VPN Appears to connect to Access Server via HTTPS, but fails to create session with internal subnet

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
datasleuth
OpenVpn Newbie
Posts: 1
Joined: Sat Oct 29, 2022 4:35 pm

VPN Appears to connect to Access Server via HTTPS, but fails to create session with internal subnet

Post by datasleuth » Sat Oct 29, 2022 4:53 pm

I currently have Access Server installed on VirtualBox running Ubuntu server 18.04.06 LTS. I have a web domain with a static IP address set as my external IP. I have port forwarding for TCP 443, TCP 943, and UDP 1194. The AS Network Setting is using the FQDN: vpn.<mydomainname>.com
I can see the Access Server landing page when I type in https://vpn.<mydomain>.com so I know it is accessible for DNS and internet. I can log into my account as admin with the local IP (private subnet) as well as via browser at https://vpn.<mydomainname>.com/admin Finally, my site using a CA bundle.

It would seem everything is working fine; however, when I attempt to connect via OpenVPN Connect Client v3, the logs indicate a Server poll timeout. It appears to me that the connection via 443 is fine, but traffic is not being correctly routed internally to the webserver via UDP 1194. I am able to import the profile using the Connect App, so it is able to retrieve information from the server, it just won't establish the VPN connection for my internal network. I am looking to access my Desktop computer for work, as I have several virtual labs on it that I use for education and training.

Does anyone think this might have something to do with VirtualBox or is it likely a firewall issue?

LOG Snippet:
[Oct 29, 2022, 11:28:46] Connecting to [vpn.<mydomain>.com]:1194 (local IP) via UDPv4

[Oct 29, 2022, 11:28:50] Server poll timeout, trying next remote entry...

...EVENT: RECONNECTING

... EVENT: RESOLVE

..... REPEAT

..... EVENT: CONNECTION_TIMEOUT [ERR]

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1333
Joined: Tue Feb 16, 2021 10:41 am

Re: VPN Appears to connect to Access Server via HTTPS, but fails to create session with internal subnet

Post by openvpn_inc » Mon Oct 31, 2022 11:19 am

Hello datasleuth,

Here are some guesses based on information so far;

The message at least is clear; there was no connection possible on the address and port mentioned. Please check that vpn.<mydomain>.com resolves to the public IP address where your Access Server is supposed to be reachable, and that it isn't resolving to a private IP address, because that won't route on the Internet.

If https://vpn.mydomain.com/ is working from outside your network and shows the Access Server web interface, then at least that port is forwarding correctly and is reachable correctly. You can instruct OpenVPN Connect to use TCP only and see if a connection can be established that way. If TCP works but UDP doesn't, maybe you just need to redo the port forwarding and check if there's some firewall in the router blocking things, or maybe the router have its own OpenVPN implementation and is blocking that port from being used.

Good luck,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

Post Reply