When I connect the first client it works as expected, my issue is with the second one.
In the server log everything seems fine, you can see that both clients connect succesfully: /------------------------------------------------------------------------------------------------------------/ 2023.12.12 13:48:21 LOG6[ui]: Initializing inetd mode configuration 2023.12.12 13:48:21 LOG5[ui]: stunnel 5.63 on x86_64-pc-linux-gnu platform 2023.12.12 13:48:21 LOG5[ui]: Compiled/running with OpenSSL 3.0.2 15 Mar 2022 2023.12.12 13:48:21 LOG5[ui]: Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,OCSP,PSK,SNI Auth:LIBWRAP 2023.12.12 13:48:21 LOG6[ui]: Initializing inetd mode configuration 2023.12.12 13:48:21 LOG5[ui]: Reading configuration from file /etc/stunnel/stunnel.conf 2023.12.12 13:48:21 LOG5[ui]: UTF-8 byte order mark detected 2023.12.12 13:48:21 LOG5[ui]: FIPS mode disabled 2023.12.12 13:48:21 LOG6[ui]: Compression enabled: 0 methods 2023.12.12 13:48:21 LOG6[ui]: Initializing service [checker] 2023.12.12 13:48:21 LOG6[ui]: OpenSSL security level is used: 2 2023.12.12 13:48:21 LOG6[ui]: Session resumption enabled 2023.12.12 13:48:21 LOG6[ui]: Loading certificate from file: /etc/stunnel/server-combined.pem 2023.12.12 13:48:21 LOG6[ui]: Certificate loaded from file: /etc/stunnel/server-combined.pem 2023.12.12 13:48:21 LOG6[ui]: Loading private key from file: /etc/stunnel/server-combined.pem 2023.12.12 13:48:21 LOG6[ui]: Private key loaded from file: /etc/stunnel/server-combined.pem 2023.12.12 13:48:21 LOG6[ui]: DH initialization skipped: no DH ciphersuites 2023.12.12 13:48:21 LOG5[ui]: Configuration successful 2023.12.12 13:48:21 LOG6[ui]: Service [checker] (FD=9) bound to 0.0.0.0:8050 2023.12.12 13:48:21 LOG5[ui]: Binding service [checker] to :::8050: Address already in use (98) 2023.12.12 13:48:21 LOG6[cron]: Executing cron jobs 2023.12.12 13:48:21 LOG6[cron]: Cron jobs completed in 0 seconds 2023.12.12 13:50:18 LOG5[0]: Service [checker] accepted connection from 192.168.100.99:49688 2023.12.12 13:50:18 LOG6[0]: Peer certificate not required 2023.12.12 13:50:18 LOG6[0]: No peer certificate received 2023.12.12 13:50:18 LOG6[0]: Session id: 41E5880BE80598613E482E5ACE1240298782E70B24B2D2B3C4DC869E5F985FF6 2023.12.12 13:50:18 LOG6[0]: No peer certificate received 2023.12.12 13:50:18 LOG6[0]: Session id: B573C15BD5CA6430EA84B362A31A6B87AB3B56DB06F8DFBC4BC6FA2828C64004 2023.12.12 13:50:18 LOG6[0]: TLS accepted: new session negotiated 2023.12.12 13:50:18 LOG6[0]: TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption) 2023.12.12 13:50:18 LOG6[0]: Peer temporary key: X25519, 253 bits 2023.12.12 13:50:18 LOG6[0]: failover: priority, starting at entry #0 2023.12.12 13:50:18 LOG6[0]: s_connect: connecting ::1:5999 2023.12.12 13:50:18 LOG3[0]: s_connect: connect ::1:5999: Connection refused (111) 2023.12.12 13:50:18 LOG6[0]: s_connect: connecting 127.0.0.1:5999 2023.12.12 13:50:18 LOG5[0]: s_connect: connected 127.0.0.1:5999 2023.12.12 13:50:18 LOG6[0]: persistence: 127.0.0.1:5999 cached 2023.12.12 13:50:18 LOG5[0]: Service [checker] connected remote server from 127.0.0.1:36492 <------------------------------------- 2023.12.12 13:50:29 LOG5[1]: Service [checker] accepted connection from 192.168.100.105:49692 2023.12.12 13:50:29 LOG6[1]: Peer certificate not required 2023.12.12 13:50:29 LOG6[1]: No peer certificate received 2023.12.12 13:50:29 LOG6[1]: Session id: FDF11DA3412912C0FD6B65D53E7DA18FF96D70CBFA705268B0215A41DE6C25C9 2023.12.12 13:50:29 LOG6[1]: No peer certificate received 2023.12.12 13:50:29 LOG6[1]: Session id: 4D4F8A99E869C9CC31BDE53EE63F8B09506E7ED113915C5E0A7CA0730FFD0C30 2023.12.12 13:50:29 LOG6[1]: TLS accepted: new session negotiated 2023.12.12 13:50:29 LOG6[1]: TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption) 2023.12.12 13:50:29 LOG6[1]: Peer temporary key: X25519, 253 bits 2023.12.12 13:50:29 LOG6[1]: failover: priority, starting at entry #0 2023.12.12 13:50:29 LOG6[1]: s_connect: connecting ::1:5999 2023.12.12 13:50:29 LOG3[1]: s_connect: connect ::1:5999: Connection refused (111) 2023.12.12 13:50:29 LOG6[1]: s_connect: connecting 127.0.0.1:5999 2023.12.12 13:50:29 LOG5[1]: s_connect: connected 127.0.0.1:5999 2023.12.12 13:50:29 LOG6[1]: persistence: 127.0.0.1:5999 cached 2023.12.12 13:50:29 LOG5[1]: Service [checker] connected remote server from 127.0.0.1:52356 <------------------------------------- /------------------------------------------------------------------------------------------------------------/
however when I try to send some data (using netcat) only the first connected client is able to send or recieve. I have netcat listening on the server target port and I can only see the messages sent from the first client.
This is my client config: [checker] client = yes accept = 127.0.0.1:8003 connect = 192.168.100.100:8050 verifyChain = yes CAfile = cacert.pem checkIP = 192.168.100.100
And here is my server config: [checker] accept = 8050 connect = 5999 cert = /etc/stunnel/server-combined.pem
Thanks for your help :)