TLS key negotiation failed to occur within 60 seconds



  • I have been setup OpenVPN on pfsense 2.0.3,create a client account, export to a windows 7 32bit machine.
    some times win7's openvpn client failed to connect to the pfsense-2.0.3,

    the client's log message:

    Mon Jun 17 13:13:48 2013 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
    Mon Jun 17 13:13:48 2013 WARNING: Make sure you understand the semantics of –tls-remote before using it (see the man page).
    Mon Jun 17 13:13:48 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Mon Jun 17 13:13:48 2013 Re-using SSL/TLS context
    Mon Jun 17 13:13:48 2013 UDPv4 link local (bound): [undef]:1194
    Mon Jun 17 13:13:48 2013 UDPv4 link remote: 112.112.112.112:1194
    Mon Jun 17 13:14:48 2013 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Mon Jun 17 13:14:48 2013 TLS Error: TLS handshake failed
    Mon Jun 17 13:14:48 2013 SIGUSR1[soft,tls-error] received, process restarting

    the pfsense's log messages

    Jun 17 13:14:48 openvpn[6345]: 10.10.10.10:6278 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Jun 17 13:14:48 openvpn[6345]: 10.10.10.10:6278 TLS Error: TLS handshake failed
    Jun 17 13:14:48 openvpn[6345]: 10.10.10.10:6278 Re-using SSL/TLS context
    Jun 17 13:14:48 openvpn[6345]: 10.10.10.10:6278 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Jun 17 13:14:48 openvpn[6345]: 10.10.10.10:6278 TLS Error: TLS handshake failed

    the openvpn official website suggest to check out the firewall's rules, but I am sure that there's no mistake about ruleset. and my win7 client could connect to pfsense last night.

    any suggestion?


Log in to reply