Wireless to ethernet and OpenVPN no longer works

[Snax]

Hi all,

I have very little experience (read none) with OpenVPN so hoping someone might be able to assist.

I am doing IT support for a company who have OpenVPN installed on a Windows 7 64-bit "server" at their office, installed before my time there. One user has a laptop which they have been able to connect to the server in the past from their home just fine via OpenVPN GUI.

The server was connected to the office network via wireless, but upon their request (due to network speed issues) I have installed a gigabit network switch and connected that server via a network cable, then disabled the wireless network card. There is still a "Local Area Connection 2, TAP-Win32 Adapter V9" under Network Connections on the server, but now the laptop can no longer connect to it.

When I now try to connect the laptop the connection window loops the following:

Code: Select all

Sat Nov 24 10:28:04 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Sat Nov 24 10:28:04 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Nov 24 10:28:04 2012 LZO compression initialized
Sat Nov 24 10:28:04 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Nov 24 10:28:04 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Nov 24 10:28:04 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Nov 24 10:28:04 2012 Local Options hash (VER=V4): '41690919'
Sat Nov 24 10:28:04 2012 Expected Remote Options hash (VER=V4): '530fdded'
Sat Nov 24 10:28:04 2012 UDPv4 link local: [undef]
Sat Nov 24 10:28:04 2012 UDPv4 link remote: 203.118.134.111:1194

The network connection details on the TAP-Win32 Adapter is:

Code: Select all

Connection-specific DN...
Description	TAP-Win32 Adapter V9
Physical Address	00-FF-9E...	
DHCP Enabled 		Yes
IPv4 Address 		10.8.0.1
IPv4 Subnet Mask 	255.255.255.252
Lease Obtained 		Friday, 23 November 2012 3:44:44pm
Lease Expires 		Saturday, 23 November 2013 3:44:44pm
IPv4 Default Gateway
IPv4 DHCP Server	10.8.0.2
IPv4 DNS Server
IPv4 WINS Server
NetBIOS over Tcpip En..	Yes
Link-local IPv6 Address	fe80:bc4a:9875:488f:37a0%15
IPv6 Default Gateway
IPv6 DNS Servers	fec0:0:0:fff::1%1
			fec0:0:0:fff::2%1
			fec0:0:0:fff::3%1

Does anyone know what has happened and what I should do to resolve?

Many thanks in advance for any assistance, it is greatly appreciated.

Kind regards,
Dave

[Snax]

Hi all,

I have just worked through the Easy Windows Guide (http://community.openvpn.net/openvpn/wi ... dows_Guide) to try a test installation on my own network.

One step mentions port forwarding UDP Port 1194 to the server IP address. Very likely that the IP address changed when I moved from wireless to wired network so I'll check the router port forwarding settings for UDP 1194 and manually set the server IP address to match it to see if that resolves.

Cheers,
Dave

[Snax]

Hi all,

I have configured the port forwarding to match that of the computer's new IP address. I thought that would fix it but still errors loop when the client tries to connect:

Code: Select all

Tue Nov 27 17:47:42 2012 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Nov 27 17:47:42 2012 TLS Error: TLS handshake failed
Tue Nov 27 17:47:42 2012 TCP/UDP: Closing socket
Tue Nov 27 17:47:42 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Nov 27 17:47:42 2012 Restart pause, 2 second(s)
Tue Nov 27 17:47:44 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Nov 27 17:47:44 2012 Re-using SSL/TLS context
Tue Nov 27 17:47:44 2012 LZO compression initialized
Tue Nov 27 17:47:44 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Nov 27 17:47:44 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Nov 27 17:47:44 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Nov 27 17:47:44 2012 Local Options hash (VER=V4): '41690919'
Tue Nov 27 17:47:44 2012 Expected Remote Options hash (VER=V4): '530fdded'
Tue Nov 27 17:47:44 2012 UDPv4 link local: [undef]
Tue Nov 27 17:47:44 2012 UDPv4 link remote: 203.118.134.111:1194
Tue Nov 27 17:48:44 2012 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Nov 27 17:48:44 2012 TLS Error: TLS handshake failed
Tue Nov 27 17:48:44 2012 TCP/UDP: Closing socket
Tue Nov 27 17:48:44 2012 SIGUSR1[soft,tls-error] received, process restarting
Tue Nov 27 17:48:44 2012 Restart pause, 2 second(s)
Tue Nov 27 17:48:46 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Nov 27 17:48:46 2012 Re-using SSL/TLS context
Tue Nov 27 17:48:46 2012 LZO compression initialized
Tue Nov 27 17:48:46 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Nov 27 17:48:46 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Nov 27 17:48:46 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Nov 27 17:48:46 2012 Local Options hash (VER=V4): '41690919'
Tue Nov 27 17:48:46 2012 Expected Remote Options hash (VER=V4): '530fdded'
Tue Nov 27 17:48:46 2012 UDPv4 link local: [undef]
Tue Nov 27 17:48:46 2012 UDPv4 link remote: 203.118.134.111:1194
Tue Nov 27 17:49:06 2012 TCP/UDP: Closing socket
Tue Nov 27 17:49:06 2012 SIGTERM[hard,] received, process exiting

Does this mean I need to somehow generate a new key and/or certificate at the server end copy to the client PC?

Would the fact that a new lease was obtained on Friday at 3:44pm back up that theory? I didn't request a new lease, is that something OpenVPN does when a new network adapter is used? 3:44pm is a few hours after I moved from wireless to wired network and disabled the wireless.

Thanks again,
Dave

[Snax]

I'm still battling away here.

The latest, I did a clean install of OpenVPN on a new Windows 7 server and get the green screens OK server-side.

When I try to connect from a client PC I still get the following error loop:

Code: Select all

Sat Dec 01 15:34:58 2012 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Dec 01 15:34:58 2012 TLS Error: TLS handshake failed
Sat Dec 01 15:34:58 2012 TCP/UDP: Closing socket
Sat Dec 01 15:34:58 2012 SIGUSR1[soft,tls-error] received, process restarting
Sat Dec 01 15:34:58 2012 Restart pause, 2 second(s)
Sat Dec 01 15:35:00 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Dec 01 15:35:00 2012 Re-using SSL/TLS context
Sat Dec 01 15:35:00 2012 LZO compression initialized
Sat Dec 01 15:35:00 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Dec 01 15:35:00 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Dec 01 15:35:00 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Dec 01 15:35:00 2012 Local Options hash (VER=V4): '41690919'
Sat Dec 01 15:35:00 2012 Expected Remote Options hash (VER=V4): '530fdded'
Sat Dec 01 15:35:00 2012 UDPv4 link local: [undef]
Sat Dec 01 15:35:00 2012 UDPv4 link remote: 203.118.134.111:1194
Sat Dec 01 15:36:01 2012 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Dec 01 15:36:01 2012 TLS Error: TLS handshake failed
Sat Dec 01 15:36:01 2012 TCP/UDP: Closing socket
Sat Dec 01 15:36:01 2012 SIGUSR1[soft,tls-error] received, process restarting
Sat Dec 01 15:36:01 2012 Restart pause, 2 second(s)
Sat Dec 01 15:36:03 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Dec 01 15:36:03 2012 Re-using SSL/TLS context
Sat Dec 01 15:36:03 2012 LZO compression initialized
Sat Dec 01 15:36:03 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Dec 01 15:36:03 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Dec 01 15:36:03 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Dec 01 15:36:03 2012 Local Options hash (VER=V4): '41690919'
Sat Dec 01 15:36:03 2012 Expected Remote Options hash (VER=V4): '530fdded'
Sat Dec 01 15:36:03 2012 UDPv4 link local: [undef]
Sat Dec 01 15:36:03 2012 UDPv4 link remote: 203.118.134.111:1194
Sat Dec 01 15:36:22 2012 TCP/UDP: Closing socket
Sat Dec 01 15:36:22 2012 SIGTERM[hard,] received, process exiting

It'd be great to hear from someone who might have a solution... or if not just someone new to reply to this thread. Replying to myself is getting tiresome!!

Cheers,
Dave

[rsenio]

Check your certificate on the client you are using to connect? Are you just using the default self signed certificate? Did you download the self signed cert on a different openvpn setup and install it on the client, and then try to connect to your "new" server?

And you've forwarded the appropriate ports (TCP, and UDP) on your router to your OpenVPN server?