TLS key negotiation failed to occur

[warheat]

Hi, I have an VPS with CentOS 5.4 32bit.

I get this error when I tried to connect with client :
TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
TLS Error: TLS handshake failed

Tried to disable my firewall, still got this error. This is my settings.

Server :

Code: Select all

port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-to-client
keepalive 5 60
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

Client :

Code: Select all

client
dev tun
proto udp
remote server.ip 1194
resolv-retry infinite
ns-cert-type server
nobind
persist-key
persist-tun
ca ca.crt
cert johan.crt
key johan.key
comp-lzo
verb 3

[janjust]

TLS handshake errors usually point at a badly behaving router or a too strict firewall; try your setup with 'proto tcp' to see if that works - if that works then you know it's an UDP routing issue (which some cheapo home-routers don't do too well).
If TCP also does not work then take a loooong look at your firewall rules.

[cesposito]

I have got the same type of errors on several machines.
My general setup is a central server with OpenVpn ON CentOS and several remote OpenVPN clients on top of OpenBSD.
The OpenVPN connections will work for a while but at some point in time the clients will not be able to connect to the server. The clients will hang up and produce this TLS errors. I believe that this behaviour is a bug but I am not sure yet.
Moreover the majority of the connections are not going through a firewall, i.e. direct internet connections.
Are there other possibilities which could explain this TLS error?