[Solved]Handshake Failed | OpenVZ Ubuntu 14.04 lts

[singul4r1ty]

I've setup successfully OpenVPN last weekend, however yesterday I had to reinstall ubuntu lts on my openvz vps.
(the only difference is I took the 64bit img of ubuntu this time)

I get the following error when trying to connect:

TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
TLS handshake failed

So I assume there is no connection/talking narrows it down to Firewall issue or VPN Service is not running?
I don't know where to go from here?

Service:
no tun0 but there is venet0?


Iptables (I disabled UFW):
Because of OpenVZ masquerade does not work:

Code: Select all

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 107.161.162.16

[maikcat]

since you are trying to start openvpn in server mode and tun is not up you must:

Post your config used,
post your log

also make sure your vz has tun/tap support enabled.

Michael.

[singul4r1ty]

TUN/TAP: ON


However the service openvpn never starts:

Code: Select all

# service openvpn start
 * Starting virtual private network daemon(s)...                                 
 *   Autostarting VPN 'server'                                                  
# service openvpn stop
 * Stopping virtual private network daemon(s)...                                 
 *   No VPN is running.

server.conf

Code: Select all

port 1194
proto udp
dev tun
ca ca.crt
cert vps.crt
key vps.key  # This file should be kept secret
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

[singul4r1ty]

TUN/TAP: ON


However the service never starts running:

Code: Select all

# service openvpn start
 * Starting virtual private network daemon(s)...                                 
 *   Autostarting VPN 'server'                                                  
# service openvpn stop
 * Stopping virtual private network daemon(s)...                                 
 *   No VPN is running.

server.conf

Code: Select all

port 1194
proto udp
dev tun
ca ca.crt
cert vps.crt
key vps.key  # This file should be kept secret
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

[maikcat]

use log directive to create a log file and post its contents here...

Michael.

[singul4r1ty]

doh!!! I enabled the log verbose 6 in the server.conf file and on 'service openvpn start' it logged the error that it couldnt find the ca.crt, vps.crt, vps.key, dh2048.pem... turns out they were still in the keys directory, forgot to move them to /etc/openvpn.... Everything is working fine now!
Thanks for your help Michael!

[maikcat]

you welcome,

Marked as solved,

Closing topic,

Regards,

Michael.