TLS handshake failed



  • I followed the tutorial for road warrior configuration but I cannot get the openvpn server to work.
    I see in the server log:

    Aug 24 09:15:39 openvpn[13492]: 93.112.65.219:1194 LZO compression initialized
    Aug 24 09:15:39 openvpn[13492]: 93.112.65.219:1194 Re-using SSL/TLS context
    Aug 24 09:15:39 openvpn[13492]: 93.112.65.219:1194 TLS Error: TLS handshake failed
    Aug 24 09:15:39 openvpn[13492]: 93.112.65.219:1194 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Aug 24 09:14:38 openvpn[13492]: 93.112.65.219:1194 LZO compression initialized
    Aug 24 09:14:38 openvpn[13492]: 93.112.65.219:1194 Re-using SSL/TLS context
    Aug 24 08:40:49 openvpn[13492]: 93.112.65.219:1194 TLS Error: TLS handshake failed
    Aug 24 08:40:49 openvpn[13492]: 93.112.65.219:1194 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Aug 24 08:39:49 openvpn[13492]: 93.112.65.219:1194 LZO compression initialized
    Aug 24 08:39:49 openvpn[13492]: 93.112.65.219:1194 Re-using SSL/TLS context
    Aug 24 08:39:29 openvpn[13492]: Need IPv6 code in mroute_extract_addr_from_packet
    Aug 24 08:39:22 openvpn[13492]: Need IPv6 code in mroute_extract_addr_from_packet
    Aug 24 08:39:22 openvpn[13492]: Initialization Sequence Completed
    Aug 24 08:39:22 openvpn[13492]: UDPv4 link remote: [undef]
    Aug 24 08:39:22 openvpn[13492]: UDPv4 link local (bound): [undef]:1194
    Aug 24 08:39:21 openvpn[13471]: /etc/rc.filter_configure tun0 1500 1542 192.168.15.1 192.168.15.2 init
    Aug 24 08:39:21 openvpn[13471]: /sbin/ifconfig tun0 192.168.15.1 192.168.15.2 mtu 1500 netmask 255.255.255.255 up
    Aug 24 08:39:21 openvpn[13471]: TUN/TAP device /dev/tun0 opened
    Aug 24 08:39:21 openvpn[13471]: gw 81.180.x.y
    Aug 24 08:39:21 openvpn[13471]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible
    Aug 24 08:39:21 openvpn[13471]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008
    Aug 24 08:39:19 openvpn[12794]: SIGTERM[hard,] received, process exiting
    Aug 24 08:39:19 openvpn[12794]: /etc/rc.filter_configure tun0 1500 1543 192.168.15.1 192.168.15.2 init



  • Do you have an Advanced Outbound NAT Rule for your Road Warrior Network?  (Firewall/NAT/Outbound)

    What does your Road Warrior Firewall Rule look like on WAN interface?

    ![Picture 2.png](/public/imported_attachments/1/Picture 2.png)
    ![Picture 1.png_thumb](/public/imported_attachments/1/Picture 1.png_thumb)
    ![Picture 1.png](/public/imported_attachments/1/Picture 1.png)
    ![Picture 2.png_thumb](/public/imported_attachments/1/Picture 2.png_thumb)



  • The client at ip 93.112.65.219 is using port 1194 as the source port for outgoing connection which might be a problem. Add nobind -option to the client config, checking the "dynamic source port" -option will do that if the client is also a pfSense machine.

    Post the client side log as well if possible.



  • I've solved this one….was from the ISP, was blocking some ports...with another ISP is working...



  • Change the default port from 1194 to something else should resolve your ISP from blocking your VPN connection


Log in to reply