oups look like I was reading the false stunnel.log here is what does find logcheck :
Mar 19 13:47:14 server stunnel: LOG5[21517:139783982704384]: Service smb accepted connection from 196.25.36.134:50005 Mar 19 13:47:14 server stunnel: LOG5[21517:139783982704384]: connect_blocking: connected 127.0.0.1:139 Mar 19 13:47:14 server stunnel: LOG5[21517:139783982704384]: Service smb connected remote server from 127.0.0.1:50215 Mar 19 13:47:44 server stunnel: LOG5[21517:139783982704384]: Error detected on SSL (read) file descriptor: Connection reset by peer (104) Mar 19 13:47:44 server stunnel: LOG5[21517:139783982704384]: Connection reset: 0 bytes sent to SSL, 143 bytes sent to socket
So it looks like a SSL parameter problem.
I have on both side :
sslVersion = TLSv1
because the PCB stunnel doesn't start if I set SSLv2 and the PCA stunnel is crashing when I set SSLv3
What can I do then ?
Best
Philippe
On Mon, 19 Mar 2012 13:57:44 +0100, Philippe wrote:
Hello,
Here is my setup :
[PCA]-------------[Firewall-A]---------------{INTERNET}-----------[45.212.56.178:21213|Firewall-B|192.168.0.1:8139]--------[PCB]
PCA : Windows 7 stunnel.conf :
[smb] client = yes accept = 10.232.232.232:139 connect = 45.212.56.178:21213
PCB : Ubuntu Oneiric 11.10 stunnel.conf :
[smb] accept = 8139 connect = 139
When I try to connect a network drive from PCA to a remote drive of PCB
here are the stunnel.log of PCA :
2012.03.19 13:47:02 LOG5[3744:2564]: Reading configuration from file stunnel.conf 2012.03.19 13:47:02 LOG5[3744:2564]: FIPS mode is enabled 2012.03.19 13:47:02 LOG7[3744:2564]: Compression not enabled 2012.03.19 13:47:02 LOG7[3744:2564]: Snagged 64 random bytes from C:/.rnd 2012.03.19 13:47:02 LOG7[3744:2564]: Wrote 0 new random bytes to C:/.rnd 2012.03.19 13:47:02 LOG7[3744:2564]: PRNG seeded successfully 2012.03.19 13:47:02 LOG6[3744:2564]: Initializing SSL context for service smb 2012.03.19 13:47:02 LOG7[3744:2564]: Certificate: stunnel.pem 2012.03.19 13:47:02 LOG7[3744:2564]: Certificate loaded 2012.03.19 13:47:02 LOG7[3744:2564]: Key file: stunnel.pem 2012.03.19 13:47:02 LOG7[3744:2564]: Private key loaded 2012.03.19 13:47:02 LOG7[3744:2564]: SSL options set: 0x01000004 2012.03.19 13:47:02 LOG6[3744:2564]: SSL context initialized 2012.03.19 13:47:02 LOG5[3744:2564]: Configuration successful 2012.03.19 13:47:02 LOG7[3744:2564]: Service smb closed FD=200 2012.03.19 13:47:13 LOG5[3744:3940]: Service smb accepted connection from 10.232.232.232:50004 2012.03.19 13:47:13 LOG5[3744:3940]: connect_blocking: connected 45.212.56.178:21213 2012.03.19 13:47:13 LOG5[3744:3940]: Service smb connected remote server from 192.168.3.4:50005 2012.03.19 13:47:43 LOG3[3744:3940]: readsocket: Connection reset by peer (WSAECONNRESET) (10054) 2012.03.19 13:47:43 LOG5[3744:3940]: Connection reset: 143 bytes sent to SSL, 0 bytes sent to socket
No logs on PCB
it seems that the SSL connection doesn't cross the firewall B, if not I would saw logs in stunnel.log of PCB isn't it ? What can I do better to make this setup working ? Does the firewall B porforwarding is blocking the process ?
Best regards
Philippe
stunnel-users mailing list stunnel-users@stunnel.org http://stunnel.mirt.net/mailman/listinfo/stunnel-users