1. i have a cisco router that has allowed access to the world on port 1194
2. server - Centos 7
3. Client will be a windows machine but for now testing on tunnelblick
--------------------------------------------------------------------------------------------------------------------------------------------
i keep getting a this err msg i am not sure i check my (Iptalbles and F them on .171 nand .153 has no IP tables )it seem to go thru my router then it foes to .153 then it should go to .171 but it get stuck on .171 which is th4 final destination
TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
TLS Error: TLS handshake failed
--------------------------------------------------------------------------------------------------------------------------------------------
he are some of my config files please let me know if you need anything else
log output form client side
--------------------------------------------------------------------------------------------------------------------------------------------
2017-09-04 16:30:11 *Tunnelblick: openvpnstart starting OpenVPN
2017-09-04 16:30:13 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2017-09-04 16:30:13 MANAGEMENT: CMD 'pid'
2017-09-04 16:30:13 MANAGEMENT: CMD 'state on'
2017-09-04 16:30:13 MANAGEMENT: CMD 'state'
2017-09-04 16:30:13 MANAGEMENT: CMD 'bytecount 1'
2017-09-04 16:30:13 MANAGEMENT: CMD 'hold release'
2017-09-04 16:30:13 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2017-09-04 16:30:13 PLUGIN_INIT: POST /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.17-openssl-1.0.2k/openvpn-down-root.so '[/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.17-openssl-1.0.2k/openvpn-down-root.so] [/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh] [-9] [-d] [-f] [-m] [-w] [-ptADGNWradsgnw]' intercepted=PLUGIN_UP|PLUGIN_DOWN
2017-09-04 16:30:13 *Tunnelblick: Established communication with OpenVPN
2017-09-04 16:30:13 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
2017-09-04 16:30:13 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2017-09-04 16:30:13 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2017-09-04 16:30:13 Socket Buffers: R=[196724->196724] S=[9216->9216]
2017-09-04 16:30:13 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
2017-09-04 16:30:13 UDPv4 link local: [undef]
2017-09-04 16:30:13 UDPv4 link remote: [AF_INET]xx.xx.xx.xx:1194
2017-09-04 16:30:13 MANAGEMENT: >STATE:1504557013,WAIT,,,
2017-09-04 16:31:13 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2017-09-04 16:31:13 TLS Error: TLS handshake failed
2017-09-04 16:31:13 SIGUSR1[soft,tls-error] received, process restarting
2017-09-04 16:31:13 MANAGEMENT: >STATE:1504557073,RECONNECTING,tls-error,,
2017-09-04 16:31:13 MANAGEMENT: CMD 'hold release'
2017-09-04 16:31:13 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2017-09-04 16:31:13 Socket Buffers: R=[196724->196724] S=[9216->9216]
2017-09-04 16:31:13 UDPv4 link local: [undef]
2017-09-04 16:31:13 UDPv4 link remote: [AF_INET]xx.xx.xx.xx:1194
2017-09-04 16:31:13 MANAGEMENT: >STATE:1504557073,WAIT,,,
--------------------------------------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------------------------------------
some config from my server.conf
--------------------------------------------------------------------------------------------------------------------------------------------
# Which TCP/UDP port should OpenVPN listen on?
# If you want to run multiple OpenVPN instances
# on the same machine, use a different port
# number for each one. You will need to
# open up this port on your firewall.
port 1194
# TCP or UDP server?
proto tcp
proto udp
;dev tap
dev tun
# Configure server mode and supply a VPN subnet
# for OpenVPN to draw client addresses from.
# The server will take 10.8.0.1 for itself,
# the rest will be made available to clients.
# Each client will be able to reach the server
# on 10.8.0.1. Comment this line out if you are
# ethernet bridging. See the man page for more info.
server 10.8.0.0 255.255.255.0
# Certain Windows-specific network settings
# can be pushed to clients, such as DNS
# or WINS server addresses. CAVEAT:
# http://openvpn.net/faq.html#dhcpcaveats
# The addresses below refer to the public
# DNS servers provided by opendns.com.
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
--------------------------------------------------------------------------------------------------------------------------------------------
cleint.conf
--------------------------------------------------------------------------------------------------------------------------------------------
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote xx.xx.xx.xx 1194
;remote my-server-2 1194
--------------------------------------------------------------------------------------------------------------------------------------------
TLS Error: TLS key negotiation failed to occur within 60 seconds
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
Spyder13337
- OpenVpn Newbie
- Posts: 1
- Joined: Mon Sep 04, 2017 8:21 pm
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm