Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ERROR: read: Input/output error #56

Closed
cgogolin opened this issue Jun 16, 2016 · 13 comments
Closed

ERROR: read: Input/output error #56

cgogolin opened this issue Jun 16, 2016 · 13 comments

Comments

@cgogolin
Copy link

cgogolin commented Jun 16, 2016
edited

I can not connect with openfortivpn version 1.1.4 built from the master branch under Debian testing. It fails with "ERROR: read: Input/output error":

$ su -c 'openfortivpn vpn.****.net:443 -u cgogolin -v -v -v -v -v -v -v --trusted-cert ***********************************'
Password: 
DEBUG:  Loaded config file "/etc/openfortivpn/config".
VPN account password: 
DEBUG:  Config host = "vpn.****.net"
DEBUG:  Config realm = ""
DEBUG:  Config port = "443"
DEBUG:  Config username = "cgogolin"
DEBUG:  Config password = "********"
DEBUG:  Gateway certificate validation failed.
DEBUG:  Gateway certificate digest found in white list.
INFO:   Connected to gateway.
INFO:   Authenticated.
DEBUG:  Cookie: SVPNCOOKIE=****
INFO:   Remote gateway has allocated a VPN.
DEBUG:  Gateway certificate validation failed.
DEBUG:  Gateway certificate digest found in white list.
DEBUG:  ssl_read_thread
DEBUG:  ssl_write_thread
DEBUG:  if_config thread
DEBUG:  pppd_read_thread
DEBUG:  pppd_write thread
DEBUG:  gateway ---> pppd (12 bytes)
gtw:    c0 21 01 01 00 0a 05 06 bb c8 89 5b

ERROR:  read: Input/output error
INFO:   Cancelling threads...
DEBUG:  Waiting for pppd to exit...
INFO:   Terminated pppd.
INFO:   Closed connection to gateway.
DEBUG:  Gateway certificate validation failed.
DEBUG:  Gateway certificate digest found in white list.
INFO:   Logged out.
@Zenithar
Copy link

Zenithar commented Oct 24, 2016
edited

Same problem for me with 1.2.0 from AUR on a ArchLinux.

@Zenithar
Copy link

Ok fixed with a reboot, current kernel has been updated and not matching the "new" one.

@twiebe
Copy link

twiebe commented Dec 1, 2016

In my case, a route has been pushed by the vpn server, that matches the remote address of the vpn endpoint itself. Therefor, all following vpn packets will not reach the vpn server, which causes the input output error.

A static route to the endpoint address via the local gateway helps.

I've seen other vpn clients add these routes automatically, to avoid such issues. I'd suggest to do this in openfortivpn as well.

@aggregat4
Copy link

@twiebe can you post the command you used to set the route? I'm not sure what addresses you mean exactly. I have a similar problem.

@twiebe
Copy link

twiebe commented Dec 9, 2016

@aggregat4:
The public address of your vpn server.

F.e.:
If your vpn server's public address would be 8.8.8.8 and your vpn server would push the route 8.8.0.0/16, then your host would try to send all further packets, after the route has been pushed, to your vpn server through pppX instead of ethX.

As a workaround, you could set a static route to your vpn server through your regular gateway before starting openfortivpn:
# ip route add VPN_SERVER_PUBLIC_ADDR via DEFAULT_GATEWAY_ADDR

@ssurba
Copy link

ssurba commented Dec 23, 2016

In my case exactly the same error as in the original post was caused by ppp package missing from the system.

@mrbaseman mrbaseman mentioned this issue May 28, 2017
Closed
@mrbaseman
Copy link
Collaborator

the routing problems discussed above should be fixed in 1.3.1. Now openfortivpn adds such a route to the gateway host before setting up the pushed routes.

@GitteHuber
Copy link

Up until 1.3.0 I had the exact same problem and debug output as cgogolin. Just wanted to confirm that version 1.3.1 fixed it. ( On my Ubuntu 16.4.2 machine, at least)

@mvernimmen-CG
Copy link

That route does not appear to get set with 1.4.0, I had to apply the workaround before starting openfortivpn to get it to work. Also the routes that the vpn hands out are not set by openfortivpn, I had to add them myself. This is on Raspbian GNU/Linux 8 (jessie).

@DimitriPapadopoulos
Copy link
Collaborator

@mvernimmen-CG It would have been better to open a new ticket. Since this has been fixed in version 1.3.1, causes are probably different although symptoms are similar.

My suggestions:

  • Please provide error messages using option -v - see first post in this ticket.
  • Since this looks like an embedded system, is command /usr/sbin/netstat available?

@mvernimmen-CG
Copy link

Sure, I'll do that. I posted in here because the ticket was open, I see you closed it now :)

@mvernimmen-CG mvernimmen-CG mentioned this issue Jul 25, 2017
Closed
@robmukai robmukai mentioned this issue Sep 25, 2017
Closed
@mrbaseman mrbaseman mentioned this issue Oct 16, 2017
Closed
@henkRW
Copy link

henkRW commented Oct 30, 2018

Up until 1.3.0 I had the exact same problem and debug output as cgogolin. Just wanted to confirm that version 1.3.1 fixed it. ( On my Ubuntu 16.4.2 machine, at least)

I can confirm it. I had similar problem with 1.3.0 version after update to 1.6.0 Forti VPN started work.

@mrbaseman
Copy link
Collaborator

@henkRW thanks for this feedback.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@Zenithar @aggregat4 @twiebe @henkRW @DimitriPapadopoulos @cgogolin @ssurba @mrbaseman @mvernimmen-CG @GitteHuber