I have just upgraded from Win 8.1 to win 10. I now cannot connect the server.
Many other clients continue to connect from my local network and from other networks. All are running win 7 or win 8.
I have not changed anything in my client .ovpn
I have uninstalled the TAP-Windows Adaptor V9 and then re-installed again with OpenVPN
Here is the log:
Tue Oct 20 07:48:32 2015 us=585384 Current Parameter Settings:
Tue Oct 20 07:48:32 2015 us=585384 config = 'osprey.ovpn'
Tue Oct 20 07:48:32 2015 us=585384 mode = 0
Tue Oct 20 07:48:32 2015 us=585384 NOTE: --mute triggered...
Tue Oct 20 07:48:32 2015 us=585384 282 variation(s) on previous 3 message(s) suppressed by --mute
Tue Oct 20 07:48:32 2015 us=585384 OpenVPN 2.3.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug 4 2015
Tue Oct 20 07:48:32 2015 us=585384 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Enter Management Password:
Tue Oct 20 07:48:32 2015 us=586385 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Oct 20 07:48:32 2015 us=586385 Need hold release from management interface, waiting...
Tue Oct 20 07:48:33 2015 us=73629 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Oct 20 07:48:33 2015 us=177676 MANAGEMENT: CMD 'state on'
Tue Oct 20 07:48:33 2015 us=177676 MANAGEMENT: CMD 'log all on'
Tue Oct 20 07:48:33 2015 us=188684 MANAGEMENT: CMD 'hold off'
Tue Oct 20 07:48:33 2015 us=191687 NOTE: --mute triggered...
Tue Oct 20 07:48:33 2015 us=295762 1 variation(s) on previous 3 message(s) suppressed by --mute
Tue Oct 20 07:48:33 2015 us=295762 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Tue Oct 20 07:48:33 2015 us=295762 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 20 07:48:33 2015 us=295762 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 20 07:48:33 2015 us=295762 Control Channel MTU parms [ L:1545 D:166 EF:66 EB:0 ET:0 EL:3 ]
Tue Oct 20 07:48:33 2015 us=295762 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Oct 20 07:48:33 2015 us=295762 Data Channel MTU parms [ L:1545 D:1400 EF:45 EB:12 ET:0 EL:3 ]
Tue Oct 20 07:48:33 2015 us=295762 Fragmentation MTU parms [ L:1545 D:1400 EF:45 EB:12 ET:0 EL:3 ]
Tue Oct 20 07:48:33 2015 us=295762 Local Options String: 'V4,dev-type tun,link-mtu 1545,tun-mtu 1500,proto UDPv4,mtu-dynamic,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Tue Oct 20 07:48:33 2015 us=295762 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1545,tun-mtu 1500,proto UDPv4,mtu-dynamic,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Tue Oct 20 07:48:33 2015 us=295762 Local Options hash (VER=V4): '885414e3'
Tue Oct 20 07:48:33 2015 us=295762 Expected Remote Options hash (VER=V4): '8bcc3b84'
Tue Oct 20 07:48:33 2015 us=295762 UDPv4 link local (bound): [undef]
Tue Oct 20 07:48:33 2015 us=295762 UDPv4 link remote: [AF_INET]91.216.112.132:7874
Tue Oct 20 07:48:33 2015 us=295762 MANAGEMENT: >STATE:1445323713,WAIT,,,
Tue Oct 20 07:49:33 2015 us=384049 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Oct 20 07:49:33 2015 us=384049 TLS Error: TLS handshake failed
Tue Oct 20 07:49:33 2015 us=384049 TCP/UDP: Closing socket
Tue Oct 20 07:49:33 2015 us=384049 SIGUSR1[soft,tls-error] received, process restarting
Tue Oct 20 07:49:33 2015 us=384049 MANAGEMENT: >STATE:1445323773,RECONNECTING,tls-error,,
Tue Oct 20 07:49:33 2015 us=384049 Restart pause, 2 second(s)
Tue Oct 20 07:49:35 2015 us=384078 Re-using SSL/TLS context
Tue Oct 20 07:49:35 2015 us=384078 Control Channel MTU parms [ L:1545 D:166 EF:66 EB:0 ET:0 EL:3 ]
Tue Oct 20 07:49:35 2015 us=384078 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Oct 20 07:49:35 2015 us=384078 Data Channel MTU parms [ L:1545 D:1400 EF:45 EB:12 ET:0 EL:3 ]
Tue Oct 20 07:49:35 2015 us=384078 Fragmentation MTU parms [ L:1545 D:1400 EF:45 EB:12 ET:0 EL:3 ]
Tue Oct 20 07:49:35 2015 us=384078 Local Options String: 'V4,dev-type tun,link-mtu 1545,tun-mtu 1500,proto UDPv4,mtu-dynamic,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Tue Oct 20 07:49:35 2015 us=384078 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1545,tun-mtu 1500,proto UDPv4,mtu-dynamic,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Tue Oct 20 07:49:35 2015 us=384078 Local Options hash (VER=V4): '885414e3'
Tue Oct 20 07:49:35 2015 us=384078 Expected Remote Options hash (VER=V4): '8bcc3b84'
Tue Oct 20 07:49:35 2015 us=384078 UDPv4 link local (bound): [undef]
Tue Oct 20 07:49:35 2015 us=384078 UDPv4 link remote: [AF_INET]91.216.112.132:7874
Tue Oct 20 07:49:35 2015 us=384078 MANAGEMENT: >STATE:1445323775,WAIT,,,
Tue Oct 20 07:50:36 2015 us=21723 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Oct 20 07:50:36 2015 us=21723 TLS Error: TLS handshake failed
Tue Oct 20 07:50:36 2015 us=21723 TCP/UDP: Closing socket
Tue Oct 20 07:50:36 2015 us=21723 SIGUSR1[soft,tls-error] received, process restarting
Tue Oct 20 07:50:36 2015 us=21723 MANAGEMENT: >STATE:1445323836,RECONNECTING,tls-error,,
Tue Oct 20 07:50:36 2015 us=21723 Restart pause, 2 second(s)
Here is the client:
remote XXX.XXX.XXX.XXX 7874
# the line below is for openvpn 2.0 and below
;ns-cert-type server
# the line below is for openvpn 2.1
remote-cert-tls server
client
dev tun
tls-auth ta.key 1
ca ca.crt
cert client-tr2.crt
key client-tr2.key
ping --restart 10
verb 5
mute 3
proto udp
# added these as also on server
persist-key
persist-tun
fragment 1400
mssfix
Does anybody have any suggestions?
Win 10 upgrade TLS key negotiation failed to occur within 60
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 5
- Joined: Tue Oct 20, 2015 7:36 am
- Traffic
- OpenVPN Protagonist
- Posts: 4066
- Joined: Sat Aug 09, 2014 11:24 am
Re: Win 10 upgrade TLS key negotiation failed to occur withi
Difficult to know if you --mute half the logs ..help_me_please wrote:Tue Oct 20 07:48:33 2015 us=191687 NOTE: --mute triggered...
I think you have overlooked a firewall setting.help_me_please wrote:Tue Oct 20 07:49:33 2015 us=384049 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
-
- OpenVpn Newbie
- Posts: 5
- Joined: Tue Oct 20, 2015 7:36 am
Re: Win 10 upgrade TLS key negotiation failed to occur withi
I am sorry for wasting your time. I have just resolved the issue. For some reason the windows upgrade corrupted the .crt file. Thanks.
- Traffic
- OpenVPN Protagonist
- Posts: 4066
- Joined: Sat Aug 09, 2014 11:24 am
Re: Win 10 upgrade TLS key negotiation failed to occur withi
That is new .. and quite unlikely ..help_me_please wrote:For some reason the windows upgrade corrupted the .crt file
Could you explain your resolution please ?help_me_please wrote:I have just resolved the issue
You are not wasting my time as my time is worthlesshelp_me_please wrote:I am sorry for wasting your time
-
- OpenVpn Newbie
- Posts: 5
- Joined: Tue Oct 20, 2015 7:36 am
Re: Win 10 upgrade TLS key negotiation failed to occur withi
Thank you for your interest.
I agree it surprised me that the WIN upgrade could affect the .crf file.
I originally had securepoint on my PC before upgrade. This failed to work after the upgrade.
I thereofre installed openvpn but copied the keys/cert files to the right place for openvpn. It seems that the .crt file
that I copoed was corrupt. I think it bacame corrupted by the WIN upgrade.
I copied a backup of the.crt file to the right place to overwrite the corrupt one and this resolved my issue.
Thank you.
I agree it surprised me that the WIN upgrade could affect the .crf file.
I originally had securepoint on my PC before upgrade. This failed to work after the upgrade.
I thereofre installed openvpn but copied the keys/cert files to the right place for openvpn. It seems that the .crt file
that I copoed was corrupt. I think it bacame corrupted by the WIN upgrade.
I copied a backup of the.crt file to the right place to overwrite the corrupt one and this resolved my issue.
Thank you.