TTL error when trying to openvpn server behind Cisco Router



  • Dear All,
    This is my situation:
    41.208.54.46<cisco router="">172.24.0.1–----172.24.0.50<pfsense>192.168.1.0--192.168.1.230 <server>This is my network and i am trying to access it using openvpn client but it is giving me this error shown below:
    Sun Dec 21 13:28:48 2014 UDPv4 link local (bound): [undef]
    Sun Dec 21 13:28:48 2014 UDPv4 link remote: [AF_INET]41.208.54.46:1194
    Sun Dec 21 13:29:48 2014 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Sun Dec 21 13:29:48 2014 TLS Error: TLS handshake failed
    Sun Dec 21 13:29:48 2014 SIGUSR1[soft,tls-error] received, process restarting
    Sun Dec 21 13:29:51 2014 UDPv4 link local (bound): [undef]
    Sun Dec 21 13:29:51 2014 UDPv4 link remote: [AF_INET]41.208.54.46:1194
    Sun Dec 21 13:30:51 2014 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Sun Dec 21 13:30:51 2014 TLS Error: TLS handshake failed
    Sun Dec 21 13:30:51 2014 SIGUSR1[soft,tls-error] received, process restarting
    Sun Dec 21 13:30:54 2014 UDPv4 link local (bound): [undef]
    Sun Dec 21 13:30:54 2014 UDPv4 link remote: [AF_INET]41.208.54.46:1194
    Sun Dec 21 13:31:55 2014 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Sun Dec 21 13:31:55 2014 TLS Error: TLS handshake failed
    Sun Dec 21 13:31:55 2014 SIGUSR1[soft,tls-error] received, process restarting
    Sun Dec 21 13:31:58 2014 UDPv4 link local (bound): [undef]
    Sun Dec 21 13:31:58 2014 UDPv4 link remote: [AF_INET]41.208.54.46:1194

    Please can someone help with the procedure to solve this issue</server></pfsense></cisco>



  • I had finally solved the issue. There was a need for port forwarding in the cisco router and please don't forget the openvpn is using udp and not tcp.
    Example
    router#configure terminal
    router(config)#ip nat inside source static udp <inside ip="" address="">1194 interface <outside interface="">1194.

    It is now connected but i don't know why i am receiving these information on my logs:

    Sun Dec 21 15:07:21 2014 [www.health.gov.sl] Peer Connection Initiated with [AF_INET]41.78.86.43:1194
    Sun Dec 21 15:07:25 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Sun Dec 21 15:07:25 2014 open_tun, tt->ipv6=0
    Sun Dec 21 15:07:25 2014 TAP-WIN32 device [Local Area Connection 3] opened: \.\Global{DDC1558A-72E9-4791-A8EE-F5D56AEFD254}.tap
    Sun Dec 21 15:07:25 2014 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.1.8.6/255.255.255.252 on interface {DDC1558A-72E9-4791-A8EE-F5D56AEFD254} [DHCP-serv: 10.1.8.5, lease-time: 31536000]
    Sun Dec 21 15:07:30 2014 ROUTE: route addition failed using CreateIpForwardEntry: Access is denied.  [status=5 if_index=29]
    Sun Dec 21 15:07:30 2014 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
    Sun Dec 21 15:07:33 2014 ERROR: Windows route add command failed [adaptive]: returned error code 1
    Sun Dec 21 15:07:33 2014 ROUTE: route addition failed using CreateIpForwardEntry: Access is denied.  [status=5 if_index=33]
    Sun Dec 21 15:07:33 2014 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
    Sun Dec 21 15:07:34 2014 ERROR: Windows route add command failed [adaptive]: returned error code 1
    Sun Dec 21 15:07:34 2014 ROUTE: route addition failed using CreateIpForwardEntry: Access is denied.  [status=5 if_index=33]
    Sun Dec 21 15:07:34 2014 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
    Sun Dec 21 15:07:34 2014 ERROR: Windows route add command failed [adaptive]: returned error code 1
    Sun Dec 21 15:07:34 2014 ROUTE: route addition failed using CreateIpForwardEntry: Access is denied.  [status=5 if_index=33]
    Sun Dec 21 15:07:34 2014 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
    Sun Dec 21 15:07:34 2014 ERROR: Windows route add command failed [adaptive]: returned error code 1
    Sun Dec 21 15:07:34 2014 ROUTE: route addition failed using CreateIpForwardEntry: Access is denied.  [status=5 if_index=33]
    Sun Dec 21 15:07:34 2014 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
    Sun Dec 21 15:07:36 2014 ERROR: Windows route add command failed [adaptive]: returned error code 1
    Sun Dec 21 15:07:36 2014 Initialization Sequence Completed</outside></inside>



  • Dear All,
    I had finally solved the issue with the error. All I did was to start openvpn client as an administrator.

    But i have another isssue:
    I can't ping all the devices in my LAN even when i can see that they alive from monitoring tool



  • firewalls on the lan-devices or gateway not correct on lan-devices?


Log in to reply