TLS Shake, private VPN on private VPS

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
ad4ms3
OpenVpn Newbie
Posts: 2
Joined: Fri Nov 06, 2020 4:42 pm

TLS Shake, private VPN on private VPS

Post by ad4ms3 » Fri Nov 06, 2020 4:52 pm

Hello,

Yesterday, I purchased a basic VPS to have my private VPN. VPS is running Ubuntu 18.04 LTS. My system is Arch Linux. After the all-day fight, I managed to connect to VPS using

Code: Select all

sudo openvpn ad4ms3.ovpn
On the website "whatismyip" it is confirmed, that my ip is the VPS's one.
I can simply use systemctl to start openvpn on system startup, but I don't want to.

The problem I have, is to set it up in... network-manager in plasma5.
I was using "Import VPN Connection" and take it from there. No matter what settings I use from this option, it will either try for a minute or so and fail, or will fail immediately.
I'd like you to have a look at these logs and let me know what am I doing wrong, or what else needs doing.

***Real vpn server address has been replaced with "vpn server".***

Code: Select all

-- Logs begin at Thu 2020-06-25 14:13:02 BST, end at Fri 2020-11-06 16:21:19 GMT. --
Nov 06 16:18:56 archlinux systemd[1]: Starting Network Manager...
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.2993] NetworkManager (version 1.26.4-1) is starting... (for the first time)
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.2996] Read config: /etc/NetworkManager/NetworkManager.conf (lib: 20-connectivity.conf)
Nov 06 16:18:56 archlinux systemd[1]: Started Network Manager.
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.3032] bus-manager: acquired D-Bus service "org.freedesktop.NetworkManager"
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.3130] manager[0x55a77ce560c0]: monitoring kernel firmware directory '/lib/firmware'.
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7077] hostname: hostname: using hostnamed
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7081] dns-mgr[0x55a77ce36220]: init: dns=default,systemd-resolved rc-manager=symlink
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7089] rfkill1: found Wi-Fi radio killswitch (at /sys/devices/pci0000:00/0000:00:1d.3/0000:05:00.0/ieee80211/phy0/rfkill1) (driver iwlwifi)
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7090] manager[0x55a77ce560c0]: rfkill: Wi-Fi hardware radio set enabled
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7091] manager[0x55a77ce560c0]: rfkill: WWAN hardware radio set enabled
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7180] Loaded device plugin: NMWwanFactory (/usr/lib/NetworkManager/1.26.4-1/libnm-device-plugin-wwan.so)
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7257] Loaded device plugin: NMTeamFactory (/usr/lib/NetworkManager/1.26.4-1/libnm-device-plugin-team.so)
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7270] Loaded device plugin: NMWifiFactory (/usr/lib/NetworkManager/1.26.4-1/libnm-device-plugin-wifi.so)
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7278] Loaded device plugin: NMOvsFactory (/usr/lib/NetworkManager/1.26.4-1/libnm-device-plugin-ovs.so)
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7297] Loaded device plugin: NMBluezManager (/usr/lib/NetworkManager/1.26.4-1/libnm-device-plugin-bluetooth.so)
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7302] Loaded device plugin: NMAtmManager (/usr/lib/NetworkManager/1.26.4-1/libnm-device-plugin-adsl.so)
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7306] manager: rfkill: Wi-Fi enabled by radio killswitch; enabled by state file
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7306] manager: rfkill: WWAN enabled by radio killswitch; enabled by state file
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7307] manager: Networking is enabled by state file
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7315] dhcp-init: Using DHCP client 'internal'
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7322] settings: Loaded settings plugin: keyfile (internal)
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7371] device (lo): carrier: link connected
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7374] manager: (lo): new Generic device (/org/freedesktop/NetworkManager/Devices/1)
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7398] manager: (eno1): new Ethernet device (/org/freedesktop/NetworkManager/Devices/2)
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.7418] device (eno1): state change: unmanaged -> unavailable (reason 'managed', sys-iface-state: 'external')
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.9751] device (wlo1): driver supports Access Point (AP) mode
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.9756] manager: (wlo1): new 802.11 Wi-Fi device (/org/freedesktop/NetworkManager/Devices/3)
Nov 06 16:18:56 archlinux NetworkManager[364]: <info>  [1604679536.9764] device (wlo1): state change: unmanaged -> unavailable (reason 'managed', sys-iface-state: 'external')
Nov 06 16:18:57 archlinux NetworkManager[364]: <info>  [1604679537.0737] device (wlo1): set-hw-addr: set MAC address to 4A:2E:93:E1:19:A2 (scanning)
Nov 06 16:18:57 archlinux NetworkManager[364]: <info>  [1604679537.1679] ovsdb: Could not connect: No such file or directory
Nov 06 16:18:57 archlinux NetworkManager[364]: <info>  [1604679537.2297] device (wlo1): supplicant interface state: internal-starting -> disconnected
Nov 06 16:18:57 archlinux NetworkManager[364]: <info>  [1604679537.2298] Wi-Fi P2P device controlled by interface wlo1 created
Nov 06 16:18:57 archlinux NetworkManager[364]: <info>  [1604679537.2301] manager: (p2p-dev-wlo1): new 802.11 Wi-Fi P2P device (/org/freedesktop/NetworkManager/Devices/4)
Nov 06 16:18:57 archlinux NetworkManager[364]: <info>  [1604679537.2304] device (p2p-dev-wlo1): state change: unmanaged -> unavailable (reason 'managed', sys-iface-state: 'external')
Nov 06 16:18:57 archlinux NetworkManager[364]: <info>  [1604679537.2309] device (wlo1): state change: unavailable -> disconnected (reason 'supplicant-available', sys-iface-state: 'managed')
Nov 06 16:18:57 archlinux NetworkManager[364]: <info>  [1604679537.2317] device (p2p-dev-wlo1): state change: unavailable -> disconnected (reason 'none', sys-iface-state: 'managed')
Nov 06 16:18:57 archlinux NetworkManager[364]: <warn>  [1604679537.2346] sup-iface[99a9c663e0163b4f,0,wlo1]: call-p2p-cancel: failed with P2P cancel failed
Nov 06 16:19:02 archlinux NetworkManager[364]: <info>  [1604679542.9757] manager: startup complete
Nov 06 16:19:05 archlinux NetworkManager[364]: <info>  [1604679545.9648] policy: auto-activating connection 'New 802-11-wireless connection' (43fe17de-94dc-4448-8b25-f374f392ec72)
Nov 06 16:19:05 archlinux NetworkManager[364]: <info>  [1604679545.9654] device (wlo1): Activation: starting connection 'New 802-11-wireless connection' (43fe17de-94dc-4448-8b25-f374f392ec72)
Nov 06 16:19:05 archlinux NetworkManager[364]: <info>  [1604679545.9655] device (wlo1): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:05 archlinux NetworkManager[364]: <info>  [1604679545.9658] manager: NetworkManager state is now CONNECTING
Nov 06 16:19:05 archlinux NetworkManager[364]: <info>  [1604679545.9672] device (wlo1): set-hw-addr: reset MAC address to 30:E3:7A:AE:15:78 (preserve)
Nov 06 16:19:05 archlinux NetworkManager[364]: <info>  [1604679545.9694] device (wlo1): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:05 archlinux NetworkManager[364]: <info>  [1604679545.9697] device (wlo1): Activation: (wifi) access point 'New 802-11-wireless connection' has security, but secrets are required.
Nov 06 16:19:05 archlinux NetworkManager[364]: <info>  [1604679545.9697] device (wlo1): state change: config -> need-auth (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:05 archlinux NetworkManager[364]: <warn>  [1604679545.9726] device (wlo1): no secrets: No agents were available for this request.
Nov 06 16:19:05 archlinux NetworkManager[364]: <info>  [1604679545.9726] device (wlo1): state change: need-auth -> failed (reason 'no-secrets', sys-iface-state: 'managed')
Nov 06 16:19:05 archlinux NetworkManager[364]: <info>  [1604679545.9728] manager: NetworkManager state is now DISCONNECTED
Nov 06 16:19:05 archlinux NetworkManager[364]: <warn>  [1604679545.9734] device (wlo1): Activation: failed for connection 'New 802-11-wireless connection'
Nov 06 16:19:05 archlinux NetworkManager[364]: <info>  [1604679545.9735] device (wlo1): state change: failed -> disconnected (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:05 archlinux NetworkManager[364]: <info>  [1604679545.9760] device (wlo1): set-hw-addr: set MAC address to 0E:C9:E4:87:F9:21 (scanning)
Nov 06 16:19:06 archlinux NetworkManager[364]: <info>  [1604679546.0692] device (wlo1): supplicant interface state: disconnected -> inactive
Nov 06 16:19:06 archlinux NetworkManager[364]: <info>  [1604679546.0693] device (p2p-dev-wlo1): supplicant management interface state: disconnected -> inactive
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.1431] agent-manager: agent[51a7ce2cec273f7c,:1.76/org.kde.plasma.networkmanagement/1000]: agent registered
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.2959] policy: auto-activating connection 'New 802-11-wireless connection' (43fe17de-94dc-4448-8b25-f374f392ec72)
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.3023] device (wlo1): Activation: starting connection 'New 802-11-wireless connection' (43fe17de-94dc-4448-8b25-f374f392ec72)
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.3026] device (wlo1): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.3034] manager: NetworkManager state is now CONNECTING
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.3296] device (wlo1): set-hw-addr: reset MAC address to 30:E3:7A:AE:15:78 (preserve)
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.3321] device (wlo1): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.3328] device (wlo1): Activation: (wifi) access point 'New 802-11-wireless connection' has security, but secrets are required.
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.3328] device (wlo1): state change: config -> need-auth (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.3710] device (wlo1): supplicant interface state: inactive -> disconnected
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.3711] device (p2p-dev-wlo1): supplicant management interface state: inactive -> disconnected
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.3761] device (wlo1): supplicant interface state: disconnected -> inactive
Nov 06 16:19:07 archlinux NetworkManager[364]: <info>  [1604679547.3762] device (p2p-dev-wlo1): supplicant management interface state: disconnected -> inactive
Nov 06 16:19:08 archlinux NetworkManager[364]: <info>  [1604679548.5193] device (wlo1): state change: need-auth -> prepare (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:08 archlinux NetworkManager[364]: <info>  [1604679548.5196] device (wlo1): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:08 archlinux NetworkManager[364]: <info>  [1604679548.5199] device (wlo1): Activation: (wifi) connection 'New 802-11-wireless connection' has security, and secrets exist.  No new secrets needed.
Nov 06 16:19:08 archlinux NetworkManager[364]: <info>  [1604679548.5199] Config: added 'ssid' value 'VM6290799'
Nov 06 16:19:08 archlinux NetworkManager[364]: <info>  [1604679548.5199] Config: added 'scan_ssid' value '1'
Nov 06 16:19:08 archlinux NetworkManager[364]: <info>  [1604679548.5200] Config: added 'bgscan' value 'simple:30:-70:86400'
Nov 06 16:19:08 archlinux NetworkManager[364]: <info>  [1604679548.5200] Config: added 'key_mgmt' value 'WPA-PSK WPA-PSK-SHA256 FT-PSK'
Nov 06 16:19:08 archlinux NetworkManager[364]: <info>  [1604679548.5200] Config: added 'psk' value '<hidden>'
Nov 06 16:19:08 archlinux NetworkManager[364]: <info>  [1604679548.5558] device (wlo1): supplicant interface state: inactive -> scanning
Nov 06 16:19:08 archlinux NetworkManager[364]: <info>  [1604679548.5559] device (p2p-dev-wlo1): supplicant management interface state: inactive -> scanning
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.5331] device (wlo1): supplicant interface state: scanning -> authenticating
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.5331] device (p2p-dev-wlo1): supplicant management interface state: scanning -> authenticating
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.5392] device (wlo1): supplicant interface state: authenticating -> associating
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.5394] device (p2p-dev-wlo1): supplicant management interface state: authenticating -> associating
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.5606] device (wlo1): supplicant interface state: associating -> 4way_handshake
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.5606] device (p2p-dev-wlo1): supplicant management interface state: associating -> 4way_handshake
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.5929] device (wlo1): supplicant interface state: 4way_handshake -> completed
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.5932] device (wlo1): Activation: (wifi) Stage 2 of 5 (Device Configure) successful. Connected to wireless network "VM6290799"
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.5933] device (p2p-dev-wlo1): supplicant management interface state: 4way_handshake -> completed
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.5938] device (wlo1): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.5942] dhcp4 (wlo1): activation: beginning transaction (timeout in 45 seconds)
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6385] dhcp4 (wlo1): option dhcp_lease_time      => '86400'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6386] dhcp4 (wlo1): option domain_name_servers  => '194.168.4.100 194.168.8.100'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6386] dhcp4 (wlo1): option expiry               => '1604765949'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6386] dhcp4 (wlo1): option ip_address           => '192.168.0.14'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6386] dhcp4 (wlo1): option next_server          => '192.168.0.1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6386] dhcp4 (wlo1): option requested_broadcast_address => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6386] dhcp4 (wlo1): option requested_domain_name => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6386] dhcp4 (wlo1): option requested_domain_name_servers => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6386] dhcp4 (wlo1): option requested_domain_search => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6386] dhcp4 (wlo1): option requested_host_name  => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6386] dhcp4 (wlo1): option requested_interface_mtu => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6386] dhcp4 (wlo1): option requested_ms_classless_static_routes => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6386] dhcp4 (wlo1): option requested_nis_domain => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6387] dhcp4 (wlo1): option requested_nis_servers => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6387] dhcp4 (wlo1): option requested_ntp_servers => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6387] dhcp4 (wlo1): option requested_rfc3442_classless_static_routes => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6387] dhcp4 (wlo1): option requested_root_path  => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6387] dhcp4 (wlo1): option requested_routers    => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6387] dhcp4 (wlo1): option requested_static_routes => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6387] dhcp4 (wlo1): option requested_subnet_mask => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6387] dhcp4 (wlo1): option requested_time_offset => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6387] dhcp4 (wlo1): option requested_wpad       => '1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6387] dhcp4 (wlo1): option routers              => '192.168.0.1'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6387] dhcp4 (wlo1): option subnet_mask          => '255.255.255.0'
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6387] dhcp4 (wlo1): state changed unknown -> bound
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6400] device (wlo1): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6525] device (wlo1): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6527] device (wlo1): state change: secondaries -> activated (reason 'none', sys-iface-state: 'managed')
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6531] manager: NetworkManager state is now CONNECTED_LOCAL
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6572] manager: NetworkManager state is now CONNECTED_SITE
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6574] policy: set 'New 802-11-wireless connection' (wlo1) as default for IPv4 routing and DNS
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.6623] device (wlo1): Activation: successful, device activated.
Nov 06 16:19:09 archlinux NetworkManager[364]: <info>  [1604679549.7697] manager: NetworkManager state is now CONNECTED_GLOBAL
Nov 06 16:19:52 archlinux NetworkManager[364]: <info>  [1604679592.9857] audit: op="statistics" arg="refresh-rate-ms" pid=555 uid=1000 result="success"
Nov 06 16:19:57 archlinux NetworkManager[364]: <info>  [1604679597.4858] audit: op="statistics" arg="refresh-rate-ms" pid=555 uid=1000 result="success"
Nov 06 16:20:07 archlinux NetworkManager[364]: <info>  [1604679607.8930] audit: op="connection-activate" uuid="dd2b9c23-9ed8-4119-96c1-168c801a7a4c" name="ad4ms3" pid=1025 uid=1000 result="success"
Nov 06 16:20:07 archlinux NetworkManager[364]: <info>  [1604679607.9023] vpn-connection[0x55a77cf640a0,dd2b9c23-9ed8-4119-96c1-168c801a7a4c,"ad4ms3",0]: Started the VPN service, PID 1111
Nov 06 16:20:07 archlinux NetworkManager[364]: <info>  [1604679607.9255] vpn-connection[0x55a77cf640a0,dd2b9c23-9ed8-4119-96c1-168c801a7a4c,"ad4ms3",0]: Saw the service appear; activating connection
Nov 06 16:20:12 archlinux NetworkManager[364]: <info>  [1604679612.6709] vpn-connection[0x55a77cf640a0,dd2b9c23-9ed8-4119-96c1-168c801a7a4c,"ad4ms3",0]: VPN plugin: state changed: starting (3)
Nov 06 16:20:12 archlinux nm-openvpn[1156]: OpenVPN 2.5.0 [git:makepkg/a73072d8f780e888+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Oct 27 2020
Nov 06 16:20:12 archlinux nm-openvpn[1156]: library versions: OpenSSL 1.1.1h  22 Sep 2020, LZO 2.10
Nov 06 16:20:12 archlinux nm-openvpn[1156]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov 06 16:20:12 archlinux nm-openvpn[1156]: TCP/UDP: Preserving recently used remote address: [AF_INET]vpn server:1194
Nov 06 16:20:12 archlinux nm-openvpn[1156]: UDP link local: (not bound)
Nov 06 16:20:12 archlinux nm-openvpn[1156]: UDP link remote: [AF_INET]vpn server:1194
Nov 06 16:20:12 archlinux nm-openvpn[1156]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Nov 06 16:21:12 archlinux NetworkManager[364]: <warn>  [1604679672.8553] vpn-connection[0x55a77cf640a0,dd2b9c23-9ed8-4119-96c1-168c801a7a4c,"ad4ms3",0]: VPN connection: connect timeout exceeded.
Nov 06 16:21:12 archlinux nm-openvpn-serv[1111]: Connect timer expired, disconnecting.
Nov 06 16:21:12 archlinux nm-openvpn[1156]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Nov 06 16:21:12 archlinux nm-openvpn[1156]: TLS Error: TLS handshake failed
Nov 06 16:21:12 archlinux nm-openvpn[1156]: SIGTERM[hard,tls-error] received, process exiting
Nov 06 16:21:12 archlinux NetworkManager[364]: <warn>  [1604679672.8784] vpn-connection[0x55a77cf640a0,dd2b9c23-9ed8-4119-96c1-168c801a7a4c,"ad4ms3",0]: VPN plugin: failed: connect-failed (1)
Nov 06 16:21:12 archlinux NetworkManager[364]: <info>  [1604679672.8785] vpn-connection[0x55a77cf640a0,dd2b9c23-9ed8-4119-96c1-168c801a7a4c,"ad4ms3",0]: VPN plugin: state changed: stopping (5)
Nov 06 16:21:12 archlinux NetworkManager[364]: <info>  [1604679672.8787] vpn-connection[0x55a77cf640a0,dd2b9c23-9ed8-4119-96c1-168c801a7a4c,"ad4ms3",0]: VPN plugin: state changed: stopped (6)

Code: Select all

[ad4ms3@archlinux ~]$ resolvectl status
Failed to get global data: Unit dbus-org.freedesktop.resolve1.service not found.

Code: Select all

cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 8.8.8.8
# NOTE: the libc resolver may not support more than 3 nameservers.
# The nameservers listed below may not be recognized.
nameserver 1.1.1.1
My server config:
Server config

port 1194
proto udp
dev tun
user nobody
group nogroup
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "redirect-gateway def1 bypass-dhcp"
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server_Xw96bISiE9scE8sH.crt
key server_Xw96bISiE9scE8sH.key
auth SHA256
cipher AES-128-GCM
ncp-ciphers AES-128-GCM
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
verb 3


And my client configuration file:
Client config

client
proto udp
explicit-exit-notify
remote <server's ip> 1194 <---- here is the actual server ip
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_Xw96bISiE9scE8sH name
auth SHA256
auth-nocache
cipher AES-128-GCM
tls-client
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ignore-unknown-option block-outside-dns
setenv opt block-outside-dns # Prevent Windows 10 DNS leak
verb 3
remote-cert-tls server

*****keys and certifcates are here****


So far, I worked out, that the problem is here:

Code: Select all

Nov 06 16:21:12 archlinux nm-openvpn[1156]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Nov 06 16:21:12 archlinux nm-openvpn[1156]: TLS Error: TLS handshake failed
Nov 06 16:21:12 archlinux nm-openvpn[1156]: SIGTERM[hard,tls-error] received, process exiting
The solution https://openvpn.net/faq/tls-error-tls-k ... nectivity/ is not working. There is no firewal set upl on my vps yet. It is extremly strange, cause I can connect from the terminal, but not from GUI.

I will appreciate any support. Thank you
Last edited by Pippin on Fri Nov 06, 2020 5:43 pm, edited 1 time in total.
Reason: Formatting
Top
TinCanTech
OpenVPN Protagonist
Posts: 11139
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS Shake, private VPN on private VPS

Post by TinCanTech » Fri Nov 06, 2020 5:15 pm

ad4ms3 wrote:
Fri Nov 06, 2020 4:52 pm
 It is extremly strange, cause I can connect from the terminal, but not from GUI
The GUI being "NetworkManager" ...

We don't support NetworkManager here but you are welcome to try.
Top
User avatar
Pippin
Forum Team
Posts: 1201
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: TLS Shake, private VPN on private VPS

Post by Pippin » Fri Nov 06, 2020 5:53 pm

Check if you're affected by this bug:
https://bugs.archlinux.org/task/68480
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp
Top
ad4ms3
OpenVpn Newbie
Posts: 2
Joined: Fri Nov 06, 2020 4:42 pm

Re: TLS Shake, private VPN on private VPS

Post by ad4ms3 » Fri Nov 06, 2020 7:04 pm

Thank you for the replies and hints.
Very likely this is a bug. I switched from Plasma5 to Gnome and it works perfectly.... which is very annoying because I prefer Plasma..... :)
Top
Post Reply

Return to “Off Topic, Related”