Hello everyone, today I created an OpenVPN server on my VDS to connect work devices to the same network, and although all clients on Windows 10 connect without any problems, I get an error on the router from the same network as Win10 machines
Nov 19 15:11:55 openvpn[1449]: TLS: Initial packet from [AF_INET]XX.XX.XX.XX:1194, sid=63731366 8295bc9d
Nov 19 15:12:55 openvpn[1449]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Nov 19 15:12:55 openvpn[1449]: TLS Error: TLS handshake failed
Nov 19 15:12:55 openvpn[1449]: SIGUSR1[soft,tls-error] received, process restarting
Nov 19 15:12:55 openvpn[1449]: Restart pause, 2 second(s)
Nov 19 15:12:57 openvpn[1449]: Socket Buffers: R=[116736->131072] S=[116736->131072]
Nov 19 15:12:57 openvpn[1449]: UDPv4 link local: [undef]
Nov 19 15:12:57 openvpn[1449]: UDPv4 link remote: [AF_INET]XX.XX.XX.XX:1194
Nov 19 15:12:57 openvpn[1449]: TLS: Initial packet from [AF_INET]XX.XX.XX.XX:1194, sid=44190fe3 f770cb18
and so on
My server config
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "route 10.0.1.0 255.255.255.0"
push "route 10.0.56.0 255.255.255.0"
push "route 192.168.1.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 95.167.167.95"
client-to-client
keepalive 20 120
tls-auth ta.key 0
cipher AES-256-CBC
auth SHA256
### before TLS error, syslog on mu asus router complained about nobody and nogroup ###
;user nobody
;group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
;log-append /var/log/openvpn/openvpn.log
verb 3
explicit-exit-notify 1
No matter what i try to do TLS handshake still drops between router and server.
I will be glad for your advice.
TLS error occurs when I try to connect to an OpenVPN server from a router
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 1
- Joined: Sat Nov 19, 2022 5:18 pm
- ordex
- OpenVPN Inc.
- Posts: 444
- Joined: Wed Dec 28, 2016 2:32 am
- Location: IRC #openvpn-devel @ libera.chat
Re: TLS error occurs when I try to connect to an OpenVPN server from a router
unfortunately this is not useful because this simply means that this device hasn't got any reply back within 60 seconds.
I'd suggest to enable "verb 4" on the server and post the server log during the router connection attempt. It should contain the actual reason for not processing the incoming connection request.
I'd suggest to enable "verb 4" on the server and post the server log during the router connection attempt. It should contain the actual reason for not processing the incoming connection request.