Openvpn tls key negotiation failed to occur within 60 seconds

Openvpn tls key negotiation failed to occur within 60 seconds

Openvpn tls handshake failed with linux server/windows

217.xxx.xxx.xxx:29229 Local Options String (VER=V4): ‘V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,cipher AES-128-CBC,auth SHA256,keysize 128,key-method 2,tls-server’ 2020-04-17T08:27:19.998+02:00 openvpn-VPN KUNZE[759]: 2
openvpn-VPN KUNZE[759]: 217.xxx.xxx.xxx:29229 2020-04-17T08:27:19.998+02:00 openvpn-VPN KUNZE[759]: 217.xxx.xxx.xxx:29229 ‘V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,cipher AES-128-CBC,auth SHA256,keysize 128,key-method 2,tls-client’ is the expected Remote Options String (VER=V4). ‘
217.xxx.xxx.xxx:29226 Local Options String (VER=V4): ‘V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,cipher AES-128-CBC,auth SHA256,keysize 128,key-method 2,tls-server’ 2020-04-17T08:28:24.925+02:00 openvpn-VPN KUNZE[759]: 2
openvpn-VPN KUNZE[759]: 217.xxx.xxx.xxx:29226 2020-04-17T08:28:24.925+02:00 openvpn-VPN KUNZE[759]: 217.xxx.xxx.xxx:29226 ‘V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,cipher AES-128-CBC,auth SHA256,keysize 128,key-method 2,tls-client’ is the planned Remote Options String (VER=V4).
2020-04-17T08:29:30.553+02:00; 2020-04-17T08:29:30.553+02:00; 2020-04-17T08 217.xxx.xxx.xxx:29227 openvpn-VPN KUNZE[759]: 217.xxx.xxx.xxx:29227 String of Local Options (VER=V4): ‘V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,cipher AES-128-CBC,auth SHA256,keysize 128,key-method 2,tls-server’ ‘V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,cipher AES-128-CBC,auth SHA256,keysize 128,key-method

Tutorial: pfsense openvpn configuration for remote users

Prior to connecting, I run the following script, which is supposed to punch a hole in the firewall (see phase 12 of the guide) – this is supposed to be automatic, but I can’t figure out where to put it to make it happen, but that’s a question for another post. For the time being, I’m going to run this manually: it seems that your issue is with the keys rather than the firewall; one of the most common problems when linking a Raspberry Pi and a VPN server is the OpenVPN version; for example, if the server is using (2.4) and the client is using 2.3 (as I would presume given the tutorial’s date), the keys may not be compatible; make sure both are using the latest version.

Openvpn with tls and user authentication on pfsense part1

When I try to sign up for Cyberghost using OpenVPN, I get the following error message since 3 days. (And, yes, I am aware that Cyberghost is unquestionably not the Easter candy; this year, I will be using another VPN.) CG’s website has rapidly become “unusable”).
‘V4,dev-type tun,link-mtu 1574,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client’, Fri Oct 25 18:05:42 2019 us=663111 Local Options String (VER=V4): ‘V4,dev-type tun,link-mtu 1574
Expected Remote Options String (VER=V4) for Fri Oct 25 18:05:42 2019 us=663111: ‘V4,dev-type tun,link-mtu 1574,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server’

Devops & sysadmins: openvpn: tls error: tls key

My configuration consists of a Plusnet Hub One router that is directly connected to the internet and has a static public IP address. The LEDE router is then placed behind the Hub One (everything that I can switch off on the Hub One to pass on all traffic to the LEDE, I think I have done). The internet connection from LAN devices is stable. I already have port forwards in place that allow me to access internal devices from the outside. On the Hub Router, I’ve also forwarded UDP 1194.
Yes, I’ve tried both port forwarding and configuring a DMZ with no luck. I am aware of the Hub One that is running LEDE. I borrowed a friend’s BT HH5, which he had purchased already converted from eBay. That was set up, but it was underpowered – OpenVPN client speeds were down by around 60% to 70%.
Otherwise, I might have converted my Hub One, but my soldering skills aren’t quite up to the challenge. To be fair, the Hub One has been performing admirably as is; otherwise, I was considering purchasing an OpenReach modem. Is it still possible that the double NAT is causing problems with the OpenVPN server?

About the author

admin

admin

View all posts