Echo Reply (ICMP) necessary for OpenVPN client to work?
-
@johnpoz thanks for the response. Is there any specific port/protocol needs to be open or anything for them to investigate at?
-
@jimp thanks for your response. I thought 1194/UDP was blocked so I switched to 443/TCP and all results are the same. I tried to open up web services (port forward) and see if these 3 users/location can access and yes, they can access ports 80 & 8081.
I have the pcap file captured while the client is attempting to contact the access server. Can it be uploaded here for review? Currently these users are temporarily using remote displays (Teamviewer or Anydesk) which is very slow.
thanks.
-
Packet capture wouldn't be helpful, really. The OpenVPN client log and OpenVPN server log would most likely have anything you'd need.
-
-
@jimp I left the user location already and only left with 1 vpn client log, mostly I got are pcap files. I have attached and let me know your thought. thank you.OpenVPN_client_Netgate_Forum.txt
-
TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
This says you couldn't connect.. See how it says check network connectivity..
-
Unfortunately that error from the client side is pretty generic. The server log would have better information. (And if there are no entries in the server log from their connection attempts, then they are definitely not connecting to the OpenVPN instance on the server side...)
-
^ true.. the log on the server will show if server is seeing any connection attempt at all..
-
@jimp let me dig the server logs corresponding to the date/time of the client. thanks
-
@wifimasters GUI logs is only 2000 lines maximum I can't dig longer. Actual log also the same.
-
Crank up the logfilter:
-Rico
-
@Rico thanks mate! will try this.