OpenVPN hangs on connection



  • im getting this log in my openvpn client log.

    Fri Oct 17 04:54:34 2008 OpenVPN 2.1_rc13 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Oct  7 2008
    Fri Oct 17 04:54:41 2008 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
    Fri Oct 17 04:54:41 2008 LZO compression initialized
    Fri Oct 17 04:54:41 2008 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Fri Oct 17 04:54:41 2008 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
    Fri Oct 17 04:54:41 2008 Local Options hash (VER=V4): '41690919'
    Fri Oct 17 04:54:41 2008 Expected Remote Options hash (VER=V4): '530fdded'
    Fri Oct 17 04:54:41 2008 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Fri Oct 17 04:54:41 2008 UDPv4 link local: [undef]
    Fri Oct 17 04:54:41 2008 UDPv4 link remote: 89.x.x.x:1194
    Fri Oct 17 05:21:31 2008 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Oct 17 05:21:31 2008 TLS Error: TLS handshake failed

    my pfsense box is running (1.2.1-RC1 built on Sat Sep 13 03:44:44 EDT 2008)

    i followed the OpenVPN on pfSense - Installation guide for (Windows) Dummies :-) (road-warrior), to the dot.

    Any sugestions on how to fix this or what it is thats failing would be nice



  • just tried with an ovpn 2.1_rc8 since some one was having simmilar problems after upgrading from rc7,8 to 9 but still the same.



  • So i redid every thing and even used the pfsense box to make the keys using the scripts and guide from http://forum.pfsense.org/index.php/topic,4807.0.html and used the ovpn 2.1rc7 client but still have the same problem.

    i really am scratching my head atm. any help info or suggestions would REALLY be appreciated. i'll try from a different computer see if its some kind of unexplainable error on my laptop.



  • No same thing from a different "normal" laptop without costume os



  • Hi,
    I was having similar issues at one potin. Where my problem was is that i was copying the ta.key (The TLS key) that is generated when you create your tunnel on the server (pfbox) just using standard copy/paste. For some reason odd formatting was being added into the file and it would not work and would throw the error like you are getting because of an incorrect tls.

    I suggest enableing SSH access on your PFbox and using SCP to copy the "server1.tls-auth" key to your client or to another box where you can put it on a jumpdrive then move it to your client.

    Also, i would make sure in your  "server mode" for your openVPN server that it is not set to "Remote Access (SSL/TLS + User Auth ) if you have not set up your client to use a username/password. Otherwise you will get this error as well.

    If you do want to use the user auth.. Add this to the top of your client config and try it out. (It will pop-up a username/password box for you).

    –auth-user-pass

    If you are still having problems please post back with your config from your client and server and i will try to help you debug your settings.


Log in to reply