TLS protocol error / log and config in post

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
westman
OpenVpn Newbie
Posts: 2
Joined: Thu May 25, 2023 5:15 pm

TLS protocol error / log and config in post

Post by westman » Thu May 25, 2023 5:20 pm

I receive an error when connecting a previously connected client to our vpn network. All other clients connect with out issue. Below is the error log and config file information
OpenVpn client version: 2.6.4 (latest)

Error:
Thu May 25 12:46:59 2023 TLS error: Unsupported protocol. This typically indicates that client and server have no common TLS version enabled. This can be caused by mismatched tls-version-min and tls-version-max options on client and server. If your OpenVPN client is between v2.3.6 and v2.3.2 try adding tls-version-min 1.0 to the client configuration to use TLS 1.0+ instead of TLS 1.0 only
Thu May 25 12:46:59 2023 OpenSSL: error:0A000102:SSL routines::unsupported protocol
Thu May 25 12:46:59 2023 TLS_ERROR: BIO read tls_read_plaintext error
Thu May 25 12:46:59 2023 TLS Error: TLS object -> incoming plaintext read error
Thu May 25 12:46:59 2023 TLS Error: TLS handshake failed


Config file contents - minus CA info:
client
dev tun
proto udp
explicit-exit-notify 3
remote x.x.x.x
resolv-retry infinite
nobind
persist-key
persist-tun
auth-user-pass
cipher AES-256-CBC
comp-lzo no
tun-mtu 45000
mssfix 0
#Enable following txqueuelen option on Linux Clients for better performance
#txqueuelen 1000
mute-replay-warnings



I tried to add the tls min 1.0 line to the config file but when i try to reconnect the client says it cannot open the config file.
i have also enabled tls 1.2 and 1.0 on the client machine The client machine is windows 11 and the OpenVPN server is running on a cisco rv260w router

Please advise?
I appreciate your assistance

Thank you
Westman

Fadim
OpenVPN User
Posts: 40
Joined: Mon May 15, 2023 12:14 pm

Re: TLS protocol error / log and config in post

Post by Fadim » Fri May 26, 2023 12:36 pm

As far as I can understand, the error log suggests a possible mismatch in TLS versions between the client and server configurations.

I'd suggest double-checking the syntax and making sure it's correctly placed within the configuration file. Also, ensure that the client machine has TLS 1.0 and 1.2 enabled.

westman
OpenVpn Newbie
Posts: 2
Joined: Thu May 25, 2023 5:15 pm

Re: TLS protocol error / log and config in post

Post by westman » Sun May 28, 2023 4:59 pm

@fadim- I have made sure all tls protocols are enabled in internet options on windows 11 client machine being 1.0, 1.2, and 1.3

Do you have a link or resource that would explain how to put the the proper syntax into the openvpn config file.
Ive tried copying and pasting from forums that the min tls is 1.0 but everytime i try openvpn unable to open the config file upon connect..
I thought it was a simple as opening the file in notepad and adding a line to the file.. am i missing something here?

Thank you for your assistance

/westman

Post Reply