openvpn -TLS Error

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
zfish
OpenVpn Newbie
Posts: 2
Joined: Wed May 01, 2013 6:55 pm

openvpn -TLS Error

Post by zfish » Wed May 01, 2013 6:56 pm

This is the error log

----
Thu May 2 01:05:14 2013 218.86.195.206:28387 TLS: Initial packet from [AF_INET]218.86.195.206:28387, sid=86eac8aa 05140769
Thu May 2 01:06:14 2013 218.86.195.206:28280 TLS: Initial packet from [AF_INET]218.86.195.206:28280, sid=aa44605d 2b4edba3
Thu May 2 01:06:14 2013 218.86.195.206:28387 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu May 2 01:06:14 2013 218.86.195.206:28387 TLS Error: TLS handshake failed
Thu May 2 01:06:14 2013 218.86.195.206:28387 SIGUSR1[soft,tls-error] received, client-instance restarting

----

and this is my openvpn config

----

port 11994
proto udp
dev tun

# SSL/TLS
ca /etc/openvpn/ca.crt
cert /etc/openvpn/zfish.crt
key /etc/openvpn/zfish.key

tls-auth /etc/openvpn/ta.key 0

# Diffie hellman parameters
dh /etc/openvpn/dh2048.pem
script-security 2
keepalive 10 120
comp-lzo
# VPN subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /etc/openvpn/ipp.txt
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 3
push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 4.4.4.4"
#push "dhcp-option DNS 208.67.222.222"

-----

and this is my andriod client config

----
#!/bin/sh
client

dev tun
proto udp
remote 106.187.49.162 11994
nobind
persist-key
persist-tun
ca ca.crt
cert MX2.crt
key MX2.key

tls-auth ta.key 1
auth-user-pass

verb 3

----

Please help me, Thanks very much!
Top
User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:
Contact janjust

Re: openvpn -TLS Error

Post by janjust » Fri May 03, 2013 8:30 am

there is a router or firewall blocking traffic - the initial packets are coming through, it seems, but the replies sent back must get lost somewhere. Check the firewall policies on both sides.

Also, some ISPs and countries filter heavily on OpenVPN traffic - it's hard to duck these firewalls.
Top
zfish
OpenVpn Newbie
Posts: 2
Joined: Wed May 01, 2013 6:55 pm

Re: openvpn -TLS Error

Post by zfish » Fri May 03, 2013 9:57 am

janjust wrote:there is a router or firewall blocking traffic - the initial packets are coming through, it seems, but the replies sent back must get lost somewhere. Check the firewall policies on both sides.

Also, some ISPs and countries filter heavily on OpenVPN traffic - it's hard to duck these firewalls.
I am in china, I just change the vpn port and the problem was solved! Maybe the GFW is great and terrible!
Top
Post Reply

Return to “OpenVPN Connect (Android)”