Re: OpenVPN on pfSense - Installation guide for (Windows) Dummies :-) (road-warrior)
-
I am going crazy. I see a successful firewall log stating that my client was not blocked, but the VPN doesn't work.
I am pretty sure I followed the guide 100%. Not sure what is going on here…
Sun Jul 12 00:51:16 2009 Restart pause, 2 second(s)
Sun Jul 12 00:51:18 2009 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Jul 12 00:51:18 2009 Re-using SSL/TLS context
Sun Jul 12 00:51:18 2009 LZO compression initialized
Sun Jul 12 00:51:18 2009 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun Jul 12 00:51:18 2009 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Jul 12 00:51:18 2009 Local Options hash (VER=V4): '41690919'
Sun Jul 12 00:51:18 2009 Expected Remote Options hash (VER=V4): '530fdded'
Sun Jul 12 00:51:18 2009 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Jul 12 00:51:18 2009 UDPv4 link local: [undef]
Sun Jul 12 00:51:18 2009 UDPv4 link remote: xxx.xxx.xxx.xxx:1194
[12:52:16 AM] joekonkus: Sun Jul 12 00:52:19 2009 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Jul 12 00:52:19 2009 TLS Error: TLS handshake failed
Sun Jul 12 00:52:19 2009 TCP/UDP: Closing socket
Sun Jul 12 00:52:19 2009 SIGUSR1[soft,tls-error] received, process restartingAny ideas?
-
About the same happened to me once as well. The workaround that fixed it for me was: set as protocol the other (if you're on UDP set TCP and vice versa), save the config and change it back. I'm Not sure why this is happening. I suspect a problem with the underlying version of OpenVPN.
-
Thanks for the suggestion. I tried it, it didn't work :(
-
The log you posted is from the client or the server?
If from the client: What does the server log show? -
The server shows nothing. Just these two entries.
Jul 12 21:41:45 openvpn[37390]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008
Jul 12 21:41:14 openvpn[37058]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008However,I do see port 1194 show up as "pass" in the firewall log.
I did not think to check my system log. I see this.
Jul 13 20:17:11 kernel: pid 35465 (openvpn), uid 0: exited on signal 10 (core dumped)
-
Seems like your OpenVPN instance crashed.
Could it be that you missconfigured something and thus the instance cannot start correctly?
Can you post your config of OpenVPN?
-
Would you like a screenshot? It looks exactly how the guide instructed, but who knows, maybe not.
I blanked out the certs.
-
I'm getting the same error, and so far as I've read and understand, all is config'd properly… This is with internal CA, until I can get the import of cacert.org's keys to succeed...