Community Support Forum
 
  OpenVPN.net  •  Forum Index  •  FAQ  

It is currently Fri Apr 18, 2014 5:30 am


Forum rules


If you would like help, here is a few things you will want to do in order to help us help you.

**Post your configs from client and server, without comments. you can strip comments in linux/bsd with something like this:
grep -vE '^#|^;|^$' server.conf
**Tell us your goal.
**If you are having problems connecting, post your logfiles from server and client after using verb 4 in both configs


Also, there are 2 things you should be aware of:

**Sometimes you cannot avoid tunneling over tcp, but if you can avoid it, DO. Why TCP Over TCP Is A Bad Idea: http://sites.inka.de/~bigred/devel/tcp-tcp.html
**You ONLY want to use dev tap if you are tunneling layer2 traffic, if you are using IP traffic you want tun. If you are using tap only for windows file sharing, look into running a WINS server instead.



Post new topic Reply to topic  [ 2 posts ] 
 TLS Error: TLS key negotiation failed 
Author Message
 Post subject: TLS Error: TLS key negotiation failed
PostPosted: Mon Dec 13, 2010 3:54 pm 
OpenVpn Newbie

Joined: Mon Dec 13, 2010 3:48 pm
Posts: 1
Hi
I could not connect OpenVPN with one of my connection, I test it in many case and put the details of my works here for OpenVPN team, I wish the problem solved or atleast we find a way to know what is exactly come from.

I got this error at client site
TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

Here is complete error:
Attempting to establish TCP connection with myserverip:80
TCP connection established with myserverip:80
TCPv4_CLIENT link local: [undef]
TCPv4_CLIENT link remote: myserverip:80
TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
TLS Error: TLS handshake failed
TLS error (check_tls_errors_co), restarting

Detailed information and all case that I tested:

    Server is linux – CentOS
    Client is Winodws 7; all firewall turned off; antivirus turned off; also I check it in windows XP too
    I test it with ADLS connection(no issue) and my WiMax connection (got the TLS Error)

My server and client certificate configured properly because:
I have ADSL connections and WiMax connection, with ADSL I have no problem and connect without any problem.

I can reach the server because:
I can connect to server via PPTP protocol with ADSL connection and WiMax without any problem

I have no port forwarding issue because:
I use port 80; also I check with DMZ, also I check with set WiMax modem to bridge and disable NAT. in all case could not connect with OpenVPN but I connect with PPTP.

I wonder is my ISP do something!, they told they don’t filter anything but even so I use “tls-auth ta.key” and also use port 80, how can they disable it?

Also I test with 443 port, I test with UDP too but same error.

I can use PPTP for VPN but I really like to know what the issue is come from? I like to know is really my ISP can do something to block OpenVPN with port 80 and “tls-auth ta.key”?

Here is client config:
Quote:
client
dev tun
proto tcp
remote myserverip 80
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert madnik7.crt
key madnik7.key
ns-cert-type server
tls-auth ta.key 1
;comp-lzo
verb 3
mute 20


Offline
 Profile  
 
 Post subject: Re: TLS Error: TLS key negotiation failed
PostPosted: Sat Jan 08, 2011 7:00 am 
Forum Team
User avatar

Joined: Fri Aug 29, 2008 5:42 pm
Posts: 703
sure its possible
check if you can connect to the vpn through a http-proxy


Offline
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 


 Who is online 

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  


phpBB SEO
[ Time : 0.199s | 12 Queries | GZIP : On ]

 
Index  |  FAQ


Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group