I receive an error when connecting a previously connected client to our vpn network. All other clients connect with out issue. Below is the error log and config file information
OpenVpn client version: 2.6.4 (latest)
Error:
Thu May 25 12:46:59 2023 TLS error: Unsupported protocol. This typically indicates that client and server have no common TLS version enabled. This can be caused by mismatched tls-version-min and tls-version-max options on client and server. If your OpenVPN client is between v2.3.6 and v2.3.2 try adding tls-version-min 1.0 to the client configuration to use TLS 1.0+ instead of TLS 1.0 only
Thu May 25 12:46:59 2023 OpenSSL: error:0A000102:SSL routines::unsupported protocol
Thu May 25 12:46:59 2023 TLS_ERROR: BIO read tls_read_plaintext error
Thu May 25 12:46:59 2023 TLS Error: TLS object -> incoming plaintext read error
Thu May 25 12:46:59 2023 TLS Error: TLS handshake failed
Config file contents - minus CA info:
client
dev tun
proto udp
explicit-exit-notify 3
remote x.x.x.x
resolv-retry infinite
nobind
persist-key
persist-tun
auth-user-pass
cipher AES-256-CBC
comp-lzo no
tun-mtu 45000
mssfix 0
#Enable following txqueuelen option on Linux Clients for better performance
#txqueuelen 1000
mute-replay-warnings
I tried to add the tls min 1.0 line to the config file but when i try to reconnect the client says it cannot open the config file.
i have also enabled tls 1.2 and 1.0 on the client machine The client machine is windows 11 and the OpenVPN server is running on a cisco rv260w router
Please advise?
I appreciate your assistance
Thank you
Westman
TLS protocol error / log and config in post
-
westman
- OpenVpn Newbie
- Posts: 2
- Joined: Thu May 25, 2023 5:15 pm
-
Fadim
- OpenVPN User
- Posts: 32
- Joined: Mon May 15, 2023 12:14 pm
Re: TLS protocol error / log and config in post
As far as I can understand, the error log suggests a possible mismatch in TLS versions between the client and server configurations.
I'd suggest double-checking the syntax and making sure it's correctly placed within the configuration file. Also, ensure that the client machine has TLS 1.0 and 1.2 enabled.
I'd suggest double-checking the syntax and making sure it's correctly placed within the configuration file. Also, ensure that the client machine has TLS 1.0 and 1.2 enabled.
-
westman
- OpenVpn Newbie
- Posts: 2
- Joined: Thu May 25, 2023 5:15 pm
Re: TLS protocol error / log and config in post
@fadim- I have made sure all tls protocols are enabled in internet options on windows 11 client machine being 1.0, 1.2, and 1.3
Do you have a link or resource that would explain how to put the the proper syntax into the openvpn config file.
Ive tried copying and pasting from forums that the min tls is 1.0 but everytime i try openvpn unable to open the config file upon connect..
I thought it was a simple as opening the file in notepad and adding a line to the file.. am i missing something here?
Thank you for your assistance
/westman
Do you have a link or resource that would explain how to put the the proper syntax into the openvpn config file.
Ive tried copying and pasting from forums that the min tls is 1.0 but everytime i try openvpn unable to open the config file upon connect..
I thought it was a simple as opening the file in notepad and adding a line to the file.. am i missing something here?
Thank you for your assistance
/westman