo tinc -n bat start -D --bypass-security -d5
tincd 1.1pre10 (Mar 11 2014 20:47:47) starting, debug level 5
/dev/tun1 is a Generic BSD tun device
Listening on 0.0.0.0 port 32096
Listening on :: port 32096
Executing script tinc-up
Ready
Trying to connect to electrum (10.0.1.108 port 655)
Connected to electrum (10.0.1.108 port 655)
Sending ID to electrum (10.0.1.108 port 655): 0 horcrux 17.3
Sending 15 bytes of metadata to electrum (10.0.1.108 port 655)
Got ID from electrum (10.0.1.108 port 655): 0 electrum 17.3
Sending ACK to electrum (10.0.1.108 port 655): 4 32096 0 300000c
Sending 18 bytes of metadata to electrum (10.0.1.108 port 655)
Handshake phase not finished yet
Error while processing ID from electrum (10.0.1.108 port 655)
Closing connection with electrum (10.0.1.108 port 655)
Could not set up a meta connection to electrum
Trying to re-establish outgoing connection in 5 seconds
^CGot Interrupt: 2 signal
Closing connection with horcrux (MYSELF port 32096)
Executing script tinc-down
Terminating

As I said I have a hunch that my -up scripts are the culprit, but have tired many things to no avail.

Thank you for your time to look at this.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140312/a5b13574/attachment-0001.html>

More information about the tinc mailing list