AnswerBun.com

VPN connection reset

Server Fault Asked by bosnjak on January 1, 2022

I have a device running ArchLinux and OpenVPN, which was connecting to VPN server without problems until recently. Now it can’t connect, with the following output that keeps looping indefinitely: http://pastebin.com/BU6aiBVn

Is the WARNING message from the log the reason for this? I have checked the link provided in the log: http://openvpn.net/howto.html#mitm but I am currently using easy-rsa 2.0 to create the certificate and I am using it when connecting.

How can I investigate further? I guess this is not enough data for anyone to really know what is happening, but I am not sure what else to provide, so please say in the comments what else is needed for debugging this issue, and I will edit my question.

UPDATE
Also, now it seems that sometimes I get this error, but I am not sure what is different in such case:

Mar 31 09:39:32 alarmpi openvpn[530]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mar 31 09:39:32 alarmpi openvpn[530]: TLS Error: TLS handshake failed
Mar 31 09:39:32 alarmpi openvpn[530]: Fatal TLS error (check_tls_errors_co), restarting
Mar 31 09:39:32 alarmpi openvpn[530]: SIGUSR1[soft,tls-error] received, process restarting

UPDATE 2
As per MadHatter suggestion, I tried connecting via Telnet from the client, and it seems to work:

[[email protected] ~]# telnet <SERVER_IP> 443
Trying <SERVER_IP>...
Connected to <SERVER_IP>.
Escape character is '^]'.

UPDATE 3
It would seem that after the openvpn restart, clients are now able to connect. I am not sure what caused this or how it got overcome, but I can’t seem to reproduce this issue at the moment. I will try some more and if I can’t reproduce I will delete the question.

One Answer

I was also facing same issue, I just resolved it by doing this,

  1. open the firewall and allow 443

  2. make sure you are not establishing same connection anywhere else with your cert file or Password( only one VPN connection is allowed, If you want multiple client to be connected don't forget to use "--duplicate-cn " option)

Answered by MADHUKAR on January 1, 2022

Add your own answers!

Related Questions

RAID status monitoring HPE Smart Array E208i-p SR Gen10

2  Asked on November 7, 2021 by halfgaar

     

What does SATAu mean on Dells driver carriers?

1  Asked on November 7, 2021 by miho

   

squid : Block destination Subnet or IP addresses

1  Asked on November 7, 2021 by bhalu

     

Giving a guest user in Azure access to a VM

1  Asked on November 7, 2021 by kobus-myburgh

   

How to Disable Nginx’s module Nchan

1  Asked on November 4, 2021

   

ping command is not printing result to the console

1  Asked on November 4, 2021 by user583819

         

How to find out who created a Azure Service Bus queue?

0  Asked on November 4, 2021 by dijkgraaf

 

Ansible – copying and editing a remote file at the same time?

1  Asked on November 4, 2021 by kevin-keane

   

Problems with WEBDAV on lighttpd

0  Asked on November 4, 2021 by user3670606

   

Ask a Question

Get help from others!

© 2023 AnswerBun.com. All rights reserved. Sites we Love: PCI Database, MenuIva, UKBizDB, Menu Kuliner, Sharing RPP, SolveDir