Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFSENSE TLS Error: TLS key negotiation failed to occur within 60 seconds

    Scheduled Pinned Locked Moved OpenVPN
    13 Posts 4 Posters 37.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jolejo10
      last edited by

      Yes the port is open|filtered, i'll check the wan rules tonight

      https://pentest-tools.com/network-vulnerability-scanning/udp-port-scanner-online-nmap

      1 Reply Last reply Reply Quote 0
      • A
        alirazafaisal
        last edited by

        Can anyone please help me how to check server logs and config.vpn file so that i may also share it here to resolve my issue.
        Thanks

        1 Reply Last reply Reply Quote 0
        • A
          alirazafaisal
          last edited by

          As i am new and you all are experts, kindly help me for step by step procedure. I will be grateful for this.

          1 Reply Last reply Reply Quote 0
          • V
            viragomann
            last edited by

            @alirazafaisal:

            Can anyone please help me how to check server logs and config.vpn file so that i may also share it here to resolve my issue.
            Thanks

            Go to Diagnostics > Command Prompt
            In the field beside "File to download" enter "/var/log/openvpn.log" and press Download.
            Then do the same with /var/etc/openvpn/server1.conf. If you have more than one server also download /var/etc/openvpn/server2.conf and so on.

            However, please respond to my question above.

            1 Reply Last reply Reply Quote 0
            • J
              jolejo10
              last edited by

              Here a look


              1 Reply Last reply Reply Quote 0
              • V
                viragomann
                last edited by

                Your WAN rule is okay to allow OpenVPN connections. The server should be reachable.

                So try to establish a connection from client and take a look in the server protocol (/var/log/openvpn.log) if the connection attempt is been logged.
                In doubt run Packet Capture from Diagnostic menu at WAN interface to see if your packet arrive. Maybe they don't.

                1 Reply Last reply Reply Quote 0
                • B
                  bitboy0
                  last edited by

                  I had the very same Problem here … because my client-router only likes SHA1 and PfSense creates CA/CERTS with SHA256 per default...

                  1 Reply Last reply Reply Quote 0
                  • J
                    jolejo10
                    last edited by

                    If anyone is still interest, here the step i made to make it work fiinaly,

                    1. I factory reset the pfsense
                    2. I did the same step that before but did something more in the open vpn -> client export
                    3. I check this option and put a password

                    Certificate Export Options
                    X Use Microsoft Certificate Storage instead of local files.
                    X Use a password to protect the pkcs12 file contents or key in Viscosity bundle.

                    4. I download the  Windows Installers (2.3.8-Ix01):…

                    5. In my other computer on another network  i uninstall openvpn and install it back with the new installer that contain the microsoft cert....

                    And it WORK :)
                    This time i did not change the network ip of my internal lan but i don't think that was why it didn't work....
                    I change it back after the vpn was right

                    1 Reply Last reply Reply Quote 0
                    • A
                      alirazafaisal
                      last edited by

                      Can you please let me know which procedure you adopted for the OPENVPN to work. please share the link so that I may get help.

                      1 Reply Last reply Reply Quote 0
                      • J
                        jolejo10
                        last edited by

                        If you check  online, they basicly do all the same procedure on youtube or on website, but you can follow this video
                        PfSense Open VPN Tutorial (with Narrator)    from    DlStreamnet
                        https://www.youtube.com/watch?v=VdAHVSTl1ys

                        The only step that i did more was the step that i write in the commend below

                        Certificate Export Options   
                              X Use Microsoft Certificate Storage instead of local files.
                              X Use a password to protect the pkcs12 file contents or key in Viscosity bundle.

                        Make sur you check those before download the openvpn file….

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.