TLS Error: TLS key negotiation failed to occur within 60 sec

B!GBOY · Post by **B!GBOY** » Mon Jan 23, 2012 10:38 am

Hi I want to connect to my server running windows server 2003 from my PC running windows 7 I have configured both as it should be ( I think so ) but i cannot connect to server from my client. i also tried different ports 4666,80, 3724 but result is the same
I also searched for similar threads but it didn't help
please help me if you can
thanks in advanced
So here are the information:

Server Config:

Code: Select all

port 80
proto tcp
dev tun
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"  
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.key"  
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh1024.pem"
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
max-clients 20
persist-key
persist-tun
status openvpn-status.log
verb 3

Client Config:

Code: Select all

client
dev tap
proto tcp
remote 46.21.155.202 80
resolv-retry infinite
nobind
persist-key
persist-tun
ca C:\\keys\\ca.crt
cert C:\\keys\\client.crt
key C:\\keys\\client.key
comp-lzo
verb 3

Server Log:

Code: Select all

Sun Jan 22 20:50:02 2012 OpenVPN 2.2.1 Win32-MSVC++ [SSL] [LZO2] built on Jul  1 2011
Sun Jan 22 20:50:02 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Jan 22 20:50:02 2012 Diffie-Hellman initialized with 1024 bit key
Sun Jan 22 20:50:02 2012 TLS-Auth MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sun Jan 22 20:50:02 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Jan 22 20:50:02 2012 ROUTE default_gateway=46.21.155.193
Sun Jan 22 20:50:02 2012 TAP-WIN32 device [Local Area Connection 4] opened: \\.\Global\{CD05615D-6C8F-49DF-8214-BC03FF4F53D6}.tap
Sun Jan 22 20:50:02 2012 TAP-Win32 Driver Version 9.8 
Sun Jan 22 20:50:02 2012 TAP-Win32 MTU=1500
Sun Jan 22 20:50:02 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {CD05615D-6C8F-49DF-8214-BC03FF4F53D6} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
Sun Jan 22 20:50:02 2012 Sleeping for 10 seconds...
Sun Jan 22 20:50:12 2012 NOTE: FlushIpNetTable failed on interface [131074] {CD05615D-6C8F-49DF-8214-BC03FF4F53D6} (status=259) : No more data is available.  
Sun Jan 22 20:50:12 2012 C:\WINDOWS\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Sun Jan 22 20:50:12 2012 Warning: route gateway is not reachable on any active network adapters: 10.8.0.2
Sun Jan 22 20:50:12 2012 Route addition via IPAPI failed [adaptive]
Sun Jan 22 20:50:12 2012 Route addition fallback to route.exe
The route addition failed: Either the interface index is wrong or the gateway does not lie on the same network as the interface. Check the IP Address Table for the machine.
Sun Jan 22 20:50:12 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Jan 22 20:50:12 2012 Listening for incoming TCP connection on [undef]:80
Sun Jan 22 20:50:12 2012 TCPv4_SERVER link local (bound): [undef]:80
Sun Jan 22 20:50:12 2012 TCPv4_SERVER link remote: [undef]
Sun Jan 22 20:50:12 2012 MULTI: multi_init called, r=256 v=256
Sun Jan 22 20:50:12 2012 IFCONFIG POOL: base=10.8.0.4 size=62
Sun Jan 22 20:50:12 2012 IFCONFIG POOL LIST
Sun Jan 22 20:50:12 2012 MULTI: TCP INIT maxclients=20 maxevents=24
Sun Jan 22 20:50:12 2012 Initialization Sequence Completed
Sun Jan 22 20:50:17 2012 MULTI: multi_create_instance called
Sun Jan 22 20:50:17 2012 Re-using SSL/TLS context
Sun Jan 22 20:50:17 2012 LZO compression initialized
Sun Jan 22 20:50:17 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sun Jan 22 20:50:17 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Jan 22 20:50:17 2012 Local Options hash (VER=V4): 'c0103fa8'
Sun Jan 22 20:50:17 2012 Expected Remote Options hash (VER=V4): '69109d17'
Sun Jan 22 20:50:17 2012 TCP connection established with 178.131.236.193:3518
Sun Jan 22 20:50:17 2012 TCPv4_SERVER link local: [undef]
Sun Jan 22 20:50:17 2012 TCPv4_SERVER link remote: 178.131.236.193:3518
Sun Jan 22 20:50:17 2012 178.131.236.193:3518 Connection reset, restarting [0]
Sun Jan 22 20:50:17 2012 178.131.236.193:3518 SIGUSR1[soft,connection-reset] received, client-instance restarting
Sun Jan 22 20:50:17 2012 TCP/UDP: Closing socket
Sun Jan 22 20:50:18 2012 MULTI: multi_create_instance called
Sun Jan 22 20:50:18 2012 Re-using SSL/TLS context
Sun Jan 22 20:50:18 2012 LZO compression initialized
Sun Jan 22 20:50:18 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sun Jan 22 20:50:18 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Jan 22 20:50:18 2012 Local Options hash (VER=V4): 'c0103fa8'
Sun Jan 22 20:50:18 2012 Expected Remote Options hash (VER=V4): '69109d17'
Sun Jan 22 20:50:18 2012 TCP connection established with 178.131.236.193:3519
Sun Jan 22 20:50:18 2012 TCPv4_SERVER link local: [undef]
Sun Jan 22 20:50:18 2012 TCPv4_SERVER link remote: 178.131.236.193:3519
Sun Jan 22 20:50:18 2012 178.131.236.193:3519 TLS: Initial packet from 178.131.236.193:3519, sid=6c70381b 922b680a
Sun Jan 22 20:51:14 2012 MULTI: multi_create_instance called
Sun Jan 22 20:51:14 2012 Re-using SSL/TLS context
Sun Jan 22 20:51:14 2012 LZO compression initialized
Sun Jan 22 20:51:14 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sun Jan 22 20:51:14 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Jan 22 20:51:14 2012 Local Options hash (VER=V4): 'c0103fa8'
Sun Jan 22 20:51:14 2012 Expected Remote Options hash (VER=V4): '69109d17'
Sun Jan 22 20:51:14 2012 TCP connection established with 178.131.236.193:3527
Sun Jan 22 20:51:14 2012 TCPv4_SERVER link local: [undef]
Sun Jan 22 20:51:14 2012 TCPv4_SERVER link remote: 178.131.236.193:3527
Sun Jan 22 20:51:14 2012 178.131.236.193:3527 TLS: Initial packet from 178.131.236.193:3527, sid=a58d98d9 72aa1641
Sun Jan 22 20:51:18 2012 178.131.236.193:3519 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Jan 22 20:51:18 2012 178.131.236.193:3519 TLS Error: TLS handshake failed
Sun Jan 22 20:51:18 2012 178.131.236.193:3519 Fatal TLS error (check_tls_errors_co), restarting
Sun Jan 22 20:51:18 2012 178.131.236.193:3519 SIGUSR1[soft,tls-error] received, client-instance restarting
Sun Jan 22 20:51:18 2012 TCP/UDP: Closing socket
Sun Jan 22 20:52:14 2012 178.131.236.193:3527 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Jan 22 20:52:14 2012 178.131.236.193:3527 TLS Error: TLS handshake failed
Sun Jan 22 20:52:14 2012 178.131.236.193:3527 Fatal TLS error (check_tls_errors_co), restarting
Sun Jan 22 20:52:14 2012 178.131.236.193:3527 SIGUSR1[soft,tls-error] received, client-instance restarting
Sun Jan 22 20:52:14 2012 TCP/UDP: Closing socket
Sun Jan 22 20:52:19 2012 MULTI: multi_create_instance called
Sun Jan 22 20:52:19 2012 Re-using SSL/TLS context
Sun Jan 22 20:52:19 2012 LZO compression initialized
Sun Jan 22 20:52:19 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sun Jan 22 20:52:19 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Jan 22 20:52:19 2012 Local Options hash (VER=V4): 'c0103fa8'
Sun Jan 22 20:52:19 2012 Expected Remote Options hash (VER=V4): '69109d17'
Sun Jan 22 20:52:19 2012 TCP connection established with 178.131.236.193:3533
Sun Jan 22 20:52:19 2012 TCPv4_SERVER link local: [undef]
Sun Jan 22 20:52:19 2012 TCPv4_SERVER link remote: 178.131.236.193:3533
Sun Jan 22 20:52:19 2012 178.131.236.193:3533 TLS: Initial packet from 178.131.236.193:3533, sid=ea9021cd 9298f684
Sun Jan 22 20:53:19 2012 178.131.236.193:3533 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Jan 22 20:53:19 2012 178.131.236.193:3533 TLS Error: TLS handshake failed
Sun Jan 22 20:53:19 2012 178.131.236.193:3533 Fatal TLS error (check_tls_errors_co), restarting
Sun Jan 22 20:53:19 2012 178.131.236.193:3533 SIGUSR1[soft,tls-error] received, client-instance restarting
Sun Jan 22 20:53:19 2012 TCP/UDP: Closing socket
Sun Jan 22 21:20:46 2012 MULTI: multi_create_instance called
Sun Jan 22 21:20:46 2012 Re-using SSL/TLS context
Sun Jan 22 21:20:46 2012 LZO compression initialized
Sun Jan 22 21:20:46 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sun Jan 22 21:20:46 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Jan 22 21:20:46 2012 Local Options hash (VER=V4): 'c0103fa8'
Sun Jan 22 21:20:46 2012 Expected Remote Options hash (VER=V4): '69109d17'
Sun Jan 22 21:20:46 2012 TCP connection established with 178.131.236.193:4685
Sun Jan 22 21:20:46 2012 TCPv4_SERVER link local: [undef]
Sun Jan 22 21:20:46 2012 TCPv4_SERVER link remote: 178.131.236.193:4685
Sun Jan 22 21:20:46 2012 178.131.236.193:4685 TLS: Initial packet from 178.131.236.193:4685, sid=6b84bc0e 098a63e7
Sun Jan 22 21:21:46 2012 178.131.236.193:4685 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Jan 22 21:21:46 2012 178.131.236.193:4685 TLS Error: TLS handshake failed
Sun Jan 22 21:21:46 2012 178.131.236.193:4685 Fatal TLS error (check_tls_errors_co), restarting
Sun Jan 22 21:21:46 2012 178.131.236.193:4685 SIGUSR1[soft,tls-error] received, client-instance restarting
Sun Jan 22 21:21:46 2012 TCP/UDP: Closing socket
Sun Jan 22 21:21:51 2012 MULTI: multi_create_instance called
Sun Jan 22 21:21:51 2012 Re-using SSL/TLS context
Sun Jan 22 21:21:51 2012 LZO compression initialized
Sun Jan 22 21:21:51 2012 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sun Jan 22 21:21:51 2012 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Jan 22 21:21:51 2012 Local Options hash (VER=V4): 'c0103fa8'
Sun Jan 22 21:21:51 2012 Expected Remote Options hash (VER=V4): '69109d17'
Sun Jan 22 21:21:51 2012 TCP connection established with 178.131.236.193:4692
Sun Jan 22 21:21:51 2012 TCPv4_SERVER link local: [undef]
Sun Jan 22 21:21:51 2012 TCPv4_SERVER link remote: 178.131.236.193:4692
Sun Jan 22 21:21:51 2012 178.131.236.193:4692 TLS: Initial packet from 178.131.236.193:4692, sid=36963778 91819db8

Client Log:

Code: Select all

Mon Jan 23 13:55:44 2012 OpenVPN 2.2.1 Win32-MSVC++ [SSL] [LZO2] built on Jul  1 2011
Mon Jan 23 13:55:44 2012 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Jan 23 13:55:44 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Jan 23 13:55:44 2012 LZO compression initialized
Mon Jan 23 13:55:44 2012 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Mon Jan 23 13:55:44 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Jan 23 13:55:44 2012 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Mon Jan 23 13:55:44 2012 Local Options hash (VER=V4): '31fdf004'
Mon Jan 23 13:55:44 2012 Expected Remote Options hash (VER=V4): '3e6d1056'
Mon Jan 23 13:55:44 2012 Attempting to establish TCP connection with 46.21.155.202:80
Mon Jan 23 13:55:44 2012 TCP connection established with 46.21.155.202:80
Mon Jan 23 13:55:44 2012 TCPv4_CLIENT link local: [undef]
Mon Jan 23 13:55:44 2012 TCPv4_CLIENT link remote: 46.21.155.202:80
Mon Jan 23 13:55:45 2012 TLS: Initial packet from 46.21.155.202:80, sid=cbff2c71 22e3573c
Mon Jan 23 13:56:44 2012 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Jan 23 13:56:44 2012 TLS Error: TLS handshake failed
Mon Jan 23 13:56:44 2012 Fatal TLS error (check_tls_errors_co), restarting
Mon Jan 23 13:56:44 2012 TCP/UDP: Closing socket
Mon Jan 23 13:56:44 2012 SIGUSR1[soft,tls-error] received, process restarting
Mon Jan 23 13:56:44 2012 Restart pause, 5 second(s)
Mon Jan 23 13:56:49 2012 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Jan 23 13:56:49 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Jan 23 13:56:49 2012 Re-using SSL/TLS context
Mon Jan 23 13:56:49 2012 LZO compression initialized
Mon Jan 23 13:56:49 2012 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Mon Jan 23 13:56:49 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Jan 23 13:56:49 2012 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Mon Jan 23 13:56:49 2012 Local Options hash (VER=V4): '31fdf004'
Mon Jan 23 13:56:49 2012 Expected Remote Options hash (VER=V4): '3e6d1056'
Mon Jan 23 13:56:49 2012 Attempting to establish TCP connection with 46.21.155.202:80
Mon Jan 23 13:56:50 2012 TCP connection established with 46.21.155.202:80
Mon Jan 23 13:56:50 2012 TCPv4_CLIENT link local: [undef]
Mon Jan 23 13:56:50 2012 TCPv4_CLIENT link remote: 46.21.155.202:80
Mon Jan 23 13:56:50 2012 TLS: Initial packet from 46.21.155.202:80, sid=44627032 2a9959c4
Mon Jan 23 13:57:50 2012 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Jan 23 13:57:50 2012 TLS Error: TLS handshake failed
Mon Jan 23 13:57:50 2012 Fatal TLS error (check_tls_errors_co), restarting
Mon Jan 23 13:57:50 2012 TCP/UDP: Closing socket
Mon Jan 23 13:57:50 2012 SIGUSR1[soft,tls-error] received, process restarting
Mon Jan 23 13:57:50 2012 Restart pause, 5 second(s)