Can't access VPN server

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
sauk42
OpenVpn Newbie
Posts: 5
Joined: Thu Nov 07, 2019 2:52 am

Can't access VPN server

Post by sauk42 » Thu Nov 07, 2019 8:25 pm

I am having a problem connecting to OpenVPN server from Android. It worked before I moved my router and Raspberry Pi to my church to test out the connection. I couldn't connect at my church and now I can't connect at my house. Below are the logs from my client (Android) and server (Raspberry Pi running OpenMediaVault). I don't know what error in the log to go off of. I even stopped and restarted OpenVPN services on the server. Please help!

Client

21:37:30.909 -- ----- OpenVPN Start -----

21:37:30.910 -- EVENT: CORE_THREAD_ACTIVE

21:37:30.914 -- OpenVPN core 3.git::728733ae:Release android armv7a thumb2 32-bit PT_PROXY built on Aug 14 2019 14:13:59

21:37:30.937 -- Frame=512/2048/512 mssfix-ctrl=1250

21:37:30.938 -- UNUSED OPTIONS
6 [persist-key]
7 [persist-tun]
8 [nobind]
9 [resolv-retry] [infinite]
10 [verb] [3]
11 [mute] [10]

21:37:30.939 -- EVENT: RESOLVE

21:37:30.942 -- Contacting [Public IP]:1194 via UDP

21:37:30.943 -- EVENT: WAIT

21:37:30.955 -- Connecting to [[Public IP]]:1194 ([Public IP]) via UDPv4

21:37:40.929 -- Server poll timeout, trying next remote entry...

21:37:40.931 -- EVENT: RECONNECTING

21:37:40.941 -- EVENT: RESOLVE

21:37:40.947 -- Contacting [Public IP]:1194 via UDP

21:37:40.948 -- EVENT: WAIT

21:37:40.958 -- Connecting to [[Public IP]]:1194 ([Public IP]) via UDPv4

21:37:50.931 -- Server poll timeout, trying next remote entry...

21:37:50.932 -- EVENT: RECONNECTING

21:37:50.935 -- EVENT: RESOLVE

21:37:50.938 -- Contacting [Public IP]:1194 via UDP

21:37:50.939 -- EVENT: WAIT

21:37:50.942 -- Connecting to [[Public IP]]:1194 ([Public IP]) via UDPv4

21:38:00.936 -- Server poll timeout, trying next remote entry...

21:38:00.944 -- EVENT: RECONNECTING

21:38:00.951 -- EVENT: RESOLVE

21:38:00.958 -- Contacting [Public IP]:1194 via UDP

21:38:00.961 -- EVENT: WAIT

21:38:00.971 -- Connecting to [[Public IP]]:1194 ([Public IP]) via UDPv4

21:38:10.936 -- Server poll timeout, trying next remote entry...

21:38:10.938 -- EVENT: RECONNECTING

21:38:10.944 -- EVENT: RESOLVE

21:38:10.948 -- Contacting [Public IP]:1194 via UDP

21:38:10.957 -- EVENT: WAIT

21:38:10.964 -- Connecting to [[Public IP]]:1194 ([Public IP]) via UDPv4

21:38:20.942 -- Server poll timeout, trying next remote entry...

21:38:20.944 -- EVENT: RECONNECTING

21:38:20.949 -- EVENT: RESOLVE

21:38:20.955 -- Contacting [Public IP]:1194 via UDP

21:38:20.956 -- EVENT: WAIT

21:38:20.961 -- Connecting to [[Public IP]]:1194 ([Public IP]) via UDPv4

21:38:30.928 -- EVENT: CONNECTION_TIMEOUT

21:38:30.953 -- EVENT: CORE_THREAD_INACTIVE

21:38:30.955 -- Tunnel bytes per CPU second: 0

21:38:30.956 -- ----- OpenVPN Stop -----

Server

Tue Nov 5 21:36:37 2019 us=776930 Current Parameter Settings:
Tue Nov 5 21:36:37 2019 us=777048 config = '/etc/openvpn/server.conf'
Tue Nov 5 21:36:37 2019 us=777078 mode = 1
Tue Nov 5 21:36:37 2019 us=777105 persist_config = DISABLED
Tue Nov 5 21:36:37 2019 us=777131 persist_mode = 1
Tue Nov 5 21:36:37 2019 us=777157 show_ciphers = DISABLED
Tue Nov 5 21:36:37 2019 us=777182 show_digests = DISABLED
Tue Nov 5 21:36:37 2019 us=777207 show_engines = DISABLED
Tue Nov 5 21:36:37 2019 us=777232 genkey = DISABLED
Tue Nov 5 21:36:37 2019 us=777257 key_pass_file = '[UNDEF]'
Tue Nov 5 21:36:37 2019 us=777281 NOTE: --mute triggered...
Tue Nov 5 21:36:37 2019 us=777332 277 variation(s) on previous 10 message(s) suppressed by --mute
Tue Nov 5 21:36:37 2019 us=777360 OpenVPN 2.4.0 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Oct 14 2018
Tue Nov 5 21:36:37 2019 us=777393 library versions: OpenSSL 1.0.2t 10 Sep 2019, LZO 2.08
Tue Nov 5 21:36:37 2019 us=779444 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
AUTH-PAM: BACKGROUND: INIT service='login'
Tue Nov 5 21:36:37 2019 us=780893 PLUGIN_INIT: POST /usr/lib/openvpn/openvpn-plugin-auth-pam.so '[/usr/lib/openvpn/openvpn-plugin-auth-pam.so] [login]' intercepted=PLUGIN_AUTH_USER_PASS_VERIFY
Tue Nov 5 21:36:37 2019 us=782096 Diffie-Hellman initialized with 2048 bit key
Tue Nov 5 21:36:37 2019 us=783594 TLS-Auth MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Nov 5 21:36:37 2019 us=784613 TUN/TAP device tun0 opened
Tue Nov 5 21:36:37 2019 us=784760 TUN/TAP TX queue length set to 100
Tue Nov 5 21:36:37 2019 us=784822 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Tue Nov 5 21:36:37 2019 us=784880 /sbin/ip link set dev tun0 up mtu 1500
Tue Nov 5 21:36:37 2019 us=789070 /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Tue Nov 5 21:36:37 2019 us=794576 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Tue Nov 5 21:36:37 2019 us=795882 Could not determine IPv4/IPv6 protocol. Using AF_INET
Tue Nov 5 21:36:37 2019 us=795953 Socket Buffers: R=[163840->163840] S=[163840->163840]
Tue Nov 5 21:36:37 2019 us=796001 UDPv4 link local (bound): [AF_INET][undef]:1194
Tue Nov 5 21:36:37 2019 us=796029 UDPv4 link remote: [AF_UNSPEC]
Tue Nov 5 21:36:37 2019 us=796062 GID set to nogroup
Tue Nov 5 21:36:37 2019 us=796098 UID set to nobody
Tue Nov 5 21:36:37 2019 us=796142 MULTI: multi_init called, r=256 v=256
Tue Nov 5 21:36:37 2019 us=796225 IFCONFIG POOL: base=10.8.0.2 size=252, ipv6=0
Tue Nov 5 21:36:37 2019 us=796261 ifconfig_pool_read(), in='KenVPNNoRouter,10.8.0.2', TODO: IPv6
Tue Nov 5 21:36:37 2019 us=796294 succeeded -> ifconfig_pool_set()
Tue Nov 5 21:36:37 2019 us=796320 ifconfig_pool_read(), in='Ken[Church],10.8.0.3', TODO: IPv6
Tue Nov 5 21:36:37 2019 us=796346 succeeded -> ifconfig_pool_set()
Tue Nov 5 21:36:37 2019 us=796371 ifconfig_pool_read(), in='KenVPN[Church]TCP,10.8.0.4', TODO: IPv6
Tue Nov 5 21:36:37 2019 us=796397 succeeded -> ifconfig_pool_set()
Tue Nov 5 21:36:37 2019 us=796422 ifconfig_pool_read(), in='KenVPNDomain,10.8.0.5', TODO: IPv6
Tue Nov 5 21:36:37 2019 us=796448 succeeded -> ifconfig_pool_set()
Tue Nov 5 21:36:37 2019 us=796475 IFCONFIG POOL LIST
Tue Nov 5 21:36:37 2019 us=796502 KenVPNNoRouter,10.8.0.2
Tue Nov 5 21:36:37 2019 us=796529 Ken[Church],10.8.0.3
Tue Nov 5 21:36:37 2019 us=796555 KenVPN[Church]TCP,10.8.0.4
Tue Nov 5 21:36:37 2019 us=796581 KenVPNDomain,10.8.0.5
Tue Nov 5 21:36:37 2019 us=796759 Initialization Sequence Completed
Tue Nov 5 21:36:59 2019 us=329628 MULTI: multi_create_instance called
Tue Nov 5 21:36:59 2019 us=329861 [Android IP]:35183 Re-using SSL/TLS context
Tue Nov 5 21:36:59 2019 us=330312 [Android IP]:35183 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Nov 5 21:36:59 2019 us=330383 [Android IP]:35183 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Tue Nov 5 21:36:59 2019 us=330571 [Android IP]:35183 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Nov 5 21:36:59 2019 us=330628 [Android IP]:35183 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
RTue Nov 5 21:36:59 2019 us=330797 [Android IP]:35183 TLS: Initial packet from [AF_INET][Android IP]:35183, sid=cbaa6216 53272962
WRWWRWRWRWRWRWRWRWRWTue Nov 5 21:37:09 2019 us=339745 MULTI: multi_create_instance called
Tue Nov 5 21:37:09 2019 us=340013 [Android IP]:64719 Re-using SSL/TLS context
Tue Nov 5 21:37:09 2019 us=340375 [Android IP]:64719 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Nov 5 21:37:09 2019 us=340444 [Android IP]:64719 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Tue Nov 5 21:37:09 2019 us=340608 [Android IP]:64719 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Nov 5 21:37:09 2019 us=340664 [Android IP]:64719 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
RTue Nov 5 21:37:09 2019 us=340811 [Android IP]:64719 TLS: Initial packet from [AF_INET][Android IP]:64719, sid=ce741051 0d8f77d2
WRWRWRWWRWRWRWRWRWRWTue Nov 5 21:37:19 2019 us=329539 MULTI: multi_create_instance called
Tue Nov 5 21:37:19 2019 us=329827 [Android IP]:30782 Re-using SSL/TLS context
Tue Nov 5 21:37:19 2019 us=330200 [Android IP]:30782 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Nov 5 21:37:19 2019 us=330270 [Android IP]:30782 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Tue Nov 5 21:37:19 2019 us=330431 [Android IP]:30782 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Nov 5 21:37:19 2019 us=330486 [Android IP]:30782 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
RTue Nov 5 21:37:19 2019 us=330632 [Android IP]:30782 TLS: Initial packet from [AF_INET][Android IP]:30782, sid=58b58a72 1d073695
WRWRWRWRWWRWRWRWRWRWTue Nov 5 21:37:29 2019 us=329473 MULTI: multi_create_instance called
Tue Nov 5 21:37:29 2019 us=329740 [Android IP]:52063 Re-using SSL/TLS context
Tue Nov 5 21:37:29 2019 us=330106 [Android IP]:52063 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Nov 5 21:37:29 2019 us=330176 [Android IP]:52063 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Tue Nov 5 21:37:29 2019 us=330338 [Android IP]:52063 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Nov 5 21:37:29 2019 us=330392 [Android IP]:52063 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
RTue Nov 5 21:37:29 2019 us=330536 [Android IP]:52063 TLS: Initial packet from [AF_INET][Android IP]:52063, sid=63318131 aaef2d4c
WWRWRWRWRWWRWRWRWRWRWTue Nov 5 21:37:39 2019 us=339426 MULTI: multi_create_instance called
Tue Nov 5 21:37:39 2019 us=339714 [Android IP]:56639 Re-using SSL/TLS context
Tue Nov 5 21:37:39 2019 us=340075 [Android IP]:56639 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Nov 5 21:37:39 2019 us=340146 [Android IP]:56639 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Tue Nov 5 21:37:39 2019 us=340308 [Android IP]:56639 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Nov 5 21:37:39 2019 us=340381 [Android IP]:56639 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
RTue Nov 5 21:37:39 2019 us=340527 [Android IP]:56639 TLS: Initial packet from [AF_INET][Android IP]:56639, sid=0ab69588 0bc93885
WWRWRWRWRWWRWRWRWRWRWRWTue Nov 5 21:37:49 2019 us=348500 MULTI: multi_create_instance called
Tue Nov 5 21:37:49 2019 us=348769 [Android IP]:51070 Re-using SSL/TLS context
Tue Nov 5 21:37:49 2019 us=349115 [Android IP]:51070 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Nov 5 21:37:49 2019 us=349185 [Android IP]:51070 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Tue Nov 5 21:37:49 2019 us=349346 [Android IP]:51070 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Nov 5 21:37:49 2019 us=349400 [Android IP]:51070 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
RTue Nov 5 21:37:49 2019 us=349533 [Android IP]:51070 TLS: Initial packet from [AF_INET][Android IP]:51070, sid=41e324be 43fcf511
WWRWRWRWRWWRWRWRWRWRWWTue Nov 5 21:38:00 2019 us=31788 [Android IP]:35183 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Nov 5 21:38:00 2019 us=31938 [Android IP]:35183 TLS Error: TLS handshake failed
Tue Nov 5 21:38:00 2019 us=32323 [Android IP]:35183 SIGUSR1[soft,tls-error] received, client-instance restarting
WTue Nov 5 21:38:09 2019 us=999059 [Android IP]:64719 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Nov 5 21:38:09 2019 us=999179 [Android IP]:64719 TLS Error: TLS handshake failed
Tue Nov 5 21:38:09 2019 us=999488 [Android IP]:64719 SIGUSR1[soft,tls-error] received, client-instance restarting
WWTue Nov 5 21:38:19 2019 us=69552 [Android IP]:30782 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Nov 5 21:38:19 2019 us=69648 [Android IP]:30782 TLS Error: TLS handshake failed
Tue Nov 5 21:38:19 2019 us=69936 [Android IP]:30782 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Nov 5 21:38:29 2019 us=17873 [Android IP]:52063 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Nov 5 21:38:29 2019 us=18005 [Android IP]:52063 TLS Error: TLS handshake failed
Tue Nov 5 21:38:29 2019 us=18314 [Android IP]:52063 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Nov 5 21:38:39 2019 us=648083 [Android IP]:56639 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Nov 5 21:38:39 2019 us=648199 [Android IP]:56639 TLS Error: TLS handshake failed
Tue Nov 5 21:38:39 2019 us=648508 [Android IP]:56639 SIGUSR1[soft,tls-error] received, client-instance restarting
Tue Nov 5 21:38:49 2019 us=786851 [Android IP]:51070 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Nov 5 21:38:49 2019 us=786958 [Android IP]:51070 TLS Error: TLS handshake failed
Tue Nov 5 21:38:49 2019 us=787330 [Android IP]:51070 SIGUSR1[soft,tls-error] received, client-instance restarting

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 7576
Joined: Fri Jun 03, 2016 1:17 pm

Re: Can't access VPN server

Post by TinCanTech » Thu Nov 07, 2019 8:38 pm

Looks like you forgot to use a username and password.

Please see:
viewtopic.php?f=30&t=22603#p68963

sauk42
OpenVpn Newbie
Posts: 5
Joined: Thu Nov 07, 2019 2:52 am

Re: Can't access VPN server

Post by sauk42 » Thu Nov 07, 2019 8:42 pm

I created a new certificate and imported to my phone. I entered my username upon importing and when I try to connect, I enter my password. I don't quite understand what you mean I forgot a username and password. Could you show me in the logs where you are talking about?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 7576
Joined: Fri Jun 03, 2016 1:17 pm

Re: Can't access VPN server

Post by TinCanTech » Thu Nov 07, 2019 8:49 pm

Config files please ...

sauk42
OpenVpn Newbie
Posts: 5
Joined: Thu Nov 07, 2019 2:52 am

Re: Can't access VPN server

Post by sauk42 » Thu Nov 07, 2019 9:12 pm

I have seen config files in other posts, but what ones would you need and paths?

sauk42
OpenVpn Newbie
Posts: 5
Joined: Thu Nov 07, 2019 2:52 am

Re: Can't access VPN server

Post by sauk42 » Fri Nov 08, 2019 1:54 am

TinCanTech wrote:
Thu Nov 07, 2019 8:49 pm
Config files please ...




server.conf

root@:/etc/openvpn# cat server.conf
port 1194
proto udp
dev tun
ca "/etc/openvpn/pki/ca.crt"
cert "/etc/openvpn/pki/issued/OMV1.crt"
key "/etc/openvpn/pki/private/OMV1.key" # This file should be kept secret
dh "/etc/openvpn/pki/dh.pem"
topology subnet
server 10.8.0.0 255.255.255.0
push "route 10.8.0.0 255.255.255.0"
ifconfig-pool-persist ipp.txt
;push "route 192.168.1.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
;client-to-client
keepalive 10 120
;comp-lzo
plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so login
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log
log /var/log/openvpn.log
verb 5
mute 10
crl-verify "/etc/openvpn/pki/crl.pem"

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 7576
Joined: Fri Jun 03, 2016 1:17 pm

Re: Can't access VPN server

Post by TinCanTech » Fri Nov 08, 2019 11:15 am


Post Reply