OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

Setting Up OpenVPN server and client in same machine

https://forums.openvpn.net/viewtopic.php?t=34836

Page 1 of 1

Setting Up OpenVPN server and client in same machine

Posted: Sun Sep 25, 2022 2:25 pm
by oat_m@yahoo.com
Hi ,
I am using a single Ubuntu 20.04 machine.

1) Is this possible to set up the openVPN Server and the Client both in the same machine and work as expected ?
2) My connection is behind NAT(broad band connection with wifi) .
2) while I am trying to connect to server from the client I am getting TLS Error.

ubuntu@ubuntu:/etc/openvpn/client$ sudo openvpn --client --config /etc/openvpn/client.conf
Sun Sep 25 15:35:41 2022 Unrecognized option or missing or extra parameter(s) in /etc/openvpn/client.conf:13: block-outside-dns (2.4.7)
Sun Sep 25 15:35:41 2022 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 22 2022
Sun Sep 25 15:35:41 2022 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Sun Sep 25 15:35:41 2022 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Sun Sep 25 15:35:41 2022 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Sun Sep 25 15:35:41 2022 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Sun Sep 25 15:35:41 2022 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Sun Sep 25 15:35:41 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]110.87.14.206:1194
Sun Sep 25 15:35:41 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sun Sep 25 15:35:41 2022 UDP link local: (not bound)
Sun Sep 25 15:35:41 2022 UDP link remote: [AF_INET]110.87.14.206:1194
Sun Sep 25 15:36:41 2022 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Sep 25 15:36:41 2022 TLS Error: TLS handshake failed
Sun Sep 25 15:36:41 2022 SIGUSR1[soft,tls-error] received, process restarting
Sun Sep 25 15:36:41 2022 Restart pause, 5 second(s)
Sun Sep 25 15:36:46 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]110.87.14.206:1194
Sun Sep 25 15:36:46 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sun Sep 25 15:36:46 2022 UDP link local: (not bound)
Sun Sep 25 15:36:46 2022 UDP link remote: [AF_INET]110.87.14.206:1194
Sun Sep 25 15:37:46 2022 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Sep 25 15:37:46 2022 TLS Error: TLS handshake failed
Sun Sep 25 15:37:46 2022 SIGUSR1[soft,tls-error] received, process restarting
Sun Sep 25 15:37:46 2022 Restart pause, 5 second(s)
Sun Sep 25 15:37:51 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]110.87.14.206:1194
Sun Sep 25 15:37:51 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sun Sep 25 15:37:51 2022 UDP link local: (not bound)
Sun Sep 25 15:37:51 2022 UDP link remote: [AF_INET]110.87.14.206:1194
Sun Sep 25 15:38:51 2022 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Sep 25 15:38:51 2022 TLS Error: TLS handshake failed
Sun Sep 25 15:38:51 2022 SIGUSR1[soft,tls-error] received, process restarting
Sun Sep 25 15:38:51 2022 Restart pause, 5 second(s)
Sun Sep 25 15:38:56 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]110.87.14.206:1194
Sun Sep 25 15:38:56 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]

Re: Setting Up OpenVPN server and client in same machine

Posted: Sun Sep 25, 2022 5:56 pm
by openvpn_inc
Hello,

> 1) Is this possible to set up the openVPN Server and the Client both in the same machine and work as expected ?

To be honest I have no clue what you mean by 'work as expected' in this scenario. VPN is designed to connect 2 different systems, why would you connect back to your own system? I don't think that was an expected use-case to be honest. But as to whether it will work, well, it should be able to connect. But what happens to your routing table afterwards could break the connection again. So I guess it just depends on what you're trying to achieve here. This scenario doesn't make a lot of sense.

> 2) My connection is behind NAT(broad band connection with wifi) .

If your server is reachable then it should work. In most cases that means doing port forwarding and possibly adding some firewall rules to open up some ports.

> 3) while I am trying to connect to server from the client I am getting TLS Error.

Yes because the server is apparently unreachable on the address 110.87.14.206 on port 1194. Probably something to do with port forwarding and firewall rules that still need to be setup.

I would suggest to use another machine to run connection tests to your server. Or can you give a valid use-case to connect back to your own machine that is also the server?

Kind regards,
Johan
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/