TLS Encryption and Authentication not working. Authentication only, working fine
-
@maartenv that is in the client export util
-
@maartenv Thanks, I was afraid I forgot to set that, But I did. Openvpn 2.5 settings are not included.
Can it have something to do with the fact that I use Adaptive LZO Compression or the NCP Encryption Algorithms? -
@johnpoz It is still not working. I have setup OpenVPN completely new but still the same. Without encryption it is working fine, but not with encryption.
Can it have something to do with the NCP Encryption Algorithms?When I look at the certifcates, the are exactly the same, the only difference is that <tls-auth> is changed in <tls-crypt> and that in the tls crypt file the line key-direction 1 disappeared.
But furthermore both Certivicates and OpenVPN static keys V1 are 100% identical
-
johnpoz LAYER 8 Global Moderatorlast edited by johnpoz Dec 16, 2020, 11:22 PM Dec 16, 2020, 11:21 PM
@maartenv said in TLS Encryption and Authentication not working. Authentication only, working fine:
I use Adaptive LZO Compression
You understand that was compromised quite some time ago and should not be used..
What like 2 years ago
https://community.openvpn.net/openvpn/wiki/VORACLEPost up your config.. I have no idea what else your doing.. To be honest you run through the wizard, and you have server up and running in like 2 minutes..
-
@johnpoz Running the wizard again is exactly what I already did with for most the default settings, like Omit preference. Please give me 15 minutes, than I will upload the config.
-
@johnpoz The[0_1608162720468_OpenVPN.config.pdf](Uploading 100%) config
-
johnpoz LAYER 8 Global Moderatorlast edited by johnpoz Dec 17, 2020, 12:21 AM Dec 17, 2020, 12:15 AM
And what is not working? What does the log say on connection? Your not using encryption there your using just auth.
Your not even using tls there.. And what are you using for auth? One sec an will post up mine
here
-
@johnpoz This is normally working. The problem is that when I set TLS Authentication to TLS Encryption and Authentication I don't get a connection anymore.
-
Your not using TLS.. so how would it encrypt.. You just have user auth set, not remote (ssl/tls)
-
@johnpoz You are right. Let me check again. I did that as well and also did not work, but I changed several other settings at the same time (stupid) and I had set it back to just the auth setting and now I forgot to enable SSL/TLS again.
-
@johnpoz Now I remember: In that case I could not create a new cert. Instead I got the message "If a client is missing from the list it is likely due to a CA mismatch between the OpnVPN server instance and the client certificate"
JohnPoz, I appreciate your help quite a lot, but here (Amsterdam) it is 1.30 am and I have to get up early tomorrow morning.
Tomorrow I will focus on that. Hope I can solve it then.
-
The wizard walks you through creating a CA and server cert.
Then just create a user cert from that CA.
-
@johnpoz I have been focusing on the wrong subject all the time. At a certain point you get too tired trying to solve a problem that you lose oversight. I had several certs for testing and probably used the wrong one. I will change that tomorrow and I am convinced that that probably is the problem.
Thanks a lot with your help and I will let you know if this indeed was the problem.
Have a nice day.
-
@maartenv : before redo your VPN setup : take the Youtube -> Netgate -> OpenVPN videos.
Zeker weten dat je al je vragen beantwoordt krijgt ;) -
@gertjan Dank je voor de tip, probleem is inmiddels opgelost
-
@maartenv Thanks for your help. Problem is solved now.
-
En de winnaar was.....
-
@pippin After I had changed the Local Port Number in a new Wizard run, the new port number was added to the WAN firewall rules.
When I was cleaning that up, by accident I removed the wrong port number.
And then you can do whatever you want, but you will never get it working
