TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
-
@joedoe said in TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity):
[AF_INET]192.168.0.50:1194
How is that going to work? Your blocking rfc1918.. Have to assume your box is on this 192.168.0/? network..
-
yes my box is on the network 192.168.0.0/24 => ip adress : 192.168.0.254/24
rfc1918 is block : it's the default rule in pfsense -
So uncheck the block of private networks in the WAN interface settings.
And ensure the OpenVPN access is forwarded correctly to pfSense WAN. -
Where do you think he would need to forward anything? He has a test box connected to pfsense wan network 192.168.0.. So source of his traffic would be 192.168.0.254 so yeah your blocking rfc1918 - its not going to work.
If you want to test your vpn connections using rfc1918, then your going to have to turn off the block rfc1918 rule.
-
@viragomann said in TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity):
And ensure the OpenVPN access is forwarded correctly to pfSense WAN.
how can i do it ?
-
You don't need to..
-
@johnpoz said in TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity):
You don't need to..
Ok i just diseable the restriction concerning rfc1918 and nothing change
-
Yes.. I you have some client on 192.168.0 and you want to connect to 192.168.0.50 to try and create a vpn connection to pfsense.. Your going to have to turn off that default block of rfc1918
What is your lan network? What did you use for tunnel? You could still run into a problem with such a test if yoru lan behind pfsense is also 192.168.0? Or you tunnel network overlaps either your wan or lan network address space.
BTW: Next time you want to draw some ascii art diagram
https://textik.com/
-
@johnpoz said in TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity):
Where do you think he would need to forward anything?
@viragomann said in TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity):
Is your WAN IP a public static one?
@joedoe said in TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity):
And for you last question yes it's a static ip
-
Ok
My client (w10 x64) is connected to my cell phone with the ip adress : 192.168.43.39/24
And here more informations concerning the architecture :
box : 192.168.0.254
|
|
WAN1FREE : 192.168.0.50/24
The tunnel network : 10.0.8.0/24
LAN : 192.168.1.3/24
|
|
.... -
And again what does his wan IP being static have to do with a forward? His test box is on 192.168.0 along with his pfsense wan?
-
@joedoe said in TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity):
my cell phone with the ip adress : 192.168.43.39/24
Huh??? Dude that is never going to work!!! How is some device out on the public internet?? Behind a Carrier grade nat going to get to a rfc1918 address? Your pfsense wan IP.. Is your cell phone on some wifi network that is routed to this 192.168.0 network??
Draw up where your cell phone is connecting and what this 192.168.0.254 box is???
-
@johnpoz
If his pfSense is in a private network, but his WAN is a public address, there is obviously a router in front of it.
I didn't realize that's a test environment with private networks. -
@viragomann said in TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity):
@johnpoz
If his pfSense is in a private network, but his WAN is a public address, there is obviously a router in front of it.
I didn't realize that's a test environment with private networks.Sorry maybe i wasn't enought accurate,
I just want to create a vpn access to my network and i want to give access from the outside. (i pretty new in network configuration, i'm learning)
I just want to test and configure a vpn so i just link my computerWhen i plug my computer to my box it works i can go to my network now.
But i just try to share my cell phone to my computer and it doesn't works. -
Confused to what this box is? Its some router - where is its internet connection?
If your on the internet you can not connect to some rfc1918 address. You would have to connect to a public IP, which you could forward into pfsense sure.
-
Yes it's a router, this box give a internet and have a public ip adresse.
-
i just try from my home and i can't connect to the vpn i don't understand.
-
If your on the internet how do you think you can connect to some rfc1918 address 192.168.x.x ??
When you create your export you need to put in your PUBLIC IP.. ie your ISP public IP, and the port your using for openvpn would have to be forwarded to pfsense IP.
-
@johnpoz said in TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity):
When you create your export you need to put in your PUBLIC IP.. ie your ISP public IP, and the port your using for openvpn would have to be forwarded to pfsense IP.
-
BTW "box" is not a good term for your router ;)
Normally box wold refer to a end device, computer, iot, dvr, etc. Not a router doing nat ;)... Maybe if you would of called it your ISP box ;)