OpenVPN is not working with some users
-
Hi everybody, due to the coronavirus hazard the company have been implementing home working and I use Open VPN in my pfsense to connect clients, and since yesterday some users are getting an error and can not connect to the office network, we are more than 20 users and anly 4 (2 using W7 and 2 using W10) are getting this error.
This is the error:
Mon Apr 06 09:45:22 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Apr 06 09:45:22 2020 TLS Error: TLS handshake failedIm using pfsense 2.4.4 and no change made.
Thanks in advace for your help.
-
This message could appear if the server is not reachable.
-
I know, but I'm reaching the server and more than 16 people are reaching the server, and the users are connected to internet.
-
That error is really generic and mostly connectivity related, as the message says.
Could be routing/peering issue between the Users ISP and the ISP you have on the server side. Are the 4 users with this error all using the same ISP?
How does a traceroute look from a working and not working client?-Rico
-
@Rico Hi, so far they have the same ISP, the thing is that is the same ISP that I have in the server side. Personally I have a different ISP and I can connect to the Office using openVPN.
-
@Rico I have other users well connected with the same ISP of the clients that are having problems
-
Did you traceroute a working Client VS non-working client and check if there is any difference?
Also sniff pfSense WAN and see if traffic of a non-working client even hit pfSense.-Rico
-
@Rico I am not a pro user of pfsense, could you please let me know how to sniff the wan?
And no, non trafic from non-working users is hiting pfsense, non at all.
-
How many clients do you allowed in your server's settings ?
-
Diagnostics > Packet Capture
https://docs.netgate.com/pfsense/en/latest/book/packetcapture/packet-captures-from-the-webgui.html-Rico
-
@YannTKO I do not remember if this number were asked when I did the configuration but that was not a problem before because they were working without problems until yesterday.
-
Also see and work through this guide: https://docs.netgate.com/pfsense/en/latest/book/openvpn/troubleshooting-openvpn.html
-Rico
-
Hi guys, I talkied with the ISP of this users and they confirm that the configuration changed and they are having this type of problems, we have to wait for them to fix it, thanks a lot for your help.
