TLS key negotiation failed to occur within 60 seconds

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
parsicode
OpenVpn Newbie
Posts: 4
Joined: Thu Jun 22, 2017 7:18 am

TLS key negotiation failed to occur within 60 seconds

Post by parsicode » Thu Jun 22, 2017 2:12 pm

hello. my server is centos 6.8 and client is windows 10. when i connect to server this error occurred:
  • TLS key negotiation failed to occur within 60 seconds
client setting:

Code: Select all

client
dev tun
proto udp
remote x.x.x.x 3659
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
remote-cert-tls server
comp-lzo
verb 5
and client log:

Code: Select all

Thu Jun 22 17:07:23 2017 us=264522 Current Parameter Settings:
Thu Jun 22 17:07:23 2017 us=264522   config = 'client.ovpn'
Thu Jun 22 17:07:23 2017 us=264522   mode = 0
Thu Jun 22 17:07:23 2017 us=264522   show_ciphers = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   show_digests = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   show_engines = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   genkey = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   key_pass_file = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   show_tls_ciphers = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   connect_retry_max = 0
Thu Jun 22 17:07:23 2017 us=264522 Connection profiles [0]:
Thu Jun 22 17:07:23 2017 us=264522   proto = udp
Thu Jun 22 17:07:23 2017 us=264522   local = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   local_port = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   remote = 'x.x.x.x'
Thu Jun 22 17:07:23 2017 us=264522   remote_port = '3659'
Thu Jun 22 17:07:23 2017 us=264522   remote_float = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   bind_defined = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   bind_local = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   bind_ipv6_only = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   connect_retry_seconds = 5
Thu Jun 22 17:07:23 2017 us=264522   connect_timeout = 120
Thu Jun 22 17:07:23 2017 us=264522   socks_proxy_server = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   socks_proxy_port = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   tun_mtu = 1500
Thu Jun 22 17:07:23 2017 us=264522   tun_mtu_defined = ENABLED
Thu Jun 22 17:07:23 2017 us=264522   link_mtu = 1500
Thu Jun 22 17:07:23 2017 us=264522   link_mtu_defined = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   tun_mtu_extra = 0
Thu Jun 22 17:07:23 2017 us=264522   tun_mtu_extra_defined = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   mtu_discover_type = -1
Thu Jun 22 17:07:23 2017 us=264522   fragment = 0
Thu Jun 22 17:07:23 2017 us=264522   mssfix = 1450
Thu Jun 22 17:07:23 2017 us=264522   explicit_exit_notification = 0
Thu Jun 22 17:07:23 2017 us=264522 Connection profiles END
Thu Jun 22 17:07:23 2017 us=264522   remote_random = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   ipchange = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   dev = 'tun'
Thu Jun 22 17:07:23 2017 us=264522   dev_type = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   dev_node = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   lladdr = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   topology = 1
Thu Jun 22 17:07:23 2017 us=264522   ifconfig_local = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   ifconfig_remote_netmask = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   ifconfig_noexec = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   ifconfig_nowarn = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   ifconfig_ipv6_local = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   ifconfig_ipv6_netbits = 0
Thu Jun 22 17:07:23 2017 us=264522   ifconfig_ipv6_remote = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   shaper = 0
Thu Jun 22 17:07:23 2017 us=264522   mtu_test = 0
Thu Jun 22 17:07:23 2017 us=264522   mlock = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   keepalive_ping = 0
Thu Jun 22 17:07:23 2017 us=264522   keepalive_timeout = 0
Thu Jun 22 17:07:23 2017 us=264522   inactivity_timeout = 0
Thu Jun 22 17:07:23 2017 us=264522   ping_send_timeout = 0
Thu Jun 22 17:07:23 2017 us=264522   ping_rec_timeout = 0
Thu Jun 22 17:07:23 2017 us=264522   ping_rec_timeout_action = 0
Thu Jun 22 17:07:23 2017 us=264522   ping_timer_remote = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   remap_sigusr1 = 0
Thu Jun 22 17:07:23 2017 us=264522   persist_tun = ENABLED
Thu Jun 22 17:07:23 2017 us=264522   persist_local_ip = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   persist_remote_ip = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   persist_key = ENABLED
Thu Jun 22 17:07:23 2017 us=264522   passtos = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   resolve_retry_seconds = 1000000000
Thu Jun 22 17:07:23 2017 us=264522   resolve_in_advance = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   username = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   groupname = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   chroot_dir = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   cd_dir = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   writepid = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   up_script = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   down_script = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   down_pre = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   up_restart = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   up_delay = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   daemon = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   inetd = 0
Thu Jun 22 17:07:23 2017 us=264522   log = ENABLED
Thu Jun 22 17:07:23 2017 us=264522   suppress_timestamps = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   machine_readable_output = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   nice = 0
Thu Jun 22 17:07:23 2017 us=264522   verbosity = 5
Thu Jun 22 17:07:23 2017 us=264522   mute = 0
Thu Jun 22 17:07:23 2017 us=264522   gremlin = 0
Thu Jun 22 17:07:23 2017 us=264522   status_file = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   status_file_version = 1
Thu Jun 22 17:07:23 2017 us=264522   status_file_update_freq = 60
Thu Jun 22 17:07:23 2017 us=264522   occ = ENABLED
Thu Jun 22 17:07:23 2017 us=264522   rcvbuf = 0
Thu Jun 22 17:07:23 2017 us=264522   sndbuf = 0
Thu Jun 22 17:07:23 2017 us=264522   sockflags = 0
Thu Jun 22 17:07:23 2017 us=264522   fast_io = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   comp.alg = 2
Thu Jun 22 17:07:23 2017 us=264522   comp.flags = 1
Thu Jun 22 17:07:23 2017 us=264522   route_script = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   route_default_gateway = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   route_default_metric = 0
Thu Jun 22 17:07:23 2017 us=264522   route_noexec = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   route_delay = 5
Thu Jun 22 17:07:23 2017 us=264522   route_delay_window = 30
Thu Jun 22 17:07:23 2017 us=264522   route_delay_defined = ENABLED
Thu Jun 22 17:07:23 2017 us=264522   route_nopull = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   route_gateway_via_dhcp = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   allow_pull_fqdn = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   management_addr = '127.0.0.1'
Thu Jun 22 17:07:23 2017 us=264522   management_port = '25340'
Thu Jun 22 17:07:23 2017 us=264522   management_user_pass = 'stdin'
Thu Jun 22 17:07:23 2017 us=264522   management_log_history_cache = 250
Thu Jun 22 17:07:23 2017 us=264522   management_echo_buffer_size = 100
Thu Jun 22 17:07:23 2017 us=264522   management_write_peer_info_file = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   management_client_user = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   management_client_group = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   management_flags = 6
Thu Jun 22 17:07:23 2017 us=264522   shared_secret_file = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   key_direction = 0
Thu Jun 22 17:07:23 2017 us=264522   ciphername = 'BF-CBC'
Thu Jun 22 17:07:23 2017 us=264522   ncp_enabled = ENABLED
Thu Jun 22 17:07:23 2017 us=264522   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Thu Jun 22 17:07:23 2017 us=264522   authname = 'SHA1'
Thu Jun 22 17:07:23 2017 us=264522   prng_hash = 'SHA1'
Thu Jun 22 17:07:23 2017 us=264522   prng_nonce_secret_len = 16
Thu Jun 22 17:07:23 2017 us=264522   keysize = 0
Thu Jun 22 17:07:23 2017 us=264522   engine = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   replay = ENABLED
Thu Jun 22 17:07:23 2017 us=264522   mute_replay_warnings = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   replay_window = 64
Thu Jun 22 17:07:23 2017 us=264522   replay_time = 15
Thu Jun 22 17:07:23 2017 us=264522   packet_id_file = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   use_iv = ENABLED
Thu Jun 22 17:07:23 2017 us=264522   test_crypto = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   tls_server = DISABLED
Thu Jun 22 17:07:23 2017 us=264522   tls_client = ENABLED
Thu Jun 22 17:07:23 2017 us=264522   key_method = 2
Thu Jun 22 17:07:23 2017 us=264522   ca_file = 'ca.crt'
Thu Jun 22 17:07:23 2017 us=264522   ca_path = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   dh_file = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   cert_file = 'client.crt'
Thu Jun 22 17:07:23 2017 us=264522   extra_certs_file = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   priv_key_file = 'client.key'
Thu Jun 22 17:07:23 2017 us=264522   pkcs12_file = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   cryptoapi_cert = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   cipher_list = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   tls_verify = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   tls_export_cert = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   verify_x509_type = 0
Thu Jun 22 17:07:23 2017 us=264522   verify_x509_name = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   crl_file = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=264522   ns_cert_type = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 65535
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_ku[i] = 0
Thu Jun 22 17:07:23 2017 us=264522   remote_cert_eku = 'TLS Web Server Authentication'
Thu Jun 22 17:07:23 2017 us=264522   ssl_flags = 0
Thu Jun 22 17:07:23 2017 us=264522   tls_timeout = 2
Thu Jun 22 17:07:23 2017 us=264522   renegotiate_bytes = -1
Thu Jun 22 17:07:23 2017 us=280169   renegotiate_packets = 0
Thu Jun 22 17:07:23 2017 us=280169   renegotiate_seconds = 3600
Thu Jun 22 17:07:23 2017 us=280169   handshake_window = 60
Thu Jun 22 17:07:23 2017 us=280169   transition_window = 3600
Thu Jun 22 17:07:23 2017 us=280169   single_session = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   push_peer_info = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   tls_exit = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   tls_auth_file = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=280169   tls_crypt_file = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_protected_authentication = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_private_mode = 00000000
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_cert_private = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_pin_cache_period = -1
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_id = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=280169   pkcs11_id_management = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   server_network = 0.0.0.0
Thu Jun 22 17:07:23 2017 us=280169   server_netmask = 0.0.0.0
Thu Jun 22 17:07:23 2017 us=280169   server_network_ipv6 = ::
Thu Jun 22 17:07:23 2017 us=280169   server_netbits_ipv6 = 0
Thu Jun 22 17:07:23 2017 us=280169   server_bridge_ip = 0.0.0.0
Thu Jun 22 17:07:23 2017 us=280169   server_bridge_netmask = 0.0.0.0
Thu Jun 22 17:07:23 2017 us=280169   server_bridge_pool_start = 0.0.0.0
Thu Jun 22 17:07:23 2017 us=280169   server_bridge_pool_end = 0.0.0.0
Thu Jun 22 17:07:23 2017 us=280169   ifconfig_pool_defined = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   ifconfig_pool_start = 0.0.0.0
Thu Jun 22 17:07:23 2017 us=280169   ifconfig_pool_end = 0.0.0.0
Thu Jun 22 17:07:23 2017 us=280169   ifconfig_pool_netmask = 0.0.0.0
Thu Jun 22 17:07:23 2017 us=280169   ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=280169   ifconfig_pool_persist_refresh_freq = 600
Thu Jun 22 17:07:23 2017 us=280169   ifconfig_ipv6_pool_defined = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   ifconfig_ipv6_pool_base = ::
Thu Jun 22 17:07:23 2017 us=280169   ifconfig_ipv6_pool_netbits = 0
Thu Jun 22 17:07:23 2017 us=280169   n_bcast_buf = 256
Thu Jun 22 17:07:23 2017 us=280169   tcp_queue_limit = 64
Thu Jun 22 17:07:23 2017 us=280169   real_hash_size = 256
Thu Jun 22 17:07:23 2017 us=280169   virtual_hash_size = 256
Thu Jun 22 17:07:23 2017 us=280169   client_connect_script = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=280169   learn_address_script = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=280169   client_disconnect_script = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=280169   client_config_dir = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=280169   ccd_exclusive = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   tmp_dir = 'C:\Users\saeed\AppData\Local\Temp\'
Thu Jun 22 17:07:23 2017 us=280169   push_ifconfig_defined = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   push_ifconfig_local = 0.0.0.0
Thu Jun 22 17:07:23 2017 us=280169   push_ifconfig_remote_netmask = 0.0.0.0
Thu Jun 22 17:07:23 2017 us=280169   push_ifconfig_ipv6_defined = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   push_ifconfig_ipv6_local = ::/0
Thu Jun 22 17:07:23 2017 us=280169   push_ifconfig_ipv6_remote = ::
Thu Jun 22 17:07:23 2017 us=280169   enable_c2c = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   duplicate_cn = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   cf_max = 0
Thu Jun 22 17:07:23 2017 us=280169   cf_per = 0
Thu Jun 22 17:07:23 2017 us=280169   max_clients = 1024
Thu Jun 22 17:07:23 2017 us=280169   max_routes_per_client = 256
Thu Jun 22 17:07:23 2017 us=280169   auth_user_pass_verify_script = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=280169   auth_user_pass_verify_script_via_file = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   auth_token_generate = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   auth_token_lifetime = 0
Thu Jun 22 17:07:23 2017 us=280169   client = ENABLED
Thu Jun 22 17:07:23 2017 us=280169   pull = ENABLED
Thu Jun 22 17:07:23 2017 us=280169   auth_user_pass_file = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=280169   show_net_up = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   route_method = 0
Thu Jun 22 17:07:23 2017 us=280169   block_outside_dns = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   ip_win32_defined = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   ip_win32_type = 3
Thu Jun 22 17:07:23 2017 us=280169   dhcp_masq_offset = 0
Thu Jun 22 17:07:23 2017 us=280169   dhcp_lease_time = 31536000
Thu Jun 22 17:07:23 2017 us=280169   tap_sleep = 0
Thu Jun 22 17:07:23 2017 us=280169   dhcp_options = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   dhcp_renew = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   dhcp_pre_release = DISABLED
Thu Jun 22 17:07:23 2017 us=280169   domain = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=280169   netbios_scope = '[UNDEF]'
Thu Jun 22 17:07:23 2017 us=280169   netbios_node_type = 0
Thu Jun 22 17:07:23 2017 us=280169   disable_nbt = DISABLED
Thu Jun 22 17:07:23 2017 us=280169 OpenVPN 2.4.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 11 2017
Thu Jun 22 17:07:23 2017 us=280169 Windows version 6.2 (Windows 8 or greater) 64bit
Thu Jun 22 17:07:23 2017 us=280169 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.10
Enter Management Password:
Thu Jun 22 17:07:23 2017 us=280169 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Thu Jun 22 17:07:23 2017 us=280169 Need hold release from management interface, waiting...
Thu Jun 22 17:07:23 2017 us=717721 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Thu Jun 22 17:07:23 2017 us=827067 MANAGEMENT: CMD 'state on'
Thu Jun 22 17:07:23 2017 us=827067 MANAGEMENT: CMD 'log all on'
Thu Jun 22 17:07:26 2017 us=742098 MANAGEMENT: CMD 'echo all on'
Thu Jun 22 17:07:26 2017 us=773333 MANAGEMENT: CMD 'hold off'
Thu Jun 22 17:07:26 2017 us=804583 MANAGEMENT: CMD 'hold release'
Thu Jun 22 17:07:27 2017 us=70221 LZO compression initializing
Thu Jun 22 17:07:27 2017 us=70221 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Thu Jun 22 17:07:27 2017 us=70221 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Thu Jun 22 17:07:27 2017 us=70221 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Jun 22 17:07:27 2017 us=70221 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Jun 22 17:07:27 2017 us=70221 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:3659
Thu Jun 22 17:07:27 2017 us=70221 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Jun 22 17:07:27 2017 us=70221 UDP link local: (not bound)
Thu Jun 22 17:07:27 2017 us=70221 UDP link remote: [AF_INET]x.x.x.x:3659
Thu Jun 22 17:07:27 2017 us=70221 MANAGEMENT: >STATE:1498135047,WAIT,,,,,,
Thu Jun 22 17:08:28 2017 us=14143 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Jun 22 17:08:28 2017 us=14143 TLS Error: TLS handshake failed
Thu Jun 22 17:08:28 2017 us=14143 TCP/UDP: Closing socket

parsicode
OpenVpn Newbie
Posts: 4
Joined: Thu Jun 22, 2017 7:18 am

Re: TLS key negotiation failed to occur within 60 seconds

Post by parsicode » Thu Jun 22, 2017 3:47 pm

problem solved by commenting tls-auth ta.key 0 # This file is secret

User avatar
Pippin
Forum Team
Posts: 1201
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: TLS key negotiation failed to occur within 60 seconds

Post by Pippin » Thu Jun 22, 2017 4:03 pm

Meaning, you forgot to copy ta.key to your client and

Code: Select all

ta.key 1
in your client config...

Post Reply