OVPN client fails to connect, meanwhile "identical" one succeeds

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
EMCCi
OpenVpn Newbie
Posts: 3
Joined: Thu May 13, 2021 11:42 am

OVPN client fails to connect, meanwhile "identical" one succeeds

Post by EMCCi » Thu May 13, 2021 12:02 pm

I have OpenVPN servers set in 4G remote routers (Teltonika RUT955) and I have the computer of the office that can connect to them succesfully as client.

Now I'm working remotely in another computer where I have pasted the configuration of the office computer and I'm not able to connect to the servers. The office computer is still able to connect, then I disconnect it and try to connect the home computer and it fails.

The OpenVPN handshake gets stuck repeating this line:

UDP WRITE [14] to [AF_INET]XXX.XXX.XXX.XXX:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0

I have found some information on the internet saying that this kind of messages could be due to the server being unable to come back to the client, but I have no idea...

The configuration of the server is (It's configured through web interface):
Server Config

config webui 'webui'
option _auth 'tls'

config openvpn '7365727665725F4F70656E56504E'
option persist_key '1'
option port '1194'
option keepalive '10 120'
option persist_tun '1'
option status '/tmp/openvpn-status_server_OpenVPN.log'
option verb '5'
option proto 'udp'
option dev 'tun_s_OpenVPN'
option _auth 'tls'
option _tls_cipher 'all'
option cipher 'AES-256-CBC'
option client_to_client '1'
option enable '1'
option ca '/lib/uci/upload/cbid.openvpn.server_OpenVPN.ca'
option cert '/lib/uci/upload/cbid.openvpn.server_OpenVPN.cert'
option key '/lib/uci/upload/cbid.openvpn.server_OpenVPN.key'
option dh '/lib/uci/upload/cbid.openvpn.server_OpenVPN.dh'
option server '10.0.1.0 255.255.255.0'
option name_is_hexed '1'
list push 'route 192.168.3.0 255.255.255.0'
option duplicate_cn '1'
option auth 'sha1'
option _tls_auth 'none'
option client_config_dir '/etc/openvpn/ccd'


The configuration file of the clients is:
Client Config

client
dev tun
proto UDP
remote xxxxxxxxxxx 1194
resolv-retry infinte
nobind
persist-key
persist-tun
ca ca.crt
cert cert.crt
key key.key
remote-cert-tls server
cipher AES-256-CBC


In both computers I have a `TAP-Windows Adapter V9` for the VPN. For me both clients are identical, but the one in the office is able to connect, meanwhile the one home isn't.

Logs(Tell me if I have forgoted to anonymate something):

- Succesful client connectiong log: https://pastebin.com/SSn8YAWG
- Server log of the succesful client connection: https://pastebin.com/yEt33n3K
- UNsuccesful client connection log: https://pastebin.com/cHiXPZ8e
- Server log of the UNsuccesful client connection: Empty... no log is registered from this connection attempt.
- UNsuccesful client connection log but with TCP: https://pastebin.com/HvGpfFC3
- Server log of the UNsuccesful client connection but with TCP: Empty... no log is registered from this connection attempt.

What can cause this behaviour?

Thanks for your time,


Héctor

User avatar
TinCanTech
Forum Team
Posts: 9245
Joined: Fri Jun 03, 2016 1:17 pm

Re: OVPN client fails to connect, meanwhile "identical" one succeeds

Post by TinCanTech » Thu May 13, 2021 12:10 pm

EMCCi wrote:
Thu May 13, 2021 12:02 pm
- Server log of the UNsuccesful client connection: Empty... no log is registered from this connection attempt.
<snip>
- Server log of the UNsuccesful client connection but with TCP: Empty... no log is registered from this connection attempt.
The client cannot reach the server.

EMCCi
OpenVpn Newbie
Posts: 3
Joined: Thu May 13, 2021 11:42 am

Re: OVPN client fails to connect, meanwhile "identical" one succeeds

Post by EMCCi » Thu May 13, 2021 3:38 pm

But what can cause something this? I think that both clients configurations are the same. And the public IP of the server is available from both computers.

User avatar
TinCanTech
Forum Team
Posts: 9245
Joined: Fri Jun 03, 2016 1:17 pm

Re: OVPN client fails to connect, meanwhile "identical" one succeeds

Post by TinCanTech » Thu May 13, 2021 4:22 pm

From your log:

Code: Select all

2021-05-10 16:59:15 us=521585 TCP: connect to [AF_INET]public.ip:1194 failed: Unknown error
failed: Unknown error is some unknown network error.

EMCCi
OpenVpn Newbie
Posts: 3
Joined: Thu May 13, 2021 11:42 am

Re: OVPN client fails to connect, meanwhile "identical" one succeeds

Post by EMCCi » Fri May 14, 2021 11:28 am

Thanks you so much

tedm
OpenVpn Newbie
Posts: 6
Joined: Sun May 16, 2021 4:30 pm

Re: OVPN client fails to connect, meanwhile "identical" one succeeds

Post by tedm » Sun May 16, 2021 5:43 pm

try changing the port the openvpn server is listening on it's likely your provider is blocking VPN traffic.

Post Reply