4. TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

  • T

    I have checked the normal things through google and everything is right...

    I was on this VPN literally 6 hours ago and zero changes have been made since then. I can get to some port forwarded applications, so I know the firewall is up and passing traffic...

    I did find an odd article that said time not set identical on both ends could cause this... Why would that have changed from 6 hours ago? I am really stumped.

    Device is a SG-3100.

    0
  • LAYER 8 Global Moderator

    Maybe the openvpn process died? Maybe where your at now, vs 6 hours ago is blocking the port your trying to connect to for vpn 1194?

    0
  • T

    Yeah, unfortunately I would have to drive over an hour to get to the site to check the firewall... It shouldn't be magically blocking the port. I disabled all firewalls on my client end to see if it was a port blocking issue. No RULES/NATS have changed since 6 hours ago. Makes more sense that the OPENVPN process died...

    Guess I need to setup remote management on the firewall if this is a normal thing to happen...

    I have had my home grown device for years without issue, this SG-3100 is only 5 days old and I have had to reboot it once last night due to traffic not passing and now the VPN wont work at all... Not a good sign of encouragement so far.

    0
  • LAYER 8 Global Moderator

    Have 2 sg3100 in production at remote locations.. Have had zero issues with them, they run and run and run..

    So your in the same place as before trying to access 6 hours ago. Yeah if you can access other stuff that is forwarded via the same IP as your accessing for vpn access...

    0
  • T

    Here is a screenshot of the status.
    [img]https://i.postimg.cc/KYzsL19Y/openvpn-status.png[/img]

    Here is a screenshot of the log.

    [img]https://i.postimg.cc/9QqDfb2X/openpvn-log.png[/img]

    Looks like around 8am this morning it took a dump. I can't seem to get it back online,

    0
  • LAYER 8

    maybe you have a client configured with an empty password. openvpn need to ask you for a password but it can't as there is no std/tty available so it die
    also you put something wrong on curstom option
    push ?
    you can check that file at line 48 ( /var/etc/openvpn/server1.conf )

    0
  • T

    There is a password 100%. I will check the file and see whats happening. So odd considering literally NOTHING changed.

    0
  • T

    So I added the following in the push config about 3 days ago...

    push Domain SEARCH and when the service restarted it didn't like that push command so it tanked.

    DO NOT USE domain search. :)

    0
  • LAYER 8

    push dhcp-option domain-search ?
    is it working now ?

    0
  • T

    Yeah, I decided to just use the following instead and its working.

    push dhcp-option Domain "domainname"

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy