Having difficulty connecting to my VPN and troubleshooting this I came across this post, I've added:
tls-cipher "DEFAULT:@SECLEVEL=0"
remote-cert-tls server
To my config it now kind of connects, however, keeps reconnecting/refreshing my logs says...
Wed Apr 18 19:21:21 2018 us=97512 No valid translation found for TLS cipher '@SECLEVEL=0'
Wed Apr 18 19:21:21 2018 us=98512 LZO compression initializing
Wed Apr 18 19:21:21 2018 us=98512 Control Channel MTU parms [ L:1654 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Wed Apr 18 19:21:21 2018 us=98512 Data Channel MTU parms [ L:1654 D:1450 EF:122 EB:411 ET:32 EL:3 ]
Wed Apr 18 19:21:21 2018 us=98512 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Wed Apr 18 19:21:21 2018 us=98512 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Wed Apr 18 19:21:21 2018 us=99012 TCP/UDP: Preserving recently used remote address: [AF_INET]188.240.175.69:12974
Wed Apr 18 19:21:21 2018 us=99012 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Apr 18 19:21:21 2018 us=99012 UDP link local: (not bound)
Wed Apr 18 19:21:21 2018 us=99012 UDP link remote: [AF_INET]188.240.175.69:12974
Wed Apr 18 19:21:21 2018 us=99012 MANAGEMENT: >STATE:1524075681,WAIT,,,,,,
Wed Apr 18 19:21:21 2018 us=123534 MANAGEMENT: >STATE:1524075681,AUTH,,,,,,
Wed Apr 18 19:21:21 2018 us=123534 TLS: Initial packet from [AF_INET]188.240.175.69:12974, sid=b8f749bc 94d2f334
Wed Apr 18 19:21:21 2018 us=274714 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear, emailAddress=
mail@netgear.com
Wed Apr 18 19:21:21 2018 us=275209 Certificate does not have key usage extension
Wed Apr 18 19:21:21 2018 us=275209 VERIFY KU ERROR
Wed Apr 18 19:21:21 2018 us=275209 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Apr 18 19:21:21 2018 us=275209 TLS_ERROR: BIO read tls_read_plaintext error
Wed Apr 18 19:21:21 2018 us=275209 TLS Error: TLS object -> incoming plaintext read error
Wed Apr 18 19:21:21 2018 us=275209 TLS Error: TLS handshake failed
Wed Apr 18 19:21:21 2018 us=275671 TCP/UDP: Closing socket
Wed Apr 18 19:21:21 2018 us=275671 SIGUSR1[soft,tls-error] received, process restarting
Wed Apr 18 19:21:21 2018 us=275671 MANAGEMENT: >STATE:1524075681,RECONNECTING,tls-error,,,,,
Wed Apr 18 19:21:21 2018 us=275671 Restart pause, 5 second(s)
Wed Apr 18 19:21:26 2018 us=278750 Re-using SSL/TLS context
Wed Apr 18 19:21:26 2018 us=278750 LZO compression initializing
Wed Apr 18 19:21:26 2018 us=279194 Control Channel MTU parms [ L:1654 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Wed Apr 18 19:21:26 2018 us=279194 Data Channel MTU parms [ L:1654 D:1450 EF:122 EB:411 ET:32 EL:3 ]
Wed Apr 18 19:21:26 2018 us=279194 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Wed Apr 18 19:21:26 2018 us=279194 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Wed Apr 18 19:21:26 2018 us=279194 TCP/UDP: Preserving recently used remote address: [AF_INET]188.240.175.69:12974
Wed Apr 18 19:21:26 2018 us=279194 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Apr 18 19:21:26 2018 us=279194 UDP link local: (not bound)
Wed Apr 18 19:21:26 2018 us=279194 UDP link remote: [AF_INET]188.240.175.69:12974
Wed Apr 18 19:21:26 2018 us=279694 MANAGEMENT: >STATE:1524075686,WAIT,,,,,,
Wed Apr 18 19:21:26 2018 us=304217 MANAGEMENT: >STATE:1524075686,AUTH,,,,,,
Wed Apr 18 19:21:26 2018 us=304217 TLS: Initial packet from [AF_INET]188.240.175.69:12974, sid=cd35f207 20a8cc76
Wed Apr 18 19:21:26 2018 us=452850 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear, emailAddress=
mail@netgear.com
Wed Apr 18 19:21:26 2018 us=453353 Certificate does not have key usage extension
Wed Apr 18 19:21:26 2018 us=453353 VERIFY KU ERROR
Wed Apr 18 19:21:26 2018 us=453353 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Apr 18 19:21:26 2018 us=453353 TLS_ERROR: BIO read tls_read_plaintext error
Wed Apr 18 19:21:26 2018 us=453353 TLS Error: TLS object -> incoming plaintext read error
Wed Apr 18 19:21:26 2018 us=453353 TLS Error: TLS handshake failed
Wed Apr 18 19:21:26 2018 us=453850 TCP/UDP: Closing socket
Wed Apr 18 19:21:26 2018 us=453850 SIGUSR1[soft,tls-error] received, process restarting
Wed Apr 18 19:21:26 2018 us=453850 MANAGEMENT: >STATE:1524075686,RECONNECTING,tls-error,,,,,
Wed Apr 18 19:21:26 2018 us=454351 Restart pause, 5 second(s)
Wed Apr 18 19:21:29 2018 us=455072 SIGTERM[hard,init_instance] received, process exiting
Wed Apr 18 19:21:29 2018 us=455519 MANAGEMENT: >STATE:1524075689,EXITING,init_instance,,,,,
Can anyone help?