Thanks Chris but it didn't work.That article discusses about SSL and I am
using TLS which is on port 389 so no URL issue.Here is a server side debug
trace:
daemon: epoll: listen=7 active_threads=0 tvp=NULL
TLS trace: SSL_accept:before/accept initialization
daemon: epoll: listen=8 active_threads=0 tvp=NULL
daemon: activity on 1 descriptor
daemon: activity on:
daemon: hangup on 14
tls_read: want=11 error=Connection reset by peer
TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 active_threads=0 tvp=NULL
daemon: activity on 1 descriptor
daemon: activity on:
TLS: can't accept.
daemon: hangup on 14
daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 active_threads=0 tvp=NULL
daemon: activity on 1 descriptor
daemon: activity on:
daemon: hangup on 14
connection_read(14): TLS accept failure error=-1 id=5, closing
Any help or light on this wil lbe appreciated greatly.
Thanks,
Sankhadip
On Fri, Jan 30, 2009 at 11:29 AM, Christopher Barry <
christopher.barry(a)qlogic.com> wrote:
> -----Original Message-----
> From: Shankhadeep Sen [mailto:shanks.iit@gmail.com]
> Sent: Friday, January 30, 2009 1:25 PM
> To: Christopher Barry
> Subject: Re: ldap_bind fails in vpn tunnel
>
> Hi Christopher,
>
> Thanks for your email.It seems that
> without TLS , the search works first but next when I initiate
> a TLS session, the ldap api says "SERVER DOWN".I must mention
> that the bandwidth is very low in that VPN tunnel and there
> is only one route.
>
> Now I used tcpdump to check the packets on port 389 , it
> seems that there are a lot of packets being exchanged.My
> guess is that because of the low b/w even if one packet gets
> dropped because of router overflow, the SSL handshake will be
> terminated.
>
> What do you think?
>
> Thanks,
>
> Sankhadip
>
>
> On Fri, Jan 30, 2009 at 9:05 AM, Christopher Barry
> <christopher.barry(a)qlogic.com> wrote:
>
>
> > -----Original Message-----
> > From:
> > openldap-technical-bounces+christopher.barry=qlogic.com@openld
> >
ap.org
> >
[mailto:openldap-technical-bounces+christopher.barry<openldap-technical-bounces%2Bchristopher.barry>
>
<mailto:openldap-technical-bounces%2Bchristopher.barry<openldap-technical-bounces%252Bchristopher.barry>>
=qlogic.co
> > m(a)openldap.org] On Behalf Of Sankhadip Sengupta
> > Sent: Friday, January 30, 2009 9:34 AM
> > To: openldap-technical(a)openldap.org
> > Subject: ldap_bind fails in vpn tunnel
> >
> > Hi,
> >
> > In a VPN tunnel, using TLS, ldap_search works but the
> > ldap_bind fails with error :Can't contact LDAP server(-1).
> >
> > Can any one help me? I am using the openldap sdk.
> >
> > Thanks,
> >
> > Sankhadip
> >
>
>
> You might try putting the LDAP server's name and IP
> address in the hosts file of the client.
>
> -C
>
>
>
>
>
Is this link helpful to you?
http://www.openldap.org/lists/openldap-software/200201/msg00625.html