Page 1 of 1
[Solved]Handshake Failed | OpenVZ Ubuntu 14.04 lts
Posted: Mon Feb 23, 2015 3:05 pm
by singul4r1ty
I've setup successfully OpenVPN last weekend, however yesterday I had to reinstall ubuntu lts on my openvz vps.
(the only difference is I took the 64bit img of ubuntu this time)
I get the following error when trying to connect:
TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
TLS handshake failed
So I assume there is no connection/talking narrows it down to Firewall issue or VPN Service is not running?
I don't know where to go from here?
Service:
no tun0 but there is venet0?
Iptables (I disabled UFW):
Because of OpenVZ masquerade does not work:
Code: Select all
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 107.161.162.16
Re: Handshake Failed | OpenVZ Ubuntu 14.04 lts
Posted: Tue Feb 24, 2015 7:19 am
by maikcat
since you are trying to start openvpn in server mode and tun is not up you must:
Post your config used,
post your log
also make sure your vz has tun/tap support enabled.
Michael.
Re: Handshake Failed | OpenVZ Ubuntu 14.04 lts
Posted: Thu Feb 26, 2015 6:08 pm
by singul4r1ty
TUN/TAP: ON
However the service openvpn never starts:
Code: Select all
# service openvpn start
* Starting virtual private network daemon(s)...
* Autostarting VPN 'server'
# service openvpn stop
* Stopping virtual private network daemon(s)...
* No VPN is running.
server.conf
Code: Select all
port 1194
proto udp
dev tun
ca ca.crt
cert vps.crt
key vps.key # This file should be kept secret
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
Re: Handshake Failed | OpenVZ Ubuntu 14.04 lts
Posted: Thu Feb 26, 2015 6:11 pm
by singul4r1ty
TUN/TAP: ON
However the service never starts running:
Code: Select all
# service openvpn start
* Starting virtual private network daemon(s)...
* Autostarting VPN 'server'
# service openvpn stop
* Stopping virtual private network daemon(s)...
* No VPN is running.
server.conf
Code: Select all
port 1194
proto udp
dev tun
ca ca.crt
cert vps.crt
key vps.key # This file should be kept secret
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
Re: Handshake Failed | OpenVZ Ubuntu 14.04 lts
Posted: Fri Feb 27, 2015 7:20 am
by maikcat
use log directive to create a log file and post its contents here...
Michael.
Re: Handshake Failed | OpenVZ Ubuntu 14.04 lts
Posted: Fri Feb 27, 2015 10:57 am
by singul4r1ty
doh!!! I enabled the log verbose 6 in the server.conf file and on 'service openvpn start' it logged the error that it couldnt find the ca.crt, vps.crt, vps.key, dh2048.pem... turns out they were still in the keys directory, forgot to move them to /etc/openvpn.... Everything is working fine now!
Thanks for your help Michael!
Re: Handshake Failed | OpenVZ Ubuntu 14.04 lts
Posted: Fri Feb 27, 2015 11:50 am
by maikcat
you welcome,
Marked as solved,
Closing topic,
Regards,
Michael.