Synology NAS: TLS Error: TLS key negotiation failed to occur

This forum is for general conversation and user-user networking.
Post Reply
User avatar
mm_user
OpenVpn Newbie
Posts: 15
Joined: Tue Apr 19, 2016 12:16 pm

Synology NAS: TLS Error: TLS key negotiation failed to occur

Post by mm_user » Tue Apr 19, 2016 12:34 pm

Hello everyone.

I'm new to this software, so I met some difficulties trying to make it work.

I have a bunch of computers, a Synology NAS (that those computers have currently access to locally), and I'd like to be able to reach that NAS wherever I am (so no longer locally). QuickConnect isn't fast enough (it takes 2 minutes to load a little file, and like 10 minutes to open bigger ones..), so I'm using VPN Server. I configurated it, activated PPTP, OpenVPN & L2TP, etc.., and, basically, entirely followed this article.

I managed to connect my computer to the VPN, extracted the compressed file, put my DNS' IP adress in the openvpn.ovpn file, executed OpenVPN Gui as Administrator, entered the password I used to connect myself to the DNS, and then, I got this error :

Image

(10.8.0.1:1194 being the dynamic IP adress created by OpenVPN on the DSM)

After some searches, I found that the error probably comes from some firewall blocking the communication, but, even after I allowed port number 1194 on my PC, on the DNS and on the router, still nothing happened.. Can you please help me?

(And sorry for my bad english..!)

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: Synology NAS: TLS Error: TLS key negotiation failed to o

Post by Traffic » Tue Apr 19, 2016 1:14 pm

mm_user wrote:I configurated it, activated PPTP, OpenVPN & L2TP, etc..,
You only want to enable OpenVPN server not PPTP and L2TP ..
mm_user wrote:and, basically, entirely followed this article.
That is a dreadful article .. and it does not show how to setup your openvpn server.

This one is better:
https://www.synology.com/en-global/know ... /vpn_setup
(Scroll down to openvpn)

FWIW:
  • 10.8.0.1 is most likely the OpenVPN Server VPN IP and cannot be used to connect to the NAS VPN.
    The NAS will have a LAN IP address, probably 192.168.x.x
    That is probably the one you need to use as --remote in your openvpn client config

User avatar
mm_user
OpenVpn Newbie
Posts: 15
Joined: Tue Apr 19, 2016 12:16 pm

Re: Synology NAS: TLS Error: TLS key negotiation failed to o

Post by mm_user » Tue Apr 19, 2016 1:28 pm

Traffic wrote:
mm_user wrote:I configurated it, activated PPTP, OpenVPN & L2TP, etc..,
You only want to enable OpenVPN server not PPTP and L2TP ..
So I have to disable PPTP & L2TP?
Traffic wrote:
mm_user wrote:and, basically, entirely followed this article.
That is a dreadful article .. and it does not show how to setup your openvpn server.
I also followed the other article, and this is my config (in French, sorry) :

Image

The 192.168.x.x:xxxx doesn't work neither..

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: Synology NAS: TLS Error: TLS key negotiation failed to o

Post by Traffic » Tue Apr 19, 2016 2:06 pm

I guarantee that --remote 10.8.0.1 1194 in your client config will not work because the VPN address is 10.8.0.1
The NAS IP and the one you need to contact your server by is the 192.168.x.x address.

I presume your client is on the same LAN as your server so:
mm_user wrote:After some searches, I found that the error probably comes from some firewall blocking the communication, but, even after I allowed port number 1194 on my PC, on the DNS and on the router, still nothing happened
I suggest you double check all those settings .. it is most likely your firewall blocking you.

User avatar
mm_user
OpenVpn Newbie
Posts: 15
Joined: Tue Apr 19, 2016 12:16 pm

Re: Synology NAS: TLS Error: TLS key negotiation failed to o

Post by mm_user » Tue Apr 19, 2016 2:19 pm

Traffic wrote:The NAS IP and the one you need to contact your server by is the 192.168.x.x address.
The port number stays 1194, or is it the 192.168.x.x:xxxx that goes in the --remote command?
Traffic wrote:I suggest you double check all those settings .. it is most likely your firewall blocking you.
The 3 things I have to check are the firewall on my PC, my router's one, and the one on the DSM?


The DSM :

Image

My computer :

Image

---

Image

The router :

Image

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: Synology NAS: TLS Error: TLS key negotiation failed to o

Post by Traffic » Wed Apr 20, 2016 7:30 am

It appears you have configured your server as TCP and your client as UDP .. they must be the same.

To configure the client use:

Code: Select all

remote ip.address
proto {choose the same as your server}
port 1194
nobind
:mrgreen:

User avatar
mm_user
OpenVpn Newbie
Posts: 15
Joined: Tue Apr 19, 2016 12:16 pm

Re: Synology NAS: TLS Error: TLS key negotiation failed to o

Post by mm_user » Wed Apr 20, 2016 8:08 am

Oh, thanks ! I just put the DSM as UDP, and the connection worked ! Thanks a lot !

Now, it does means that I'll have access to my DNS, no matter what connection I'm using? (I have no other connection to use right now)

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: Synology NAS: TLS Error: TLS key negotiation failed to o

Post by Traffic » Wed Apr 20, 2016 9:07 am

Push whatever DNS you prefer to your client ..

but beware: Windows does not play nice with DNS so use --block-outside-dns for Windows.

See --block-outside-dns in The Manual v23x

User avatar
mm_user
OpenVpn Newbie
Posts: 15
Joined: Tue Apr 19, 2016 12:16 pm

Re: Synology NAS: TLS Error: TLS key negotiation failed to o

Post by mm_user » Wed Apr 20, 2016 9:20 am

Sorry, I meant DSM, not DNS..

And btw, I tried the same with an other computer (a Mac, so I used Tunnelblick), I worked at first, I was connected, but then, I created a VPN connection that I deleted just after, and now it doesn't work anymore (TLS key negociation .....).

User avatar
mm_user
OpenVpn Newbie
Posts: 15
Joined: Tue Apr 19, 2016 12:16 pm

Re: Synology NAS: TLS Error: TLS key negotiation failed to o

Post by mm_user » Wed Apr 20, 2016 9:38 am

Okay, so I managed to log myself with the Mac without changing anything, and then, after I disconnected, it doesn't work anymore..

Exit
OpenVpn Newbie
Posts: 1
Joined: Thu May 14, 2020 7:08 am

Re: Synology NAS: TLS Error: TLS key negotiation failed to occur

Post by Exit » Thu May 14, 2020 7:16 am

There are two LAN's on Synology NAS, LAN1 & LAN2; make sure that Port Forwarding for 1194 is set against the LAN# that is specified in the OpenVPN settings.

Post Reply