PFSENSE TLS Error: TLS key negotiation failed to occur within 60 seconds
-
Yes the port is open|filtered, i'll check the wan rules tonight
https://pentest-tools.com/network-vulnerability-scanning/udp-port-scanner-online-nmap
-
Can anyone please help me how to check server logs and config.vpn file so that i may also share it here to resolve my issue.
Thanks -
As i am new and you all are experts, kindly help me for step by step procedure. I will be grateful for this.
-
Can anyone please help me how to check server logs and config.vpn file so that i may also share it here to resolve my issue.
ThanksGo to Diagnostics > Command Prompt
In the field beside "File to download" enter "/var/log/openvpn.log" and press Download.
Then do the same with /var/etc/openvpn/server1.conf. If you have more than one server also download /var/etc/openvpn/server2.conf and so on.However, please respond to my question above.
-
Here a look
-
Your WAN rule is okay to allow OpenVPN connections. The server should be reachable.
So try to establish a connection from client and take a look in the server protocol (/var/log/openvpn.log) if the connection attempt is been logged.
In doubt run Packet Capture from Diagnostic menu at WAN interface to see if your packet arrive. Maybe they don't. -
I had the very same Problem here … because my client-router only likes SHA1 and PfSense creates CA/CERTS with SHA256 per default...
-
If anyone is still interest, here the step i made to make it work fiinaly,
1. I factory reset the pfsense
2. I did the same step that before but did something more in the open vpn -> client export
3. I check this option and put a passwordCertificate Export Options
X Use Microsoft Certificate Storage instead of local files.
X Use a password to protect the pkcs12 file contents or key in Viscosity bundle.4. I download the Windows Installers (2.3.8-Ix01):…
5. In my other computer on another network i uninstall openvpn and install it back with the new installer that contain the microsoft cert....
And it WORK :)
This time i did not change the network ip of my internal lan but i don't think that was why it didn't work....
I change it back after the vpn was right -
Can you please let me know which procedure you adopted for the OPENVPN to work. please share the link so that I may get help.
-
If you check online, they basicly do all the same procedure on youtube or on website, but you can follow this video
PfSense Open VPN Tutorial (with Narrator) from DlStreamnet
https://www.youtube.com/watch?v=VdAHVSTl1ysThe only step that i did more was the step that i write in the commend below
Certificate Export Options
X Use Microsoft Certificate Storage instead of local files.
X Use a password to protect the pkcs12 file contents or key in Viscosity bundle.Make sur you check those before download the openvpn file….