Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense VPN config need fresh eyes

    Scheduled Pinned Locked Moved OpenVPN
    7 Posts 3 Posters 2.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zonic
      last edited by

      Hi

      been trying to confgiure my first pfsense with OpenVPN, reading and following the posts and the different issues, also looked at youtube tutorial. Followed the tutorial step-by-step.

      but i cant seem to see the problem anymore, ive gone blind. so i need some fresh eyes.

      ok here are the part of logs from my android device: (using openVPNconnect APP)

      client exeception in transport_recv_execode:PolarSSL: SSL read error: SSL - processing of the certificate handshakemessage failed
      udp send error: send: network is unreachable
      udp send error: send: invalid argument
      udp send error: send: invalid argument
      server poll timeoutm trying next remote entry
      EVENT: RECONNECTING
      EVENT: RESOLVE

      Pfsense packet caputure:
      02:37:35.170293 IP 7.1.8.142.59213 > 8.2.1.1.1194: UDP, length 54
      –---------------android-phone external ip.....pfsense router----------------

      Pfsense OpenVPN log:

      Apr  2 00:48:40 pfSense openvpn[16696]: event_wait : Interrupted system call (code=4)

      Apr  2 00:48:40 pfSense openvpn[16696]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1557 192.168.3.1 192.168.3.2 init

      Apr  2 00:48:40 pfSense openvpn[16696]: SIGTERM[hard,] received, process exiting

      Apr  2 01:02:54 pfSense openvpn[19328]: OpenVPN 2.3.8 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 21 2015

      Apr  2 01:02:54 pfSense openvpn[19328]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09

      Apr  2 01:02:54 pfSense openvpn[19510]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts

      Apr  2 01:02:54 pfSense openvpn[19510]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file

      Apr  2 01:02:54 pfSense openvpn[19510]: TUN/TAP device ovpns1 exists previously, keep at program end

      Apr  2 01:02:54 pfSense openvpn[19510]: TUN/TAP device /dev/tun1 opened

      Apr  2 01:02:54 pfSense openvpn[19510]: ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)

      Apr  2 01:02:54 pfSense openvpn[19510]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0

      Apr  2 01:02:54 pfSense openvpn[19510]: /sbin/ifconfig ovpns1 10.0.10.1 10.0.10.2 mtu 1500 netmask 255.255.255.255 up

      Apr  2 01:02:54 pfSense openvpn[19510]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1557 10.0.10.1 10.0.10.2 init

      Apr  2 01:02:54 pfSense openvpn[19510]: UDPv4 link local (bound): [AF_INET]8.2.1.1:1194

      Apr  2 01:02:54 pfSense openvpn[19510]: UDPv4 link remote: [undef]

      Apr  2 01:02:54 pfSense openvpn[19510]: Initialization Sequence Completed

      Apr  2 01:08:33 pfSense openvpn[19510]: event_wait : Interrupted system call (code=4)

      Apr  2 01:08:33 pfSense openvpn[19510]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1557 10.0.10.1 10.0.10.2 init

      Apr  2 01:08:33 pfSense openvpn[19510]: SIGTERM[hard,] received, process exiting

      Apr  2 01:08:33 pfSense openvpn[37489]: OpenVPN 2.3.8 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 21 2015

      Apr  2 01:08:33 pfSense openvpn[37489]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09

      Apr  2 01:08:33 pfSense openvpn[37750]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts

      Apr  2 01:08:33 pfSense openvpn[37750]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file

      Apr  2 01:08:33 pfSense openvpn[37750]: TUN/TAP device ovpns1 exists previously, keep at program end

      Apr  2 01:08:33 pfSense openvpn[37750]: TUN/TAP device /dev/tun1 opened

      Apr  2 01:08:33 pfSense openvpn[37750]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0

      Apr  2 01:08:33 pfSense openvpn[37750]: /sbin/ifconfig ovpns1 10.0.10.1 10.0.10.2 mtu 1500 netmask 255.255.255.255 up

      Apr  2 01:08:33 pfSense openvpn[37750]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1557 10.0.10.1 10.0.10.2 init

      Apr  2 01:08:33 pfSense openvpn[37750]: UDPv4 link local (bound): [AF_INET]8.2.1.1:1194

      Apr  2 01:08:33 pfSense openvpn[37750]: UDPv4 link remote: [undef]
      Apr  2 01:08:33 pfSense openvpn[37750]: Initialization Sequence Completed

      Apr  2 01:14:00 pfSense openvpn[37750]: event_wait : Interrupted system call (code=4)

      Apr  2 01:14:00 pfSense openvpn[37750]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1557 10.0.10.1 10.0.10.2 init

      Apr  2 01:14:00 pfSense openvpn[37750]: SIGTERM[hard,] received, process exiting

      Apr  2 01:31:18 pfSense openvpn[79302]: OpenVPN 2.3.8 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 21 2015

      Apr  2 01:31:18 pfSense openvpn[79302]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09

      Apr  2 01:31:18 pfSense openvpn[79443]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts

      Apr  2 01:31:18 pfSense openvpn[79443]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file

      Apr  2 01:31:18 pfSense openvpn[79443]: TUN/TAP device ovpns1 exists previously, keep at program end

      Apr  2 01:31:18 pfSense openvpn[79443]: TUN/TAP device /dev/tun1 opened

      Apr  2 01:31:18 pfSense openvpn[79443]: ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)

      Apr  2 01:31:18 pfSense openvpn[79443]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0

      Apr  2 01:31:18 pfSense openvpn[79443]: /sbin/ifconfig ovpns1 192.168.3.1 192.168.3.2 mtu 1500 netmask 255.255.255.255 up

      Apr  2 01:31:18 pfSense openvpn[79443]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1557 192.168.3.1 192.168.3.2 init

      Apr  2 01:31:18 pfSense openvpn[79443]: UDPv4 link local (bound): [AF_INET]8.2.1.1:1194

      Apr  2 01:31:18 pfSense openvpn[79443]: UDPv4 link remote: [undef]
      Apr  2 01:31:18 pfSense openvpn[79443]: Initialization Sequence Completed

      Apr  2 01:46:41 pfSense openvpn[79443]: 10.19.54.168:35975 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:46:43 pfSense openvpn[79443]: 10.19.54.168:35975 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:46:45 pfSense openvpn[79443]: 10.19.54.168:35975 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:46:47 pfSense openvpn[79443]: 10.19.54.168:35975 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:46:49 pfSense openvpn[79443]: 10.19.54.168:35975 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:46:51 pfSense openvpn[79443]: 10.19.54.168:56911 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:46:53 pfSense openvpn[79443]: 10.19.54.168:56911 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:46:55 pfSense openvpn[79443]: 10.19.54.168:56911 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:46:57 pfSense openvpn[79443]: 10.19.54.168:56911 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:46:59 pfSense openvpn[79443]: 10.19.54.168:56911 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:01 pfSense openvpn[79443]: 10.19.54.168:35654 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:03 pfSense openvpn[79443]: 10.19.54.168:35654 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:05 pfSense openvpn[79443]: 10.19.54.168:35654 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:07 pfSense openvpn[79443]: 10.19.54.168:35654 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:09 pfSense openvpn[79443]: 10.19.54.168:35654 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:11 pfSense openvpn[79443]: 10.19.54.168:45505 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:13 pfSense openvpn[79443]: 10.19.54.168:45505 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:15 pfSense openvpn[79443]: 10.19.54.168:45505 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:17 pfSense openvpn[79443]: 10.19.54.168:45505 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:18 pfSense openvpn[79443]: 10.19.54.168:45198 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:47:18 pfSense openvpn[79443]: 10.19.54.168:45198 TLS Error: TLS handshake failed

      Apr  2 01:47:20 pfSense openvpn[79443]: 10.19.54.168:58565 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:47:20 pfSense openvpn[79443]: 10.19.54.168:58565 TLS Error: TLS handshake failed

      Apr  2 01:47:22 pfSense openvpn[79443]: 10.19.54.168:55365 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:47:22 pfSense openvpn[79443]: 10.19.54.168:55365 TLS Error: TLS handshake failed

      Apr  2 01:47:24 pfSense openvpn[79443]: 10.19.54.168:49767 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:47:24 pfSense openvpn[79443]: 10.19.54.168:49767 TLS Error: TLS handshake failed

      Apr  2 01:47:27 pfSense openvpn[79443]: 10.19.54.168:36890 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:47:27 pfSense openvpn[79443]: 10.19.54.168:36890 TLS Error: TLS handshake failed

      Apr  2 01:47:29 pfSense openvpn[79443]: 10.19.54.168:45482 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:47:29 pfSense openvpn[79443]: 10.19.54.168:45482 TLS Error: TLS handshake failed

      Apr  2 01:47:32 pfSense openvpn[79443]: 10.19.54.168:38967 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:47:32 pfSense openvpn[79443]: 10.19.54.168:38967 TLS Error: TLS handshake failed

      Apr  2 01:47:34 pfSense openvpn[79443]: 10.19.54.168:33215 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:47:34 pfSense openvpn[79443]: 10.19.54.168:33215 TLS Error: TLS handshake failed

      Apr  2 01:47:36 pfSense openvpn[79443]: 10.19.54.168:58448 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:47:36 pfSense openvpn[79443]: 10.19.54.168:58448 TLS Error: TLS handshake failed

      Apr  2 01:47:38 pfSense openvpn[79443]: 10.19.54.168:52964 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:47:38 pfSense openvpn[79443]: 10.19.54.168:52964 TLS Error: TLS handshake failed

      Apr  2 01:47:52 pfSense openvpn[79443]: 10.19.54.168:34365 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:54 pfSense openvpn[79443]: 10.19.54.168:34365 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:56 pfSense openvpn[79443]: 10.19.54.168:34365 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:47:58 pfSense openvpn[79443]: 10.19.54.168:34365 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:00 pfSense openvpn[79443]: 10.19.54.168:34365 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:02 pfSense openvpn[79443]: 10.19.54.168:41134 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:04 pfSense openvpn[79443]: 10.19.54.168:41134 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:06 pfSense openvpn[79443]: 10.19.54.168:41134 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:08 pfSense openvpn[79443]: 10.19.54.168:41134 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:10 pfSense openvpn[79443]: 10.19.54.168:41134 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:12 pfSense openvpn[79443]: 10.19.54.168:60874 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:14 pfSense openvpn[79443]: 10.19.54.168:60874 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:16 pfSense openvpn[79443]: 10.19.54.168:60874 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:18 pfSense openvpn[79443]: 10.19.54.168:60874 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:20 pfSense openvpn[79443]: 10.19.54.168:60874 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:28 pfSense openvpn[79443]: 10.19.54.168:47548 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:48:28 pfSense openvpn[79443]: 10.19.54.168:47548 TLS Error: TLS handshake failed

      Apr  2 01:48:31 pfSense openvpn[79443]: 10.19.54.168:48544 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:48:31 pfSense openvpn[79443]: 10.19.54.168:48544 TLS Error: TLS handshake failed

      Apr  2 01:48:33 pfSense openvpn[79443]: 10.19.54.168:42682 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:48:33 pfSense openvpn[79443]: 10.19.54.168:42682 TLS Error: TLS handshake failed

      Apr  2 01:48:36 pfSense openvpn[79443]: 10.19.54.168:56145 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:48:36 pfSense openvpn[79443]: 10.19.54.168:56145 TLS Error: TLS handshake failed

      Apr  2 01:48:38 pfSense openvpn[79443]: 10.19.54.168:42571 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:48:38 pfSense openvpn[79443]: 10.19.54.168:42571 TLS Error: TLS handshake failed

      Apr  2 01:48:41 pfSense openvpn[79443]: 10.19.54.168:45643 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:48:41 pfSense openvpn[79443]: 10.19.54.168:45643 TLS Error: TLS handshake failed

      Apr  2 01:48:43 pfSense openvpn[79443]: 10.19.54.168:48477 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:48:43 pfSense openvpn[79443]: 10.19.54.168:48477 TLS Error: TLS handshake failed

      Apr  2 01:48:45 pfSense openvpn[79443]: 10.19.54.168:39981 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:48:45 pfSense openvpn[79443]: 10.19.54.168:39981 TLS Error: TLS handshake failed

      Apr  2 01:48:47 pfSense openvpn[79443]: 10.19.54.168:43036 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:48:47 pfSense openvpn[79443]: 10.19.54.168:43036 TLS Error: TLS handshake failed

      Apr  2 01:48:51 pfSense openvpn[79443]: 10.19.54.168:49109 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:51 pfSense openvpn[79443]: 10.19.54.168:35889 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:48:51 pfSense openvpn[79443]: 10.19.54.168:35889 TLS Error: TLS handshake failed

      Apr  2 01:48:55 pfSense openvpn[79443]: 10.19.54.168:51829 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:48:57 pfSense openvpn[79443]: 10.19.54.168:51829 MULTI: new incoming connection would exceed maximum number of clients (10)
      Apr  2 01:48:59 pfSense openvpn[79443]: 10.19.54.168:51829 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:01 pfSense openvpn[79443]: 10.19.54.168:51829 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:03 pfSense openvpn[79443]: 10.19.54.168:51829 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:05 pfSense openvpn[79443]: 10.19.54.168:51724 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:07 pfSense openvpn[79443]: 10.19.54.168:51724 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:09 pfSense openvpn[79443]: 10.19.54.168:51724 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:11 pfSense openvpn[79443]: 10.19.54.168:51724 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:13 pfSense openvpn[79443]: 10.19.54.168:51724 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:15 pfSense openvpn[79443]: 10.19.54.168:46393 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:17 pfSense openvpn[79443]: 10.19.54.168:46393 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:19 pfSense openvpn[79443]: 10.19.54.168:46393 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:21 pfSense openvpn[79443]: 10.19.54.168:46393 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:23 pfSense openvpn[79443]: 10.19.54.168:46393 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:25 pfSense openvpn[79443]: 10.19.54.168:55797 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:27 pfSense openvpn[79443]: 10.19.54.168:55797 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:29 pfSense openvpn[79443]: 10.19.54.168:55797 MULTI: new incoming connection would exceed maximum number of clients (10)

      Apr  2 01:49:29 pfSense openvpn[79443]: 10.19.54.168:33699 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:49:29 pfSense openvpn[79443]: 10.19.54.168:33699 TLS Error: TLS handshake failed

      Apr  2 01:49:32 pfSense openvpn[79443]: 10.19.54.168:42500 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:49:32 pfSense openvpn[79443]: 10.19.54.168:42500 TLS Error: TLS handshake failed

      Apr  2 01:49:34 pfSense openvpn[79443]: 10.19.54.168:50246 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:49:34 pfSense openvpn[79443]: 10.19.54.168:50246 TLS Error: TLS handshake failed

      Apr  2 01:49:36 pfSense openvpn[79443]: 10.19.54.168:42211 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:49:36 pfSense openvpn[79443]: 10.19.54.168:42211 TLS Error: TLS handshake failed

      Apr  2 01:49:39 pfSense openvpn[79443]: 10.19.54.168:43184 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:49:39 pfSense openvpn[79443]: 10.19.54.168:43184 TLS Error: TLS handshake failed

      Apr  2 01:49:41 pfSense openvpn[79443]: 10.19.54.168:32770 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:49:41 pfSense openvpn[79443]: 10.19.54.168:32770 TLS Error: TLS handshake failed

      Apr  2 01:49:43 pfSense openvpn[79443]: 10.19.54.168:54215 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:49:43 pfSense openvpn[79443]: 10.19.54.168:54215 TLS Error: TLS handshake failed

      Apr  2 01:49:46 pfSense openvpn[79443]: 10.19.54.168:54037 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:49:46 pfSense openvpn[79443]: 10.19.54.168:54037 TLS Error: TLS handshake failed

      Apr  2 01:49:48 pfSense openvpn[79443]: 10.19.54.168:55609 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:49:48 pfSense openvpn[79443]: 10.19.54.168:55609 TLS Error: TLS handshake failed

      Apr  2 01:49:53 pfSense openvpn[79443]: 10.19.54.168:49109 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

      Apr  2 01:49:53 pfSense openvpn[79443]: 10.19.54.168:49109 TLS Error: TLS handshake failed

      Firewall rules:

      WAN - ipv4(udp) source:* dest:WAN address port:194(openvpn) Gateway:* queue:none  description:openvpn

      openvpn - Proto ipv4* Source:* Port:* Destination:* Port:* Gateway:* Queue:* Schedule: Description:openvpn

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        Clearly you have mutltiple issues going on…

        ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)

        That is not a good error... You need a new set of eyes for
        Apr  2 01:48:57 pfSense openvpn[79443]: 10.19.54.168:51829 MULTI: new incoming connection would exceed maximum number of clients (10

        Seems pretty freaking clear to me that your over your set 10 connections…  What specific guide did you follow??  Setting up openvpn on pfsense is really click click through the wizard.. 2 minutes would be a normal setup time I would think..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • Z
          zonic
          last edited by

          Yikes, that cant be good.  Those 10 connections happens when i test with one android phone, could be linked to option checked nr of concurrent clients set to 10.

          What tutorial dident i follow!! is more like it. Youtube guide with narrator. I went trough the wizard and easy peasy guides, so it looks good with the configuration. When you mention serious errors -What the freak is happening. Snort was installed and totaly fubar my isp connection, maybe i need to look at the install.

          Think its time to start fresh - delete all ca, fw rules and re-conf openVPN

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            To be honest walk through the wizard and if your vpn is not up an running in like 5 minutes your doing it wrong..

            The one thing missing in the wizard is the creation of the user..  But its not a wizard for setting up users, its a wizard for setting up the server.

            And for sure the installation of stuff like snort can mess you up.. Out of the box pfsense, openvpn wizard - working openvpn server in couple of minutes..

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • Z
              zonic
              last edited by

              Facing some more strangs issues, installing snort, antivirus seems to stop http traffic. Uninstall and it works again, also dashboard status acting strange - cpu,swap precent not working either.
              Strange, this is a week old install, could be a ssd issue?

              1 Reply Last reply Reply Quote 0
              • D
                divsys
                last edited by

                Strange, this is a week old install, could be a ssd issue?

                As johnpoz suggested, this stuff is pretty easy to get going - as long as you don't try and stuff everything in at once.
                Chances of a bad SSD are low (as long as it was new).
                Like the doctors say - "When you hear hoofbeats, think horses not zebras"

                My suggestion - start from scratch and follow the KISS principle - Keep It Simple Stupid.

                1. Get a basic box up with no packages, no addons, very basic firewall rule to allow Any-Any on LAN.
                2. Add in your OpenVPN connection, test with one user, prove it works.
                3. TAKE A BACKUP OF YOUR WORKING "Basic"CONFIG (makes it easier to get back to a "Good" state)
                4. Start adding all the other stuff you think you need.  Make labelled backups at points along the way so you have a fallback position if things go poorly.
                5. Let us know how it's going…....

                -jfp

                1 Reply Last reply Reply Quote 0
                • Z
                  zonic
                  last edited by

                  My toughts exactly - Clean sheets with backup. Cheers mate.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.