TLS handshake failed
-
I followed the tutorial for road warrior configuration but I cannot get the openvpn server to work.
I see in the server log:Aug 24 09:15:39 openvpn[13492]: 93.112.65.219:1194 LZO compression initialized
Aug 24 09:15:39 openvpn[13492]: 93.112.65.219:1194 Re-using SSL/TLS context
Aug 24 09:15:39 openvpn[13492]: 93.112.65.219:1194 TLS Error: TLS handshake failed
Aug 24 09:15:39 openvpn[13492]: 93.112.65.219:1194 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Aug 24 09:14:38 openvpn[13492]: 93.112.65.219:1194 LZO compression initialized
Aug 24 09:14:38 openvpn[13492]: 93.112.65.219:1194 Re-using SSL/TLS context
Aug 24 08:40:49 openvpn[13492]: 93.112.65.219:1194 TLS Error: TLS handshake failed
Aug 24 08:40:49 openvpn[13492]: 93.112.65.219:1194 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Aug 24 08:39:49 openvpn[13492]: 93.112.65.219:1194 LZO compression initialized
Aug 24 08:39:49 openvpn[13492]: 93.112.65.219:1194 Re-using SSL/TLS context
Aug 24 08:39:29 openvpn[13492]: Need IPv6 code in mroute_extract_addr_from_packet
Aug 24 08:39:22 openvpn[13492]: Need IPv6 code in mroute_extract_addr_from_packet
Aug 24 08:39:22 openvpn[13492]: Initialization Sequence Completed
Aug 24 08:39:22 openvpn[13492]: UDPv4 link remote: [undef]
Aug 24 08:39:22 openvpn[13492]: UDPv4 link local (bound): [undef]:1194
Aug 24 08:39:21 openvpn[13471]: /etc/rc.filter_configure tun0 1500 1542 192.168.15.1 192.168.15.2 init
Aug 24 08:39:21 openvpn[13471]: /sbin/ifconfig tun0 192.168.15.1 192.168.15.2 mtu 1500 netmask 255.255.255.255 up
Aug 24 08:39:21 openvpn[13471]: TUN/TAP device /dev/tun0 opened
Aug 24 08:39:21 openvpn[13471]: gw 81.180.x.y
Aug 24 08:39:21 openvpn[13471]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible
Aug 24 08:39:21 openvpn[13471]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008
Aug 24 08:39:19 openvpn[12794]: SIGTERM[hard,] received, process exiting
Aug 24 08:39:19 openvpn[12794]: /etc/rc.filter_configure tun0 1500 1543 192.168.15.1 192.168.15.2 init -
Do you have an Advanced Outbound NAT Rule for your Road Warrior Network? (Firewall/NAT/Outbound)
What does your Road Warrior Firewall Rule look like on WAN interface?
![Picture 2.png](/public/imported_attachments/1/Picture 2.png)
![Picture 1.png_thumb](/public/imported_attachments/1/Picture 1.png_thumb)
![Picture 1.png](/public/imported_attachments/1/Picture 1.png)
![Picture 2.png_thumb](/public/imported_attachments/1/Picture 2.png_thumb) -
The client at ip 93.112.65.219 is using port 1194 as the source port for outgoing connection which might be a problem. Add nobind -option to the client config, checking the "dynamic source port" -option will do that if the client is also a pfSense machine.
Post the client side log as well if possible.
-
I've solved this one….was from the ISP, was blocking some ports...with another ISP is working...
-
Change the default port from 1194 to something else should resolve your ISP from blocking your VPN connection