Server Fault Asked by bosnjak on January 1, 2022
I have a device running ArchLinux and OpenVPN, which was connecting to VPN server without problems until recently. Now it can’t connect, with the following output that keeps looping indefinitely: http://pastebin.com/BU6aiBVn
Is the WARNING message from the log the reason for this? I have checked the link provided in the log: http://openvpn.net/howto.html#mitm but I am currently using easy-rsa 2.0 to create the certificate and I am using it when connecting.
How can I investigate further? I guess this is not enough data for anyone to really know what is happening, but I am not sure what else to provide, so please say in the comments what else is needed for debugging this issue, and I will edit my question.
UPDATE
Also, now it seems that sometimes I get this error, but I am not sure what is different in such case:
Mar 31 09:39:32 alarmpi openvpn[530]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mar 31 09:39:32 alarmpi openvpn[530]: TLS Error: TLS handshake failed
Mar 31 09:39:32 alarmpi openvpn[530]: Fatal TLS error (check_tls_errors_co), restarting
Mar 31 09:39:32 alarmpi openvpn[530]: SIGUSR1[soft,tls-error] received, process restarting
UPDATE 2
As per MadHatter suggestion, I tried connecting via Telnet from the client, and it seems to work:
[[email protected] ~]# telnet <SERVER_IP> 443
Trying <SERVER_IP>...
Connected to <SERVER_IP>.
Escape character is '^]'.
UPDATE 3
It would seem that after the openvpn restart, clients are now able to connect. I am not sure what caused this or how it got overcome, but I can’t seem to reproduce this issue at the moment. I will try some more and if I can’t reproduce I will delete the question.
I was also facing same issue, I just resolved it by doing this,
open the firewall and allow 443
make sure you are not establishing same connection anywhere else with your cert file or Password( only one VPN connection is allowed, If you want multiple client to be connected don't forget to use "--duplicate-cn " option)
Answered by MADHUKAR on January 1, 2022
1 Asked on November 7, 2021 by michael-oryl
2 Asked on November 7, 2021 by halfgaar
1 Asked on November 7, 2021 by miho
1 Asked on November 7, 2021 by bhalu
1 Asked on November 7, 2021 by kobus-myburgh
3 Asked on November 4, 2021 by muhammad-ebrahym
1 Asked on November 4, 2021 by sanjeev
2 Asked on November 4, 2021 by julien-hardelin
1 Asked on November 4, 2021
1 Asked on November 4, 2021 by user583819
0 Asked on November 4, 2021 by dijkgraaf
1 Asked on November 4, 2021
containers docker google kubernetes engine ingress kubernetes
1 Asked on November 4, 2021
1 Asked on November 4, 2021 by kevin-keane
0 Asked on November 4, 2021 by oneofthedamons
active directory group policy powershell startup scripts windows server 2012
0 Asked on November 4, 2021 by xxestter
programsandfeatures server message block windows server 2016
2 Asked on November 4, 2021 by adeel-asif
active directory windows windows server 2008 windows server 2008 r2
2 Asked on November 4, 2021
Get help from others!
Recent Questions
Recent Answers
© 2023 AnswerBun.com. All rights reserved. Sites we Love: PCI Database, MenuIva, UKBizDB, Menu Kuliner, Sharing RPP, SolveDir